CISM International registered information security manager certification
Course Introduction
CISM International registered information security manager certification (Certified Information Security Manager) is a professional qualification launched by ISACA, which is specially designed for senior managers who are responsible for leading, planning and managing the overall information system security of enterprises. CISM aims at the management of information risk in business application and the solution of related problems, rather than an entry-level professional certification. CISM is designed for information security managers and professionals who are responsible for information security management. It improves the overall information system security management level of the enterprise, ensures to the senior management that the personnel with CISM professional qualification have the knowledge and ability to provide effective security management and consultation, and is business oriented in the application of business management, design and technical security It emphasizes the concept of information risk management. CISM is not suitable for information system auditors, but it is helpful for information system auditors with information system management experience and responsibilities
certification body
International Information System Audit Association (ISACA) assists enterprises and information technology leaders to create a reliable and value-added information and information system, with members in 180 countries and a total of more than 115, 000. Founded in 1969, ISACA is a global professional in the fields of information system audit, assurance, risk management, privacy and governanceProvides trusted resources for knowledge, community, standards and career development. ISACA provides cybersecurity NexusTM, a comprehensive professional resource for network security professionals.
Knowledge system
Chapter 2: Information Security Governance (24%)
Chapter 2: information risk management and compliance (33%)
Chapter 3: information security project development and management (25%)
Chapter 4: Information Security Incident Management (18%)
Chapter 3: information security project development and management (25%) Training objects: CIO, it manager; information security management personnel; it technical personnel, information security consultants; information security practitioners; risk management personnel, developers; other it related technical personnel, etc.
main contents
training contents:
training contents:
Information security governance (24%) establishes an information security governance structure to ensure that information security policies are consistent with business objectives, and comply with laws, regulations and regulatory requirements;
overview of information security governance
effective information security governance
information security concepts and technologies
governance and third-party relationships
information security governance metrics
Information Security Governance Summary of information security strategy
development of information security strategy
strategic objectives of information security
determination of risk status
development of information security strategy
strategic resources
strategic constraints
strategic action plan
implementation of Security Governance - example
in action planObjective aws.org
information security project group objective
information security risk management and compliance (33%) establish information security risk management system, which meets the regulatory requirements of laws and regulations;
risk management summary
risk management strategy
effective information security risk management
information security risk concept
implement risk management Risk assessment and analysis methods
risk assessment
information resource pricing
recovery time objective (RTO)
integrated life cycle process
security control baseline
risk monitoring and communication
Training and awareness
document

Information security project development and management (25%) design, develop, implement and manage information security process, and establish information security management framework;
overview of information security project group
effective development of information security project group
concept of information security project group
scope and charter of information security project group
information security management framework
Information security framework components
define information security project group roadmap
information security infrastructure and architecture
architecture implementation
security project group management and administration activities
security project group service and operation activities
control and response measures
Security Project Group Measurement and monitoring Common information security project group challenges
information security incident management (18%) establishes information security incident management process to deal with emergencies and recover;
information security incident management (18%)Event management summary
event response steps
event management organization
event management resources
event management objectives
event management measures and indicators
define event management steps
current situation of event response capability
develop event response plan
business continuity and disaster recovery steps
define event management steps
current situation of event response capability Test event response and business continuity / disaster recovery plan
implement response and recovery plan
post event activities and surveys
reference amazon certification login materials
CISM Review Manual 2016 CISM review questions, answers & Explanations manual 2016 CISM review questions, Answers & expositions manual 2016 supply
ISACA certification:
ISACA certification: audit, security, governance and risk and control
ISACA certification examination guide includes candidate information about examination registration, date and deadline, and provides important candidate details about daily management of the examination. Published on this website.
This guide introduces the following certifications: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), corporate information technology governance certification (cgeit), and wind powerRisk and information system terraform aws_acm_certificate_validation monitoring certification (crisc).

Oldal: Hogyan működik a HuPont.hu weboldalszerkesztő és honlap?
Ide írhatod a honlap főcímét, ami legfeljebb 75 karakter lehet! - © 2008 - 2024 - midowav.hupont.hu

A HuPont.hu segítségével a weboldalkészítés gyors! Itt kezdődik a saját weboldalkészítés!

ÁSZF | Adatvédelmi Nyilatkozat