Course Overview

It is considered one of the most important training courses in the field of information ecurity because it confirms your ability to define the current security situation and the development and supervision of the information security management framework in the organization to direct activities that support the information security strategy and the ability to classify information assets to ensure that the measures taken to protect those assets are commensurate with the value of their business and testify to ensure that the information security program adds value while supporting the operational goals of other business functions (such as human resources, accounting, procurement, information technology, ..) as well as defining your skills in classifying and evaluating security holes Accuracy and develop plans to ensure effective and timely response and deployment of security awareness within the organization

Course Outlines

Information Security Management

- Introduction to information security Governance

- Effective Information Security Governance

- Governance and Third Party Relationships

- Information Security Governance Metrics 

- Information Security Governance Metrics

- Information Security Strategy

- Information Security Strategy Development

- Strategy Resources and Constraints

- Other Frameworks

- Compliances

- Action Plans to Implement Strategy 

- Governance of Enterprise IT 

• Information Risk Management and Compliance
• - Information Risk Management 
• - Task and Knowledge Statements 
• - Risk Management Overview 
• - Risk Assessment 
• - Information Asset Classification 
• - Assessment Management
• - Information Resource Valuation 
• - Recovery Time objectives 
• - Security Control Baselines
• - Risk Monitoring
• - Training and Awareness 
• - Information Risk MAnagement Documentation
  
  
  • Information Security program development and management
  • - Information Security Program Management Overview
  • - Information Security Program Objectives 
  • - Information Security Program Concepts
  • - Information Security Program Technology Resources
  • - Information Security Program Development
  • - Information Security Program Framework
  • - Information Security Program Roadmap
  • -  Enterprise Information Security Architecture (EISA)
  • - Security Program Management and Administration
  • - Security Program Services and Operational Activities
  • - Controls
  • - Security Program Metrics and Monitoring
  • - Measuring Operational Performance
  • - Common Information Security Program Challenges
  • 
    
  • Information Security Incident Management
  • - Incident Management Overview
  • - Incident Management Procedures
    - Incident Management Resources 
  • - Incident Management Objectives
  • - Incident Management Metrics and Indicators
  • - Defining Incident Management Procedures 
  • - Business Continuity and Disaster Recovery Procedures
  • - Post Incident Activities and Investigation 
  • - ISACA Code of professional Ethics
  • - Laws and Regulations 
  • - Policy Versus Law Within an Organization
• 
  
  • 
    

Course Objectives

After CISM you will be able to :

• Establish and maintain an information security governance framework 
• Support operations to ensure that the information security strategy aligns with organizational goals
• Provide a mechanism for monitoring audit information systems, and professionals to monitor security and maintain their competence. 
• Perform risk analysis (Quantitative, Semiquantitative, Qualitative)
• Creating an information security awareness program
• Compliant management within the organization ( ISO 27 k - ISO 20000 - PSI - DSS)
• Manage the rik Management framework within your organization
• Managing resources within your organization to achieve security and business goals

Course Prerequisites

1. Basic Understanding of IT Services
2. Basic Understanding of IT Concept
   
   
3. 
   

Course Schedule

Course Delivery Format

1. In-Person Training:

Benefits:

Personal Interaction: Participants can interact with the instructor and fellow learners, fostering a sense of community.

Immediate Feedback: Instructors can provide real-time feedback, addressing questions and concerns on the spot.

Hands-on Activities: Practical exercises and group activities can be conducted more effectively in person.

1. Online Training:

Benefits:

Flexibility: Learners can access the course content at their own pace and time, accommodating diverse schedules.

Cost-Effective: Eliminates the need for travel and accommodation expenses, making it more economical.

Scalability: Can accommodate a large number of participants simultaneously, making it suitable for widespread audiences.

1. Blended Learning (Combination of In-Person and Online):

Benefits:

Flexibility: Combines the advantages of both in-person and online formats, offering a balance between structure and autonomy.

Cost-Efficiency: Reduces the need for extensive in-person sessions, saving on travel and venue costs.

Adaptability: Can cater to diverse learning styles by incorporating various modes of instruction.

1. Virtual Classrooms:

Benefits:

Real-Time Interaction: Allows for live Q&A sessions, discussions, and engagement with participants.

Accessibility: Participants from different locations can join without the need for physical presence.

Recording Options: Recordings can be made available for participants who may have missed the live session.

1. Self-Paced Learning (eLearning Modules, Videos):

Benefits:

Individualized Learning: Participants can progress at their speed, revisiting content as needed.

Consistency: Ensures uniform delivery of content to all participants.

24/7 Accessibility: Learners can access materials whenever and wherever is convenient for them.

1. Customized Courses:

Relevant Content: Tailored to specific organizational goals.

Industry Focus: Incorporates real industry challenges.

Adapted Learning: Matches varied skill levels of participants.

Focused Skills: Targets key competencies for job success.

Cultural Sensitivity: Respects diverse backgrounds within the organization.

Engaging Content: Uses relatable examples and scenarios.

Flexible Delivery: Adaptable to different learning formats.

Measurable Success: Sets clear objectives for easy evaluation.

Continuous Improvement: Uses feedback for ongoing enhancements.

Cost-Effective: Efficiently directs resources for maximum impact.