Certified Information Security Manager

Course ID : ISACA CISM

Duration In-class (в days) : 5 days

Duration Online : 5 days

Сurriculum : in-class, Virtual Instructor-Led Training - ONLINE

Delivery : 15.09.2025 - 19.09.2025

Overview

Certified Information Security Manager® (CISM®) affirms your ability to assess risks, implement effective governance, and proactively respond to incidents. With a highlight on emerging technologies such as AI and blockchain, it guarantees your skillset meets evolving security threats and industry requirements. By addressing top-of-mind concerns like data breaches and ransomware attacks, crucial for IT professionals, this certification ensures you are staying ahead of the pace of change.

Audience for this course

Information security (IS) management executives/experts preparing for the internationally recognized professional certification

ISACA Certified Information Security Manager

Objective

Prerequisites for this course

CompTIA Security+ or ISC2 SSCP certification or equivalent knowledge and skills in information or cybersecurity fundamentals

Outcomes

    • Understanding the goals and objectives of the information security (IS) department, its place in the organizational structure
    • Knowledge of approaches to the formation of an IS strategy, in accordance with the goals and objectives of the business
    • Ability to manage information risks and conduct an IS audit
    • Ability to develop an approach to assessing the effectiveness and efficiency of the control environment in IT/IS operational activities

Outline

Day 1

    • Welcome
    • Course structure and objectives
    • Description of the methodology for preparing for the ISACA exams
    • Introduction to international standards and practices
    • General principles
    • Domain 1. The need for Corporate Information Security Governance
    • Information Security Technologies

Day 2

    • The scope and charter of Corporate Information Security Governance
    • Metrics of Corporate Information Security Governance
    • Development, implementation and management of the information security strategy
    • Domain 2. Key concepts of Risk Management
    • Implementation of the Risk Management process

Day 3

    • Assessment of the company’s information assets RTO, RPO, SDO metrics
    • Monitoring IT performance Risk monitoring
    • Domain 3. Overview of the process of creating and managing the Information Security Program
    • Creating an Information Security Program

Day 4

    • Managing the Information Security Program
    • Metrics of the Information Security Program and Monitoring
    • Domain 4. Key concepts of Incident Management
    • Resources, goals and metrics of incident management
    • Creating an Incident Management process
    • Creating an Incident Response Plan
    • Testing plans

Day 5

    • Rules for conducting a test exam
    • Test exam

Ask question

Обучение и сертификация в различных областях информационных технологий по продукции и технологиям мировых лидеров ИТ-рынка
Невский пр, дом 173, литер А
Санкт-Петербург
Санкт-Петербург
Россия
+7 (812) 611-15-75