ISACA Certified Information Security Manager (CISM®)
Training including examination and certification
.svg)
Machine Learning Engineer
Area 1: Information Security Governance
- Overview of corporate governance
- Organizational culture, structures, roles and responsibilities
- Legal, regulatory and contractual requirements
- Information security strategy
- Framework conditions and standards for information security
- Strategic planning
Area 2: Information Security Risk Management
- Risk and threat situation
- Analysis of weak points and control deficiencies
- Risk assessment, evaluation and analysis
- Response to information risks
- Risk monitoring, reporting and communication
Area 3: Information Security Program
- Development and resources for IS* programs*
- IS* standards* and frameworks
- Definition of an IS* program roadmap*
- IS* program metrics*
- IS-*Management (processes sensitization ) sensitization/training
- Integration of the security program into IT operations
- Program communication, reporting and performance management
Area 4: Incident Management
- Overview of incident management and incident response
- Incident management and incident response plans
- Classification/categorization of incidents
- Measures, tools and technologies for incident management
- Investigation, assessment, containment and communication of incidents
- Elimination, recovery and verification of incidents
- Impact on business and business continuity
- Disaster recovery planning
- Training, testing and evaluation
Requirements
There is no formal admission for attending the course.
The requirements for official ISACA® certification are:
1. passing the CISM® exam:
The examination can be taken without professional experience. After passing the exam, certification must be applied for within 5 years.
2. proof of at least five years of professional experience in information security management
This experience must have been gained within the last ten years before submitting the application or within five years of passing the examination.
3. coverage of at least three of the four CISM® domains
The professional experience must include practical knowledge in at least three of the following four areas:
- Information Security Governance
- Information Security Risk Management
- Information Security Program
- Incident Management
4. verifiability of professional experience
The professional experience must be confirmed by a higher authority (e.g. supervisor or HR department).
5. submission of the application for certification to ISACA®
- Online application or PDF form (depending on the case)
- Payment of an application fee of currently 50 USD
6. agreement to the ISACA® Code of Professional Ethics
Obligation to comply with ethical standards in the exercise of the profession
7. compliance with Continuing Professional Education (CPE) requirements
After certification: annual further training and proof of maintenance of the title
Additional info:
© ISACA®. All rights reserved.
CISM® is a registered trademark of ISACA®.
The training is conducted by the ISACA® accredited partner Digicomp Academy AG.
- Develop and manage a governance framework that aligns information security with business objectives
- Defining guidelines, responsibilities and control mechanisms within the framework of legal and regulatory requirements
- Identify, assess and prioritize information security risks based on threats, vulnerabilities and impacts
- Developing suitable risk treatment strategies and establishing continuous risk reporting and monitoring
- Establish and implement a comprehensive information security program that includes policies, measures, awareness and metrics
- Integrating security processes into business operations and managing internal and external resources
- Develop and maintain an incident management process for the effective detection, reporting and handling of security incidents
- Carrying out analysis, containment, recovery and
Depending on the type of learner, exam preparation requires at least 10-20 hours of additional time outside the classroom.
Exam format:
- 150 multiple-choice questions
- Duration: 4 hours (240 minutes)
- Implementation: Online with remote proctoring or in an authorized test center
- Language: Available in several languages (you specify the language when registering for the exam).
- Aids: none
The course is aimed at information security professionals with at least five years of professional experience - at least three of which must be in a senior security role.
The course is ideal for CISOs, CSOs, security managers and IT and compliance officers who want to take the next step in their management career. The CISM® certification strengthens your credibility when dealing with stakeholders, colleagues and supervisory authorities - both internally and externally.
.svg)
