Certified Information Security Manager CISM 2018 E-Learning Kurs

Information Security Strategy Techniques
Information Security Relationship to Key Factors
Available InfoSec Governance Frameworks
Fundamental Concepts of Governance
Standards, Frameworks, and Best Practices
Governance Planning, Design, and Implementation
Integrating into Corporate Governance
Contributing Factors for InfoSec Development
Developing Business Cases
Strategic Budgetary Planning and Reporting
Exercise: Describe InfoSec Governance

Impact of Internal and External Influences
Commitment from Senior Leadership and Stakeholders
Senior Leadership and Stakeholder Communication
Responsibilities of the InfoSec Manager
Structures, Lines of Authority, and Escalation
Security Responsibilities of Organizational Staff
Monitoring Performance of InfoSec Responsibilities
Establishing Reporting and Communication Channels
Working with Key Information Security Metrics
Exercise: Define InfoSec Governance

Evaluating Impacts of Events on Information Assets
Recognizing Information Security Threat Sources

Risk Assessment and Analysis Methodologies
Prioritizing Risk Scenarios and Treatment
Realizing Risk Reporting Requirements
Risk Treatment and Response Methodologies
Comparing Control Baselines and Standards
Analyzing Information Security Controls and Methods
Information Security Gap Analysis Techniques
Risk Management for Business and IT Processes
Compliance Reporting Requirements and Processes
Performing Cost Benefit Analysis for Risk Assessment
Exercise: Define Information Risk Management

Aligning Security Programs with Business Functions
Acquiring and Managing Resource Requirements
Survey of Current and Emerging Security Technologies
Designing and Implementing Security Controls
Applying Information Security Controls and Resources
Security Standards, Procedures, and Guidelines
Regulations, Standards, Frameworks, and Practices
Implementing Information Security Standards
Exercise: Define Program Development and Control

Skills Training for Information Security Personne
Developing Security Awareness and Training Programs
Integrating Mandates into Organizational Processes
Contracts, Agreements and Third-party Management
Reviewing Third-party Contracts and Agreements
Implementing Operational Security Metrics
Testing the Effectiveness of Security Controls
Communicating Program Status to Key Stakeholders
Exercise: Describe Program Development & Management

Incident Management Concepts and Practices
Components of an Incident Response Plan
Map the BCP and DRP to the Incident Response Plan
Incident Classification and Categorization Methods
Defining Incident Containment Methods
Describing Notification and Escalation Processes
Roles and Responsibilities in Security Incidents
Incident Response Team Training, Tools and Equipment
Forensic Requirements for Handling Evidence
Exercise: Describe Security Incident Management

Incident Reporting Requirements and Procedures
Post-incident Review Practices and Investigations
Quantifying Damages, Costs and Business Impacts
Detecting, Logging, Analyzing and Documenting Events
Classifying Resources for Investigation of Incidents
Identifying Impact of Changes to the Environment
Techniques to Test the Incident Response Plan
Regulatory, Legal and Organization Requirements
KPIs and Metrics to Evaluate the Response Plan
Exercise: Define InfoSec s