Earn the world’s premiere cybersecurity management certification, the ISACA CISM
- 40 hours of live, expert instruction with ten evening classes
- Hands-on risk management labs to provide you with real world experience
- Full access to the official ISACA CISM Training Materials
- Lifetime access to recorded video lessons
- Digital copies of CISM prep materials
- ISACA membership
- Fully paid exam voucher
- Exam scheduling assistance
- Guided study sessions
- First time pass guarantee – we will pay for your next exam attempt if you don’t pass on your first attempt
Class will run from Saturday to Sunday September 23 – 24, 30 – October 1, 7 – 8 11:00am – 06:00pm ET live through Zoom.
ISACA CISM Bootcamp Overview
This CISM Boot Camp is designed for experienced information security managers and other professionals who manage, design, oversee or assess an enterprise’s information security.
The training prepares you for the CISM examination by testing your knowledge and your ability to apply it to real-world scenarios. You will gain in-depth knowledge of security governance, risk management, security program development and management, and security incident management. The boot camp has been updated to align with the new CISM job practice areas and is designed to fully prepare you to pass the challenging CISM exam.
CISM training objectives
The CISM certification promotes international practices and validates your knowledge and experience around effective security management and consulting. The four CISM domains include:
- Security governance: To effectively address the challenges of protecting an organization’s assets, senior management must define the desired outcomes of the information security program.
- Risk management: Asset classification and valuation is an essential part of an effective risk management program — the greater the value, the greater the impact, the greater the risk.
- Information security program development and management: The purpose of this area is to implement management’s governance strategy — the “due diligence” and “due care” of protecting the corporation’s assets.
- Information security incident management: This area focuses on effectively managing unexpected (and expected) events, which may or may not be disruptive, and can be summed up in five words: identify, protect, detect, respond and recover.
What you’ll learn
- Information security governance
- The role of an information security steering group
- Legal and regulatory issues associated with internet businesses, global transmissions and transborder data flows
- Common insurance policies and imposed conditions
- Information security process improvement
- Recovery time objectives (RTO) for information resources
- Cost-benefit analysis techniques for mitigating risks to acceptable levels
- Security metrics design, development and implementation
- Information security management due to diligence activities and reviews of the infrastructure
- Events affecting security baselines that may require risk reassessments
- Changes to information security requirements in security plans, test plans and reperformance
- Disaster recovery testing for infrastructure and critical business applications
- External vulnerability reporting sources
- CISM information classification methods
- Life-cycle-based risk management principles and practices
- Security baselines and configuration management in the design and management of business applications and infrastructure
- Acquisition management methods and techniques
- Evaluation of vendor service level agreements and preparation of contract
Who should attend?
- Information security managers
- Information security consultants
- Chief information officers
- Chief information security officers
- Anyone interested in learning information security management skills and getting certified
Meet your Instructor: Jim Hollis
Jim Hollis is an instructor with over 25 years of technical knowledge and Cybersecurity training and development experience. He is proud to have provided instruction to over 15,000 students in the past 21 years and he appreciates the opportunity to educate students on all aspects of IT. He personally has been teaching cybersecurity for more than 25 years at various colleges and universities.