CISM Classroom

CISM Classroom

 

Course Fees vary by region - for CISM course fees in your regions visit the ALC Global website

Register Now!

CISM™ Certified Information Security Manager 5 Day Intensive Classroom Course

ALC's Classroom CISM offers the most comprehensive and intensive CISM training and exam preparation available.

Presented by international security expert Krag Brotby, lead author of the official ISACA CISM Review manual, this 5-day program provides an intense environment in which participants can acquire, thoroughly and properly, the skills and knowledge expected of a world-class information security manager. In the process the course provides outstanding preparation for the CISM exam.

Next dates (click to register)

Ottawa (Canada) 26-30 May 2008
Atlanta GA (USA) 6-10 October 2008
Toronto (Canada) 13-17 October 2008
Washington DC (USA) 20-24 October 2008
Los Angeles CA (USA) 27-31 October 2008
Singapore (Singapore) 3-7 November 2008
Sydney (Australia) 10-14 November 2008

The ISACA® Certified Information Security Manager™ is the fastest growing and arguably the most prestigious qualification available for Information Security managers today.

CISM properly recognises that security is first and foremost a management rather than a technical issue. CISM defines the core competencies and international standards of performance that information security managers are expected to master. It provides executive management with the assurance that those who have earned their CISM have the experience and knowledge to offer effective security management and advice.

Background to the CISM Qualification

CISM has evolved from a comprehensive analysis of the tasks performed by, and knowledge areas that are required of, successful information security managers around the world. Five core competencies have been identified:

  1. Information Security Governance
  2. Risk Management
  3. Information Security Program Management
  4. Information Security Management
  5. Response Management

The CISM qualification has been created to measure and validate the attainment of international standards of performance that information security managers are expected to master. It provides executive management with the assurance that those who have earned their CISM have the experience and knowledge to offer effective security management and consulting services.

Who Should Earn the CISM Designation?

CISM is more than an entry-level certification. It is specifically developed for the information security professional who has acquired experience working on the front lines of information security. Individuals with three years or more of experience managing the information security function of an enterprise or performing such duties will find CISM tailored to their knowledge and skills.

Benefits of CISM Certification

  • Recognition of attainment of advanced job skills as required for an information security professional
  • Worldwide recognition as an information security manager
  • Opportunity to build upon existing certifications/credentials already earned
  • Provides tangible evidence of career growth
  • Potential for a salary increase and/or promotion

Exclusive Warranty

This course is the result of extensive research and development combined with high-level expertise. ALC backs the quality of this course unreservedly with an exclusive warranty. If for whatever reason the unthinkable should happen and you do not pass the CISM exam the first time, you are entitled to re-sit the entire course, or any part thereof, for free on any subsequent date.

Course Objectives

This course has been independently commissioned with two objectives:
1. To provide an environment in which security professionals can acquire, thoroughly and properly, the skills and knowledge expected of a world-class information security manager. Whether or not you intend to sit for the CISM exam, this course is a powerful way to equip yourself with the knowledge of the five core competencies that define the successful information security manager.
2. To maximise your prospects at the CISM exam if you choose to sit it.

Who Should Attend

The CISM designation is for Information Security professionals who have 3-5 years of front-line experience with the security of information. This credential is geared towards Information Security managers and those who have information security management responsibilities.

Course Structure

This 5-day course is structured to follow the CISM review manual and examination flow. A full day is provided for each of the core competencies and associated task and knowledge statements, thereby ensuring a detailed and thorough coverage of all areas that will be tested. The fundamental thrust of the examination is on understanding the concepts, not on memorising facts. As a result, the course will be presented in an interactive manner to ensure the underlying concepts are understood and examination questions can be analysed properly to achieve the correct answer.

Credits for Other Qualifications

If you have other security qualifications you may be entitled to a one, or even two, year experience waiver. Please refer to our website for details.

What You Receive

  • Official CISM Review Manual
  • CISM 100-Question Practice Test Manual
  • A structured program of assignments and exercises to complete after the course and before the exam
  • Email support after the course (up to two hours per participant)
  • Exclusive 2-hour exam-prep webinar with Krag Brotby

CISM Exam

Next Exam: Saturday 14 June 2008
Registration Deadline: Wednesday 9 April 2008
The CISM exam is set, administered and marked by ISACA, the Information Systems Audit and Control Association® (www.isaca.org) with chapters in more than 220 countries worldwide.

The CISM exam is held twice per year and consists of 200 multiple-choice questions that cover the CISM job practice areas. Comprehensive information is available in the 16-page PDF "CISM Exam Bulletin of Information" which can be downloaded from the ISACA web site or from the CISM page on our own web site.

You must register for the exam directly with ISACA. It is absolutely essential that you register by the Exam Closing Date. ISACA does not accept late registrations under any circumstances. You can register online at http://www.isaca.org/examreg/

1. Information Security Governance and Strategy

1. Introduction

  • Definition
  • Objectives
  • Tasks
  • Overview

2. Topics

  • Effective Information Security Governance
  • Key Information Security Concepts and Issues
  • The IS Manager _ Scope and Charter of Information Security Governance
  • IS Governance Metrics
  • Developing an IS Strategy – Common Pitfalls
  • IS Strategy Objectives
  • Determining Current State of Security
  • Strategy Resources
  • Strategy Constraints
  • Action Plan Immediate Goals
  • Action Plan Intermediate Goals

Practice Questions

Review of Practice Questions

Reference Materials and Glossary

2. Risk Management

1. Introduction

  • Definition
  • Objective
  • Tasks
  • Overview

2. Topics

  • Effective Information Security Risk Management
  • Integration into Life Cycle Processes
  • Implementing Risk Management
  • Risk Identification and Analysis Methods
  • Mitigation Strategies and Prioritisation
  • Reporting Changes to Management

Practice Questions

Review of Practice Questions

Reference Materials and Glossary

3. Information Security Programme Management

1. Introduction

  • Definition
  • Objectives
  • Tasks
  • Overview

2. Topics

  • Planning
  • Security Baselines
  • Business Processes
  • Infrastructure
  • Malicious Code (Malware)
  • Life Cycles
  • Impact on End Users
  • Accountability
  • Security Metrics
  • Managing Internal and External Resources

Practice Questions

Review of Practice Questions

Reference Materials and Glossary

4. Information Security Management

1. Introduction

  • Definition
  • Objective
  • Tasks
  • Overview

2. Topics

  • Implementing Effective Information Security Management
  • Security Controls and Policies
  • Standards and Procedures
  • Trading Partners and Service Providers
  • Security Metrics and Monitoring
  • The Change Management Process
  • Vulnerability Assessments
  • Due Diligence
  • Resolution of Non-Compliance Issues
  • Culture, Behaviour and Security Awareness

Practice Questions

Review of Practice Questions

Reference Materials and Glossary

5. Response Management

1. Introduction

  • Definition
  • Objectives
  • Tasks
  • Overview

2. Topics

  • Performing a Business Impact Analysis
  • Developing Response and Recovery Plans
  • Incident Response Processes
  • Testing the Response and Recovery Plans
  • Executing Response and Recovery Plans
  • Documenting Events
  • Post Event Reviews

Practice Questions

Review of Practice Questions

Reference Materials and Glossary

CISM Classroom Dates

Washington DC (USA) 14-18 April 2008
Chicago IL (USA) 21-25 April 2008
Sydney (Australia) 5-9 May 2008
Singapore (Singapore) 12-16 May 2008
Manilla (Philippines) 19-23 May 2008
Ottawa (Canada) 26-30 May 2008
Atlanta GA (USA) 6-10 October 2008
Toronto (Canada) 13-17 October 2008
Washington DC (USA) 20-24 October 2008
Los Angeles CA (USA) 27-31 October 2008
Singapore (Singapore) 3-7 November 2008
Sydney (Australia) 10-14 November 2008
Brisbane (Australia) 17-21 November 2008
Wellington (New Zealand) 24-28 November 2008

Register now.

Any Questions? Click Here...