Certified Information Security Manager (CISM®) Online Review Course - Self paced

Length 365 days access
Price $2269 inc GST

Course overview

Book now

Why study this course

The Certified Information Security Manager (CISM®) certification distinguishes you as having not only information security expertise, but also knowledge and experience in the development and management of an information security program. The uniquely management-focused CISM certification promotes international security practices and recognises the individual who manages, designs, oversees and assesses an enterprise’s information security.

The self-paced CISM Online Review Course is an online preparation course that prepares learners to pass the CISM certification exam using proven instructional design techniques and interactive activities. The course covers all four of the CISM domains, and each section corresponds directly to the CISM Exam Content Outline.

The course incorporates video, narrated interactive eLearning modules, downloadable, interactive workbooks, downloadable job aids, case study activities, and a practice exam. Learners will be able to navigate the course at their own pace, following a recommended structure, or target preferred job practice areas. Learners may also start and stop the course based on their study schedule, picking up exactly where they left off the next time they access the course.

This course has a seat time of approximately 16 hours and is accessed via the Learning Access tab of your MyISACA dashboard. 

Please note: The exam is not included in the course fee but can be purchased separately. Please contact us for a quote.

Request Course Information

What you’ll learn

After completing this course, participants should be able to:

Explain the relationship between executive leadership, enterprise governance and information security governance
Outline the components used to build an information security strategy
Explain how the risk assessment process influences the information security strategy
Articulate the process and requirements used to develop an effective information risk response strategy
Describe the components of an effective information security program
Explain the process to build and maintain an enterprise information security program
Outline techniques used to assess the enterprise’s ability and readiness to manage an information security incident
Outline methods to measure and improve response and recovery capabilities

ISACA at Lumify Work

ISACA provides practical guidance, benchmarks and other effective tools for all enterprises that use information systems. Through its comprehensive guidance and services, ISACA defines the roles of information systems governance, security, audit and assurance professionals worldwide.

Lumify Work is an Accredited Elite Partner of ISACA.

View all ISACA courses

Who is the course for?

This course is designed for IT professionals with technical expertise and experience in IS/IT security and control looking to transition from team player to manager, including:

Senior Executives
IT Managers
Information Security Professionals
IT Software System and Application Developers
IT Auditors

Course subjects

Domain 1 - Information Security Governance

Describe the role of governance in creating value for the enterprise.
Explain the importance of information security governance in the context of overall enterprise governance.
Describe the influence of enterprise leadership, structure and culture on the effectiveness of an information security strategy.
Identify the relevant legal, regulatory and contractual requirements that impact the enterprise.
Describe the effects of the information security strategy on enterprise risk management.
Evaluate the common frameworks and standards used to govern an information security strategy.
Explain why metrics are critical in developing and evaluating the information security strategy.

Domain 2 - Information Security Risk Management

Apply risk assessment strategies to reduce the impact of information security risk.
Assess the types of threats faced by the enterprise.
Explain how security control baselines affect vulnerability and control deficiency analysis.
Differentiate between application of risk treatment types from an information security perspective.
Describe the influence of risk and control ownership on the information security program.
Outline the process of monitoring and reporting information security risk.

Domain 3 - Information Security Program

Outline the components and resources used to build an information security program.
Distinguish between common IS standards and frameworks available to build an information security program.
Explain how to align IS policies, procedures and guidelines with the needs of the enterprise.
Describe the process of defining an IS program road map.
Outline key IS program metrics used to track and report progress to senior management.
Explain how to manage the IS program using controls.
Create a strategy to enhance awareness and knowledge of the information security program.
Describe the process of integrating the security program with IT operations and third-party providers.
Communicate key IS program information to relevant stakeholders.

Domain 4 - Incident Management

Distinguish between incident management and incident response
Outline the requirements and procedures necessary to develop an incident response plan.
Identify techniques used to classify or categorise incidents.
Outline the types of roles and responsibilities required for an effective incident management and response team
Distinguish between the types of incident management tools and technologies available to an enterprise.
Describe the processes and methods used to investigate, evaluate and contain an incident.
Identify the types of communications and notifications used to inform key stakeholders of incidents and tests.
Outline the processes and procedures used to eradicate and recover from incidents.
Describe the requirements and benefits of documenting events.
Explain the relationship between business impact, continuity and incident response.
Describe the processes and outcomes related to disaster recovery.
Explain the impact of metrics and testing when evaluating the incident response plan.

Prerequisites

It is recommended that you have 3-5 years of information security experience.

To earn the CISM certification, students must pass the CISM Exam and also meet the additional criteria as determined by ISACA.

Terms & Conditions

The supply of this course by Lumify Work is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.

Request Course Information

Looking for more course options?

View all ISACA courses View all Cyber Security courses

Offers

Continue your learning experience online with Lumify Plus
Lumify Plus (formerly DDLS Plus) is your online learning pathway to extend knowledge beyond courses. Get resources to help you practice what you learned and prepare for future courses, exams and certifications.
Find out more
Cyber Security Executive Bundle
Lumify Work offers cyber security training to cater for all levels of your organisation - from front-line staff to highly experienced senior cyber security professionals. We’ve partnered with the leading vendors to provide the most comprehensive cyber security training solutions in Australasia.
Find out more
Cyber Risk and Audit Professional Bundle
Do you want to show you have the skills to audit, control, monitor and assess your organisation’s information technology and business systems?
Find out more
Cyber Risk and Governance Professional Bundle
Are you interested in learning how to take a holistic approach addressing cyber threats and governing risk within organisations?
Find out more