• Home
  • CISM: Certified Information Security Manager
Cyber Security Manager CISM: Certified Information Security Manager

CISM: Certified Information Security Manager

495.00 396.00
$495.00 $396.00

You Can Save Big With Group Enrollment



1 - 10 Users = $396.00 (Per User)

11 - 25 Users = $336.60 (Per User)

26 - 50 Users = $252.45 (Per User)

51 - 100 Users = $159.04 (Per User)

Enroll Now
More Than 1 User? Save Money With Group Enrollment! Click Here
This Package Contains Courses - See More
  • Course Delivery: On Demand
  • Duration: 14.5 
  • Language: English
  • Difficulty: Intermediate

Chat Live | Contact Us | Toll Free: (888) 360-8764



The CISM certification program is developed specifically for experienced information security managers and those who have information security management responsibilities. CISM is globally recognized as the leading credential for information security managers. Our CISM Certified Information Security Manager course provides the student with the knowledge and proficiency to prepare for the globally recognized CISM certification exam. The CISM certification combines the achievement of passing a comprehensive exam with recognition of work, management and educational experience, providing you with greater credibility in the marketplace.

This course will immerse the student into the subject, with in-depth coverage of the information covering the four domains that make up the "Body of Knowledge" for the CISM exam and will provide the student the tools to build their technical skills to manage, design, oversee and assess an enterprise's information security.

This course features:

Video Lectures and Expert Instruction:

Our unique delivery simulates a one-on-one classroom environment, creating a more personal learning experience. Our highly certified expert instructors possess a superior understanding of the subject matter in their fields and have the ability to convey this knowledge in an effective, engaging, and professional manner to a wide audience. Practical knowledge is essential for success in a real world environment and we have chosen our instructors with this in mind - many of our instructors are business owners and have been employed in their respective fields for decades!


The hands-on demonstrations in our training allow the student to view practical application of concepts in real-world environments. Demonstrations are a way for the instructor to present how to perform a task on-screen in front of the student. This feature gives the student the power to see tasks performed by a professional in the intended environment as many times as they would like, without purchasing expensive software.

PowerPoint Slides and Visuals:

Our courses feature PowerPoint slides to illustrate concepts and complement the expert instruction. Many of the in-depth theories and processes discussed in our courses can be learned most efficiently through the detailed PowerPoint slides we provide. These slides are accompanied by an instructor voiceover to provide our students with a clear, efficient, and complete presentation of concepts.

Student Workbooks

Our courses feature printable Student Workbooks for every chapter. Our printable Student Workbooks are a study tool that allows students to take notes and bring the course material with them when they may not have access to a computer. Workbooks can also be used electronically to quickly review PowerPoint slides and training topics.


Topics Covered

This course teaches students about information security governance, information risk management, information security program development, and information security incident management.

Course Introduction - Duration: 3m

Domain 01 - Information Security Governance - Duration: 3h 48m

Lesson 1: Information Security Governance Overview

  • Information Security Governance Overview
  • Importance of Information Security Governance
  • Outcomes of Information Security Governance

Lesson 2: Effective Information Security Governance

  • Business Goals and Objectives
  • Roles and Responsibilities of Senior Management
  • Governance, Risk Management and Compliance
  • Business Model for Information Security
  • Dynamic Interconnections

Lesson 3: Information Security Concepts and Technologies

  • Information Security Concepts and Technologies
  • Technologies

Lesson 4: Information Security Manager

  • Responsibilities
  • Senior Management Commitment
  • Obtaining Senior Management Commitment
  • Establishing Reporting and Communication Channels

Lesson 5: Scope and Charter of Information Security Governance

  • Assurance Process Integration and Convergence
  • Convergence
  • Governance and Third-Party Relationships

Lesson 6: Information Security Governance Metrics

  • Metrics
  • Effective Security Metrics
  • Security Implementation Metrics
  • Strategic Alignment
  • Risk Management
  • Value Delivery
  • Resource Management
  • Performance Measurement
  • Assurance Process Integration/Convergence

Lesson 7: Information Security Strategy Overview

  • Another View of Strategy

Lesson 8: Creating Information Security Strategy

  • Information Security Strategy
  • Common Pitfalls
  • Objectives of the Information Security Strategy
  • What is the Goal?
  • Defining Objectives
  • Business Linkages
  • Business Case Development
  • Business Case Objectives
  • The Desired State
  • COBIT Controls
  • COBIT Framework
  • Capability Maturity Model
  • Balanced Scorecard
  • Architectural Approaches
  • ISO/IEC 27001 and 27002
  • Risk Objectives

Lesson 9: Determining Current State Of Security

  • Current Risk
  • BIA

Lesson 10: Information Security Strategy Development

  • Elements of a Strategy
  • The Roadmap
  • Strategy Resources and Constraints

Lesson 11: Strategy Resources

  • Policies and Standards
  • Definitions
  • Enterprise Information Security Architectures
  • Controls
  • Countermeasures
  • Technologies
  • Personnel
  • Organizational Structure
  • Employee Roles and Responsibilities
  • Skills
  • Audits
  • Compliance Enforcement
  • Threat Assessment
  • Vulnerability Assessment
  • Risk Assessment
  • Insurance
  • Business Impact Assessment
  • Outsourced Security Providers

Lesson 12: Strategy Constraints

  • Legal and Regulatory Requirements
  • Physical Constraints
  • The Security Strategy

Lesson 13: Action Plan to Implement Strategy

  • Gap Analysis
  • Policy Development
  • Standards Development
  • Training and Awareness
  • Action Plan Metrics
  • General Metric Considerations
  • CMM4 Statements
  • Objectives for CMM4
  • Domain 01 Review

Domain 02 - Information Risk Management - Duration: 2h 25m

Lesson 1: Risk Management Overview

  • Types of Risk Analysis
  • The Importance of Risk Management
  • Risk Management Outcomes
  • Risk Management Strategy

Lesson 2: Good Information Security Risk Management

  • Context and Purpose
  • Scope and Charter
  • Assets
  • Other Risk Management Goals
  • Roles and Responsibilities

Lesson 3: Information Security Risk Management Concepts

  • Technologies

Lesson 4: Implementing Risk Management

  • The Risk Management Framework
  • The External Environment
  • The Internal Environment
  • The Risk Management Context
  • Gap Analysis
  • Other Organizational Support
  • Risk Analysis

Lesson 5: Risk Assessment

  • NIST Risk Assessment Methodology
  • Aggregated or Cascading Risk
  • Other Risk Assessment Approaches
  • Identification of Risks
  • Threats
  • Vulnerabilities
  • Risks
  • Analysis of Relevant Risks
  • Risk Analysis
  • Semi-Quantitative Analysis
  • Quantitative Analysis Example
  • Evaluation of Risks
  • Risk Treatment Options
  • Impact

Lesson 6: Controls Countermeasures

  • Controls
  • Residual Risk
  • Information Resource Valuation
  • Methods of Valuing Assets
  • Information Asset Classification
  • Determining Classification
  • Impact

Lesson 7: Recovery Time Objectives

  • Recovery Point Objectives
  • Service Delivery Objectives
  • Third-Party Service Providers
  • Working with Lifecycle Processes
  • IT System Development
  • Project Management

Lesson 8: Risk Monitoring and Communication

  • Risk Monitoring and Communication
  • Other Communications
  • Domain 02 Review

Domain 03 - Information Security Program Development - Duration: 4h 9m

Lesson 1: Development of Information Security Program

  • Importance of the Program
  • Outcomes of Security Program Development
  • Effective Information Security Program Development

Lesson 2: Information Security Program Objectives

  • Program Objectives
  • Defining Objectives
  • Cross Organizational Responsibilities

Lesson 3: Information Security Program Development Concepts

  • Technology Resources
  • Information Security Manager

Lesson 4: Scope and Charter of Information Security Program Development

  • Assurance Function Integration
  • Challenges in Developing Information Security Program
  • Pitfalls
  • Objectives of the Security Program
  • Program Goals
  • The Steps of the Security Program
  • Defining the Roadmap
  • Elements of the Roadmap
  • Gap Analysis

Lesson 5: Information Security Management Framework

  • Security Management Framework
  • COBIT 5
  • ISO/IEC 27001

Lesson 6: Information Security Framework Components

  • Operational Components
  • Management Components
  • Administrative Components
  • Educational and Informational Components

Lesson 7: Information Security Program Resources

  • Resources
  • Documentation
  • Enterprise Architecture
  • Controls as Strategy Implementation Resources
  • Common Control Practices
  • Countermeasures
  • Technologies
  • Personnel
  • Security Awareness
  • Awareness Topics
  • Formal Audits
  • Compliance Enforcement
  • Project Risk Analysis
  • Other Actions
  • Other Organizational Support
  • Program Budgeting

Lesson 8: Implementing an Information Security Program

  • Policy Compliance
  • Standards Compliance
  • Training and Education
  • ISACA Control Objectives
  • Third-party Service Providers
  • Integration into Lifecycle Processes
  • Monitoring and Communication
  • Documentation
  • The Plan of Action

Lesson 9: Information Infrastructure and Architecture

  • Managing Complexity
  • Objectives of Information Security Architectures
  • Physical and Environmental Controls

Lesson 10: Information Security Program

  • Information Security Program Deployment Metrics
  • Metrics
  • Strategic Alignment
  • Risk Management
  • Value Delivery
  • Resource Management
  • Assurance Process Integration
  • Performance Measurement
  • Security Baselines

Lesson 11: Security Program Services and Operational Activities

  • IS Liaison Responsibilities
  • Cross-Organizational Responsibilities
  • Security Reviews and Audits
  • Management of Security Technology
  • Due Diligence
  • Compliance Monitoring and Enforcement
  • Assessment of Risk and Impact
  • Outsourcing and Service Providers
  • Cloud Computing
  • Integration with IT Processes
  • Domain 03 Review

Domain 04 - Information Security Incident Management - Duration: 4h 20m

Lesson 1: Incident Management Overview

  • Incident Management Overview
  • Types of Events
  • Goals of Incident Management

Lesson 2: Incident Response Procedures

  • Incident Response Procedures
  • Importance of Incident Management
  • Outcomes of Incident Management
  • Incident Management
  • Concepts
  • Incident Management Systems

Lesson 3: Incident Management Organization

  • Incident Management Organization
  • Responsibilities
  • Senior Management Commitment

Lesson 4: Incident Management Resources

  • Policies and Standards
  • Incident Response Technology Concepts
  • Personnel
  • Roles and Responsibilities (eNotes)
  • Skills
  • Awareness and Education
  • Audits

Lesson 5: Incident Management Objectives

  • Defining Objectives
  • The Desired State
  • Strategic Alignment
  • Other Concerns

Lesson 6: Incident Management Metrics and Indicators

  • Implementation of the Security Program Management
  • Management Metrics and Monitoring
  • Other Security Monitoring Efforts

Lesson 7: Current State of Incident Response Capability

  • Threats
  • Vulnerabilities

Lesson 8: Developing an Incident Response Plan

  • Elements of an Incident Response Plan
  • Gap Analysis
  • BIA
  • Escalation Process for Effective IM
  • Help Desk Processes for Identifying Security Incidents
  • Incident Management and Response Teams
  • Organizing, Training, and Equipping the Response Staff
  • Incident Notification Process
  • Challenges in making an Incident Management Plan

Lesson 9: BCP/DRP

  • Goals of Recovery Operations
  • Choosing a Site Selection
  • Implementing the Strategy
  • Incident Management Response Teams
  • Network Service High-availability
  • Storage High-availability
  • Risk Transference
  • Other Response Recovery Plan Options

Lesson 10: Testing Response and Recovery Plans

  • Periodic Testing
  • Analyzing Test Results
  • Measuring the Test Results

Lesson 11: Executing the Plan

  • Updating the Plan
  • Intrusion Detection Policies
  • Who to Notify about an Incident
  • Recovery Operations
  • Other Recovery Operations
  • Forensic Investigation
  • Hacker / Penetration Methodology
  • Domain 04 Review
  • Course Closure

Quiz Information

Once a topic is completed, our built-in review quiz allows you to assess your progress and identify areas where additional study may be required. After this assessment the student can go back give some extra attention to different subject areas within a topic if necessary.

Save Big With
Group Enrollment

Users Price Discount
1 - 10 $396.00 N/A
11 - 25 $336.60 15%
26 - 50 $252.45 36%
51 - 100 $159.04 60%

101+ Users? Contact us for pricing.

Price (each) $396.00
Total Price $396.00
Savings $00.00

Use the "Users" box to update number of users and click Enroll Now to apply the discount.

Benefits of Group Purchase:

  • Free Cloud-based LMS Access with Enrollment
  • Manager Access with 2+ Users Sign up
  • Fast and easy compliance reporting
  • Track and report progress of whole team
  • Cloud storage for Certificates
  • Buy now, train later

Got questions? Contact us below or call 877-881-2235

Why Choose 360training.com?

  • Fast and easy courses completion
  • Get an education faster than at traditional colleges!
  • 100% online - No classroom attendance required.
  • Unlimited 24x7 online customer support
  • Over 500,000+ certified nationwide.