CISM | Certified Information Security Manager
 
Designed for IT professionals with technical expertise and experience in IS/IT security and control looking to transition from team player to manager. CISM can add credibility and confidence to interactions with internal and external stakeholders, peers and regulators.
This certification indicates expertise in information security governance, program development and management, incident management and risk management. If you are a mid-career IT professional aspiring to senior management roles in IT security and control, CISM can get you the visibility you need.
There are 150 Questions on the exam which must be completed in four hours. It is available online via remote proctoring and at in-person testing centers where available.
 
Audience profile
CISM is intended for information security professionals with at least five years of relevant work experience and at least three years in the role of information security manager.
Job titles include:
CISO
CSO
Security Director/Manager/Consultant
IT Director/Manager/Consultant
Compliance/Risk/Privacy Director and Manager
 
CPE Overview
To maintain your CISM, you must earn and report a minimum of 120 CPE hours every three-year reporting cycle and at least 20 hours annually. CISM awards up to one hour of CPE for every one hour of instructor led training. Online review course earns 20 CPEs and Virtual Instructor-Led Training (VILT) earns 14 CPEs.
 
Outline Course
Domain 1: Information Security Governance
Enterprise Governance Overview
Organizational Culture, Structures, Roles and Responsibilities
Legal, Regulatory and Contractual Requirements
Information Security Strategy
Information Governance Frameworks and Standards
Strategic Planning
Domain 2: Information Security Risk Management
Risk and Threat Landscape
Vulnerability and Control Deficiency Analysis
Risk Assessment, Evaluation and Analysis
Information Risk Response
Risk Monitoring, Reporting and Communication
Domain 3: Information Security Program
IS Program Development and Resources
IS Standards and Frameworks
Defining an IS Program Road Map
IS Program Metrics
IS Program Management
IS Awareness and Training
Integrating the Security Program with IT Operations
Program Communications, Reporting and Performance Management
Domain 4: Incident Management
Incident Management and Incident Response Overview
Incident Management and Response Plans
Incident Classification/Categorization
Incident Management Operations, Tools and Technologies
Incident Investigation, Evaluation, Containment and Communication
Incident Eradication, Recovery and Review
Business Impact and Continuity
Disaster Recovery Planning
Training, Testing and Evaluation
 
Descargue el temario para conocer el detalle completo de los contenidos.
 
Debido a las constantes actualizaciones de los contenidos de los cursos por parte del fabricante, el contenido de este temario puede variar con respecto al publicado en el sitio oficial, sin embargo, Netec siempre entregará la versión actualizada de éste.