Eccentrix IT trainings - Microsoft, CompTIA, PeopleCert, PECB
Eccentrix IT trainings - Microsoft, CompTIA, PeopleCert, PECB

Eccentrix - Trainings catalog - Information security - Certified Information Security Manager (CS8529)

Certified Information Security Manager (CS8529)

The CISM (Certified Information Security Manager) course trains professionals to manage, develop, and oversee enterprise-level information security programs while ensuring alignment with business objectives. It covers four key areas: Information Security Governance, Risk Management, Program Development and Management, and Incident Response. This certification is ideal for IT managers, consultants, and compliance officers looking to deepen their expertise in security management.

  • Duration: 5 days / 35 hours
Details

Related trainings

Exclusives

  • Video recording: 365 days of access to your course for viewing
  • Class material: Delivered in digital format for everyone, downloadable, accessible during and after the training
  • Proof of attendance: Digital badge and completion certificate available for all participants
  • Fast and guaranteed private class delivery: Maximum wait of 4 to 6 weeks after registration, guaranteed date

Applicable solutions

THE LEARNING PASSPORTS
Learning Passports optimize your training budget by providing access to comprehensive solutions, discounts, and free courses, ensuring flexibility and value.

Private class

Reserve this training exclusively for your organization with pricing adapted to the number of participants. Our pricing for private training is determined based on the size of your group, with a minimum number of participants required for the training to be held.

  • Volume-based pricing discount according to the number of participants
  • Training delivered in an environment dedicated to your team
  • Scheduling flexibility according to your availability
  • Enhanced interaction among colleagues from the same organization
  • Same exclusive benefits as our public training sessions

How to get a proposal?

Use the request form by specifying the number of participants. We will quickly send you a complete quote with the exact pricing, available dates, and details of all the benefits included in your private training.

Ask for a proposal

Training plan

  • Importance of Information Security Governance
  • Desired Outcomes of Good Information Security
  • Governance
  • Responsibility for Information Security Governance
  • Steps for Establishing Governance
  • Governance Framework
  • Top-Down and Bottom-Up Approaches
  • Key Aspects from the CISM Exam Perspective
  • A Note on the Practice Questions
  • Organizational Culture
  • Acceptable Usage Policy
  • Ethics Training
  • Legal, Regulatory, and Contractual Requirements
  • Key Aspects from the CISM Exam Perspective
  • Retention of Business Records
  • Electronic Discovery
  • Key Aspects from the CISM Exam Perspective
  • Organizational Structure
  • Board of Directors
  • Security Steering Committee
  • Reporting of Security Functions
  • Centralized vis-à-vis Decentralized Security Functioning
  • Information Security Roles and Responsibilities
  • RACI Chart
  • Board of Directors
  • Senior Management
  • Business Process Owners
  • Steering Committee
  • Chief Information Security Officer
  • Chief Operating Officer
  • Data Custodian
  • Communication Channel
  • Indicators of a Security Culture
  • Key Aspects from the CISM Exam Perspective
  • Maturity Model
  • Key Aspects from the CISM Exam Perspective
  • Governance of Third-Party Relationships
  • Information Security Governance Metrics
  • The Objective of Metrics
  • Technical Metrics vis-à-vis Governance-Level Metrics
  • Characteristics of Effective Metrics
  • Information Security Strategy and Plan
  • Information Security Policies
  • Key Aspects from the CISM Exam Perspective
  • Information Governance Frameworks and Standards
  • The Objective of Information Security Governance
  • Information Security/Cybersecurity Management Frameworks
  • The IT Balanced Scorecard
  • Information Security Programs
  • Key Aspects from the CISM Exam Perspective
  • Enterprise Information Security Architecture
  • Challenges in Designing the Security Architecture
  • Benefits of Security Architecture
  • Key Aspects from the CISM Exam Perspective
  • Awareness and Education
  • Increasing the Effectiveness of Security Training
  • Key Aspects from the CISM Exam Perspective
  • Governance, Risk Management, and Compliance
  • Key Aspects from the CISM Exam Perspective
  • Senior Management Commitment
  • Information Security Investment
  • Strategic Alignment
  • Key Aspects from the CISM Exam Perspective
  • Business Case and Feasibility Study
  • Understanding Risk
  • Key Aspects from the CISM Exam Perspective
  • Differentiating Risk Identification, Risk Analysis, and Risk
  • Evaluation
  • Risk Management
  • Risk Assessment
  • Risk Analysis
  • Risk Evaluation
  • Differentiating Risk Capacity, Risk Appetite, and Risk Tolerance
  • Key Aspects from the CISM Exam Perspective
  • Inherent Risk and Residual Risk
  • Inherent Risk
  • Residual Risk
  • Differentiating between Inherent Risk and Residual Risk
  • Key Aspects from the CISM Exam Perspective
  • Phases of Risk Management
  • Phases of Risk Management
  • The Outcome of a Risk Management Program
  • Key Aspects from the CISM Exam Perspective
  • Risk Awareness
  • Tailored Awareness Programs
  • Training Effectiveness
  • Awareness Training for Senior Management
  • Key Aspects from the CISM Exam Perspective
  • Risk Assessment
  • Phases of Risk Assessment
  • Key Aspects from the CISM Exam Perspective
  • Risk Identification
  • Risk Identification Process
  • Asset Identification
  • Asset Valuation
  • Aggregated and Cascading Risk
  • Key Aspects from the CISM Exam Perspective
  • Risk Analysis
  • Quantitative Risk Analysis
  • Qualitative Risk Analysis
  • Semi-Quantitative Risk Analysis
  • The Best Method for Risk Analysis
  • Annual Loss Expectancy
  • Value at Risk (VaR)
  • OCTAVE
  • Other Risk Analysis Methods
  • Key Aspects from the CISM Exam Perspective
  • Risk Evaluation
  • Risk Ranking
  • Risk Register
  • Emerging Risk and the Threat Landscape
  • Emerging Threats
  • Advanced Persistent Threats
  • Vulnerability and Control Deficiency
  • Key Aspects from the CISM Exam Perspective
  • Security Baselines
  • Risk Communication
  • Risk Treatment/Risk Response Options
  • Risk Mitigation
  • Risk Sharing/Transferring
  • Risk Avoidance
  • Risk Acceptance
  • Key Aspects from the CISM Exam Perspective
  • Risk Ownership and Accountability
  • Key Aspects from the CISM Exam Perspective
  • Risk Monitoring and Communication
  • Risk Reporting
  • Key Risk Indicators
  • Reporting Significant Changes in Risk
  • Key Aspects from the CISM Exam Perspective
  • Implementing Risk Management
  • Risk Management Process
  • Integrating Risk Management into Business Processes
  • Prioritization of Risk Response
  • Defining a Risk Management Framework
  • Defining the External and Internal Environment
  • Determining the Risk Management Context
  • Gap Analysis
  • Cost-Benefit Analysis
  • Other Kinds of Organizational Support
  • Key Aspects from the CISM Exam Perspective
  • Change Management
  • Objectives of Change Management
  • Approval from the System Owner
  • Regression Testing
  • Involvement of the Security Team
  • Preventive Controls
  • Key Aspects from the CISM Exam Perspective
  • Patch Management
  • Key Aspects from the CISM Exam Perspective
  • Operational Risk Management
  • Recovery Time Objective
  • Recovery Point Objective
  • Difference between RTO and RPO
  • Service Delivery Objective
  • Maximum Tolerable Outage
  • Allowable Interruption Window
  • Risk Management Integration with Life Cycle
  • System Development Life Cycle
  • Information Security Program Overview
  • Ideal Outcomes of an Information Security Program
  • The Starting Point of a Security Program
  • Information Security Charter
  • Support from Senior Management
  • Defense in Depth
  • Key Aspects from the CISM Exam Perspective
  • Information Security Program Resources
  • Information Asset Identification and Classification
  • Benefits of Classification
  • Understanding the Steps Involved in Classification
  • Success Factors for the Effective Classification of Assets
  • Criticality, Sensitivity, and Impact
  • Assessment
  • Business Dependency Assessment
  • Risk Analysis
  • Business Interruptions
  • Key Aspects from the CISM Exam Perspective
  • Information Asset Valuation
  • Determining the Criticality of Assets
  • Key Aspects from the CISM Exam Perspective
  • Industry Standards and Frameworks for Information
  • Security
  • Framework – Success Factors
  • Some Industry-Recognized Frameworks
  • Key Aspects from the CISM Exam Perspective
  • Information Security Policies, Procedures, and Guidelines
  • Reviewing and Updating Documents
  • Key Aspects from the CISM Exam Perspective
  • Defining an Information Security Program Roadmap
  • Gap Analysis
  • The Value of a Security Program
  • Integration of the Security Program with Other Departments
  • Key Aspects from the CISM Exam Perspective
  • Information Security Program Metrics
  • Objective of Metrics
  • Monitoring
  • Attributes of Effective Metrics
  • Information Security Objectives and Metrics
  • Useful Metrics for Management
  • Information Security Control Design and Selection
  • Countermeasures
  • General Controls and Application-Level Controls
  • Control Categories
  • Failure Modes – Fail Closed or Fail Open
  • Continuous Monitoring
  • Key Aspects from the CISM Exam Perspective
  • Security Baseline Controls
  • Developing a Security Baseline
  • Key Aspects from the CISM Exam Perspective
  • Information Security Awareness and Training
  • Key Aspects from the CISM Exam Perspective
  • Management of External Services and Relationships
  • Evaluation Criteria for Outsourcing
  • Steps for Outsourcing
  • Outsourcing – Risk Reduction Options
  • Provisions for Outsourcing Contracts
  • The Security Manager’s Role in Outsourcing
  • Service-Level Agreements
  • Right-to-Audit Clause
  • Impact of Privacy Laws on Outsourcing
  • Subcontracting/Fourth Party
  • Compliance Responsibility
  • Key Aspects from the CISM Exam Perspective
    Documentation
  • Information Security Program Objectives
  • Key Aspects from the CISM Exam Perspective
  • Security Budget
  • Key Aspects from the CISM Exam Perspective
  • Security Program Management and Administrative Activities
  • Information Security Team
  • Acceptable Usage Policy
  • Documentation
  • Project Management
  • Program Budgeting
  • Plan – Do – Check – Act
  • Security Operations
  • Key Aspects from the CISM Exam Perspective
  • Privacy Laws
  • Cloud Computing
  • Cloud Computing – Deployment Models
  • Types of Cloud Services
  • Cloud Computing – the Security Manager’s Role
  • Information Security Architecture
  • Key Aspects from the CISM Exam Perspective
  • Architecture Implementation
  • Key Aspects from the CISM Exam Perspective
  • Access Control
  • Mandatory Access Control
  • Discretionary Access Control
  • Role-Based Access Control
  • Degaussing (Demagnetizing)
  • Key Aspects from the CISM Exam Perspective
  • Virtual Private Networks
  • VPNs – Technical Aspects
  • Advantages of a VPN
  • VPN Security Risks
  • Virtual Desktop Environments
  • Key Aspects from the CISM Exam Perspective
  • Biometrics
  • Biometrics – Accuracy Measure
  • Biometric Sensitivity Tuning
  • Control over the Biometric Process
  • Types of Biometric Attacks
  • Factors of Authentication
  • Password Management
  • Key Aspects from the CISM Exam Perspective
  • Wireless Networks
  • Encryption
  • Enabling MAC Filtering
  • Disabling a Service Set Identifier
  • Disabling Dynamic Host Configuration Protocol
  • Common Attack Methods and Techniques for Wireless Networks
  • Key Aspects from the CISM Exam Perspective
  • Different Attack Methods for Information Security
  • Firewall Types and Implementations
  • Types of Firewalls
  • Types of Firewall Implementation
  • Placement of Firewalls
  • Source Routing
  • Firewall Types and Their Corresponding OSI Layers
  • Key Aspects from the CISM Exam Perspective
  • Intrusion Detection Systems and Intrusion Prevention Systems
  • Intrusion Detection Systems
  • Intrusion Prevention Systems
  • Difference between IDSs and IPSs
  • Honeypots and Honeynets
  • Key Aspects from the CISM Exam Perspective
  • Digital Signatures
  • Steps for Creating a Digital Signature
  • What is a Hash or a Message Digest?
  • Key Aspects from the CISM Exam Perspective
  • Public Key Infrastructure
  • PKI Terminology
  • Processes Involved in PKI
  • CA versus RA
  • Single Point of Failure
  • Functions of an RA
  • Key Aspects from the CISM Exam Perspective
  • Cryptography
  • Symmetric Encryption vis-à-vis Asymmetric Encryption
  • Encryption Keys
  • The Use of Keys for Different Objectives
  • Key Aspects from the CISM Exam Perspective
  • Penetration Testing
  • Aspects to be Covered within the Scope of Penetration Testing
  • Types of Penetration Tests
  • White Box Testing and Black Box Testing
  • Risks Associated with Penetration Testing
  • Incident Management and Incident Response Overview
  • The Relationship between Incident Management and Incident
    Response
  • The Objectives of Incident Management
  • Phases of the Incident Management Life Cycle
  • Incident Management, Business Continuity, and Disaster
    Recovery
  • Incident Management and the Service Delivery Objective
  • Maximum Tolerable Outage (MTO) and Allowable Interruption
    Window (AIW)
  • Key Aspects from the CISM Exam Perspective
  • Incident Management and Incident Response Plans
  • Elements of the IRP
  • Gap Analysis
  • Business Impact Analysis
  • Escalation Process
  • Help Desk/Service Desk Process for the Identification of
  • Incidents
  • Incident Management and Response Teams
  • Incident Notification Process
  • Challenges in Developing an Incident Management Plan
  • Key Aspects from the CISM Exam Perspective
  • Business Continuity and Disaster Recovery Procedures
  • Phases of Recovery Planning
  • Recovery Sites
  • Continuity of Network Services
  • Key Aspects from the CISM Exam Perspective
  • Insurance
  • Key Aspects from the CISM Exam Perspective
  • Incident Classification/Categorization
  • Help/Service Desk Processes for Identifying Security Incidents
  • Testing Incident Response, BCP, and DRP
  • Types of Tests
  • Effectiveness of Tests
  • Category of Tests
  • Recovery Test Metrics
  • Success Criteria for Tests
  • Incident Management Tools and Technologies
  • Incident Management Systems
  • Personnel
  • Audits
  • Outsourced Security Providers
  • Executing Response and Recovery Plans
  • Key Aspects from the CISM Exam Perspective
  • Incident Containment Methods
  • Incident Response Communications
  • Incident Eradication
  • Recovery
  • Post-Incident Activities and Investigations
  • Identifying the Root Cause and Taking Corrective Action
  • Documenting Events
  • Chain of Custody
  • Key Aspects from the CISM Exam Perspective
  • Incident Response Procedures
  • The Outcome of Incident Management
  • The Role of the Information Security Manager
  • Security Information and Event Management
  • Key Aspects from the CISM Exam Perspective
  • Incident Management Metrics and Indicators
  • Key Performance Indicators and Key Goal Indicators
  • Metrics for Incident Management
  • Reporting to Senior Management
  • The Current State of Incident Response Capabilities
  • History of Incidents
  • Threats and Vulnerabilities
  • Threats
  • Vulnerabilities

Recommended prerequisite knowledge

To take the CISM training, it’s recommended to have prior professional experience in information security management, particularly in areas like security governance, risk management, and incident response. Typically, several years of experience in these fields are helpful for understanding the concepts covered.

While no specific qualifications are required before attending the course, a basic understanding of IT security practices and business management is strongly advised to maximize learning.

Credentials and certification

Exam features

  • Preparation for the Certified Information Systems Manager Certification
  • Cost: 760 USD
  • Questions Format: Multiple choice
  • Duration: 4 hours
  • Number of Questions: 150
  • Passing Score: 450/800

Exam topics

  • Information Security Governance – Developing and managing a security governance framework aligned with business objectives.
  • Information Security Risk Management – Identifying and managing security risks.
  • Information Security Program Development and Management – Creating and maintaining a security program that supports the business.
  • Information Security Incident Management – Planning and responding to security incidents.

All details >>

CISM Training for certification

The Certified Information Security Manager (CISM) (CS8529) training is designed for IT professionals and security managers aiming to gain advanced expertise in managing enterprise information security programs. Recognized globally, this ISACA certification validates your ability to design, implement, and manage an organization’s security initiatives. This training focuses on four key domains: governance, risk management, program development, and incident response.

Participants will engage in practical exercises and real-world case studies to prepare for the CISM certification exam. This credential demonstrates your capability to lead and align security strategies with organizational objectives.

Why Choose the CISM Certification Training?

In today’s digital landscape, organizations face increasing cybersecurity threats that demand skilled security managers. The CISM certification validates your leadership skills in managing and optimizing enterprise-level security programs, ensuring compliance and resilience against cyber risks.

This training equips you with the expertise to assume strategic roles such as IT security manager, information risk consultant, and compliance officer. The CISM credential enhances your professional credibility and career prospects in the competitive field of information security.

Key Skills Developed in the Training

  1. Comprehensive understanding of information security management
    Gain mastery of governance, risk management, and security program development aligned with business objectives.

  2. Risk assessment and mitigation strategies
    Learn to evaluate and address information security risks effectively.

  3. Designing and managing security programs
    Develop skills to create robust security frameworks tailored to organizational needs.

  4. Incident management and response
    Acquire expertise in responding to and recovering from security breaches and incidents.

  5. Compliance and regulatory alignment
    Ensure that security measures comply with legal, regulatory, and organizational standards.

  6. Preparation for the CISM certification exam
    Equip yourself with the knowledge and tools to succeed in the CISM exam confidently.

Interactive Training by Certified Instructors

This CISM training is led by ISACA-certified instructors with extensive experience in enterprise security management. Participants benefit from interactive sessions, practical exercises, and insights into real-world challenges that bridge theoretical knowledge with application.

Who Should Attend?

This training is ideal for:

  • IT professionals managing information security programs
  • Security consultants focusing on enterprise-level risk management
  • IT managers responsible for aligning security with business objectives
  • Individuals preparing for the CISM certification exam

Elevate Your Career with CISM Certification

The Certified Information Security Manager (CISM) (CS8529) training equips you with the skills to lead and manage enterprise security programs effectively. Enroll today to earn a globally recognized certification and advance your career in information security management.

Frequently asked questions - CISM certification training (FAQ)

The training includes governance, risk management, security program development, and incident response.

Candidates must have five years of work experience in information security, with three years in management roles.

The certification validates advanced management skills in information security, enhancing career opportunities.

Yes, the course content is fully aligned with ISACA’s CISM exam objectives.

The CISM is globally recognized and valued by organizations across various industries.

Request form for a private class training

Dear Customer,

We thank you for your interest in our services. Here is the important information that will be provided to us upon completion of this form:

Training name: Certified Information Security Manager (CS8529)

Language: English

Duration: 5 days / 35 hours

Number of participants from your organization *

Minimum number of participants: 6

Organization name *
Your first and last name *
Telephone number *
Professional email *
Please provide a work or professional email address.
How did you hear about us? *
Comments or Remarks
The General Conditions are accessible on this page.

Eccentrix IT trainings - Microsoft, CompTIA, PeopleCert, PECB

Our website uses cookies to personalize your browsing experience. By clicking ‘I accept,’ you consent to the use of cookies.

I accept
Details