CISM Course London
CISM (Certified Information Security Manager) is a key certification for information security professionals who manage, design, oversee, and assess enterprise information security. This CISM certification course, closely aligned with ISACA's best practices, helps you learn about IT security systems.
Accreditation with
World’s #1 Online Bootcamp
CISM Course Overview
You will acquire the requisite skills to design, deploy, and manage security architecture for your organization with this CISM certification training from Simplilearn. This course is aligned with ISACA best practices. Today, enterprises and government agencies increasingly expect their IT professionals to hold a CISM certification.
Exam Pass Guarantee
Simplilearn offers an Exam Pass Guarantee* to students who complete our course training. We also provide a voucher (free of charge) to our students so they can retake the exam in case they fail the CISM Certification final exam on the first try.
100% Money Back Guarantee
No questions asked refund*
At Simplilearn, we value the trust of our patrons immensely. But, if you feel that a course does not meet your expectations, we offer a 7-day money-back guarantee. Just send us a refund request via email within 7 days of purchase and we will refund 100% of your payment, no questions asked!
At Simplilearn, we value the trust of our patrons immensely. But, if you feel that a course does not meet your expectations, we offer a 7-day money-back guarantee. Just send us a refund request via email within 7 days of purchase and we will refund 100% of your payment, no questions asked!
CISM Course Key Features
- 45+ hours of Applied Learning
- ISACA Elite Partner
- ISACA Accredited Instructors
- Official CISM® Review Questions & Explanations Database
- Official Review manual from ISACA
- 16 CPE’s offered
Skills Covered
- Information Security Governance
- Information Security Incident Management
- Design security architecture
- Knowledge of ISACA domains
- Information security programs
- Enterprise IT frameworks
Benefits
CISM certification is a globally recognized professional requirement in the IT Security domain. This certification is best suited for security consultants and managers, IT directors and managers, security auditors and architects, security system engineers, CISOs, information security managers, and risk officers.
- Designation
- Annual Salary
- Hiring Companies
- Annual SalarySource: GlassdoorHiring CompaniesSource: Indeed
- Annual SalarySource: GlassdoorHiring CompaniesSource: Indeed
- Annual SalarySource: GlassdoorHiring CompaniesSource: Indeed
CISM Course Curriculum
Eligibility
CISM certification is a globally recognized professional requirement in the IT Security domain. This certification is best suited for security consultants and managers, IT directors and managers, security auditors and architects, security system engineers, CISOs, information security managers, IT consultants, and risk officers.
Pre-requisites
To become a CISM certified professional or to opt for this CISM course, you need to fulfill some criteria, including - A completed application submitted within five years from the date of initially passing the examination (you must ensure that all experience is independently verified by employers).
The experience must have been gained within the 10-year period preceding the application date for certification or within five years of passing the examination. Three of the five years of work experience must be gained in the role of an information security manager (it must be broad and gained in three of the four CISM domains)
The experience must have been gained within the 10-year period preceding the application date for certification or within five years of passing the examination. Three of the five years of work experience must be gained in the role of an information security manager (it must be broad and gained in three of the four CISM domains)
Course Content
Certified Information Security Manager (CISM®)
PreviewDomain 01: Information Security Governance
03:47:44PreviewLesson One: Information Security Governance Overview
00:53Information Security Governance Overview Part One
01:12Information Security Governance Overview Part Two
02:00Information Security Governance Overview Part Three
01:22Information Security Governance Overview Part Four
01:32Information Security Governance Overview Part Five
00:29Importance of Information Security Governance Part One
01:19Importance of Information Security Governance Part Two
06:20Outcomes of Information Security Governance Part one
00:33Outcomes of Information Security Governance Part Two
01:26Outcomes of Information Security Governance Part Three
02:45Outcomes of Information Security Governance Part Four
01:27Outcomes of Information Security Governance Part Five
01:54Outcomes of Information Security Governance Part Six
01:28Lesson Two: Effective Information Security Governance
00:31Business Goals and Objectives Part One
01:31Business Goals and Objectives Part Two
02:00Roles and Responsibilities of Senior Management Part One
01:02Roles and Responsibilities of Senior Management Part Two
00:43Domain Tasks Part One
01:21Domain Tasks Part Two
03:16Business Model for Information Security Part One
00:45Business Model for Information Security Part Two
01:09Business Model for Information Security Part Three
03:16Business Model for Information Security Part Four
01:37Dynamic Interconnections Part One
00:34Dynamic Interconnections Part Two
02:55Dynamic Interconnections Part Three
01:55Dynamic Interconnections Part Four
00:51Lesson Three: Information Security Concepts and Technologies
03:26Information Security Concepts and Technologies Part One
02:58Information Security Concepts and Technologies Part Two
03:25Information Security Concepts and Technologies Part Three
01:50Technologies Part One
01:41Technologies Part Two
06:12Lesson Four: Information Security Manager
00:33Responsibilities
01:48Senior Management Commitment Part One
00:48Senior Management Commitment Part Two
02:27Obtaining Senior Management Commitment Part One
00:24Obtaining Senior Management Commitment Part Two
00:53Establishing Reporting and Communication Channels Part One
01:13Establishing Reporting and Communication Channels Part Two
01:07Lesson Five: Scope and Charter of Information Security Governance
01:55Assurance Process Integration and Convergence
02:24Convergence
02:32Governance and Third-Party Relationships
02:38Lesson Six: Information Security Governance Metrics
00:56Metrics
01:38Effective Security Metrics Part One
01:46Effective Security Metrics Part Two
01:01Effective Security Metrics Part Three
01:51Effective Security Metrics Part Four
00:39Security Implementation Metrics
01:17Strategic Alignment Part One
02:56Strategic Alignment Part Two
01:10Risk Management
01:14Value Delivery
01:02Resource Management Part One
00:47Resource Management Part Two
00:41Performance Measurement
03:06Assurance Process Integration/Convergence
02:54Lesson Seven: Information Security Strategy Overview
00:53Another View of Strategy
00:41Lesson Eight: Creating Information Security Strategy
00:16Information Security Strategy
01:22Common Pitfalls Part One
04:38Common Pitfalls Part Two
02:19Objectives of the Information Security Strategy
01:33What is the Goal?
01:40Defining Objectives
01:23Business Linkages
01:48Business Case Development Part One
01:44Business Case Development Part Two
02:36Business Case Development Part Three
00:45Business Case Objectives
00:57The Desired State
01:48COBIT
01:08COBIT Controls
01:09COBIT Framework
00:48Capability Maturity Model
01:38Balanced Scorecard
01:22Architectural Approaches
01:03ISO/IEC 27001 and 27002
01:00Risk Objectives Part One
01:39Risk Objectives Part Two
03:11Lesson Nine: Determining Current State Of Security
00:45Current Risk Part One
02:37Current Risk Part Two
01:11BIA
01:11Lesson Ten: Information Security Strategy Development
01:52The Roadmap
01:01Elements of a Strategy
03:27Strategy Resources and Constraints
02:45Lesson Eleven: Strategy Resources
00:32Policies and Standards
01:00Definitions
05:48Enterprise Information Security Architectures
01:30Controls
03:00Countermeasures
00:55Technologies
01:50Personnel
01:54Organizational Structure
03:47Employee Roles and Responsibilities
00:28Skills
01:16Audits
01:41Compliance Enforcement
02:24Threat Assessment
01:41Vulnerability Assessment
02:21Risk Assessment
02:19Insurance
02:04Business Impact Assessment
02:32Outsourced Security Providers
02:57Lesson twelve: Strategy Constraints
00:23Legal and Regulatory Requirements
01:43Physical Constraints
02:56The Security Strategy
01:36Lesson Thirteen: Action Plan to Implement Strategy
01:13Gap Analysis Part One
01:35Gap Analysis Part two
00:52Gap Analysis Part Three
03:01Policy Development Part One
01:41Policy Development Part Two
01:00Standards Development
02:44Training and Awareness
00:35Action Plan Metrics
01:23General Metric Considerations Part One
00:23General Metric Considerations Part Two
00:35General Metric Considerations Part Three
00:43General Metric Considerations Part Four
00:23CMMFour Statements
02:00Objectives for CMMFour
00:47Section Review
00:44
Knowledge Check
Knowledge Check One
Domain 02: Information Risk Management and Compliance
02:22:21PreviewLesson One: Risk Management Overview
00:59Risk Management Overview
01:51Types of Risk Analysis
07:08The Importance of Risk Management
02:14Risk Management Outcomes
01:35Risk Management Strategy
01:49Lesson Two: Good Information Security Risk Management
04:14Context and Purpose
03:08Scope and Charter
00:39Assets
02:31Other Risk Management Goals
02:02Roles and Responsibilities
02:51Lesson Three: Information Security Risk Management Concepts
06:06Technologies
06:39Lesson Four: Implementing Risk Management
02:08The Risk Management Framework
02:00The External Environment
01:48The Internal Environment
02:06The Risk Management Context
00:47Gap Analysis
02:21Other Organizational Support
04:09Lesson Five: Risk Assessment
01:19NIST Risk Assessment Methodology
03:49Aggregated or Cascading Risk
02:54Other Risk Assessment Approaches
01:18Identification of Risks
01:49Threats
01:08Vulnerabilities Part One
02:11Vulnerabilities Part Two
04:10Risks
01:36Analysis of Relevant Risks
01:48Risk Analysis
02:29Semi -Quantitative Analysis
01:52Quantitative Analysis Example
04:14Evaluation of Risks
00:46Risk Treatment Options
04:39Impact
02:59Lesson Six: Controls Countermeasures
00:25Controls
04:43Residual Risk
03:38Information Resource Valuation
01:33Methods of Valuing Assets
01:36Information Asset Classification
03:32Determining Classification
02:05Impact Part One
03:53Impact Part Two
01:03Lesson Seven: Recovery Time Objectives
00:49Recovery Point Objectives
04:18Service Delivery Objectives
01:58Third-Party Service Providers
01:44Working with Lifecycle Processes
02:08IT System Development
02:11Project Management Part One
00:46Project Management Part Two
02:10Lesson Eight: Risk Monitoring and Communication
01:17Risk Monitoring and Communication
00:38Other Communications
01:25Section Review
01:01
Knowledge Check
Knowledge Check Two
Domain 03: Information Security Program Development and Management
04:07:00PreviewIntroduction
00:30Lesson One: Development of Information Security Program
02:50Importance of the Program
00:52Outcomes of Security Program Development
01:47Effective Information Security Program Development
04:59Lesson Two: Information Security Program Objectives
01:55Cross Organizational Responsibilities
00:10Program Objectives Part One
02:23Program Objectives Part Two
01:18Defining Objectives Part One
02:11Defining Objectives Part Two
01:08Lesson 3: Information Security Program Development Concepts Part One
04:02Information Security Program Development Concepts Part Two
05:39Technology Resources
02:44Information Security Manager
01:25Lesson Four: Scope and Charter of Information Security Program Development
00:30Assurance Function Integration
01:35Challenges in Developing Information Security Program
01:54Pitfalls
02:48Objectives of the Security Program
02:06Program Goals
02:52The Steps of the Security Program
01:46Defining the Roadmap Part One
01:38Defining the Roadmap Part Two
00:58Elements of the Roadmap Part One
01:18Elements of the Roadmap Part Two
00:34Elements of the Roadmap Part Three
01:57Elements of the Roadmap Part Four
01:17Elements of the Roadmap Part Five
00:18Gap Analysis
00:44Lesson Five: Information Security Management Framework
00:15Security Management Framework
04:55COBIT Five
05:59ISO/IEC 27001
04:30Lesson Six: Information Security Framework Components
00:13Operational Components Part One
01:56Operational Components Part Two
03:11Management Components
01:31Administrative Components
03:29Educational and Informational Components
01:25Lesson Seven: Information Security Program Resources
01:32Resources
03:27Documentation
00:54Enterprise Architecture Part One
04:29Enterprise Architecture Part Two
01:54Enterprise Architecture Part Three
01:11Controls as Strategy Implementation Resources Part One
03:42Controls as Strategy Implementation Resources Part Two
02:19Controls as Strategy Implementation Resources Part Three
04:35Controls as Strategy Implementation Resources Part Four
02:19Common Control Practices
01:41Countermeasures
00:37Technologies Part One
01:13Technologies Part Two
01:52Technologies Part Three
01:39Technologies Part Four
05:38Personnel Part One
02:00Personnel Part Two
02:56Security Awareness
01:28Awareness Topics
05:18Formal Audits
01:16Compliance Enforcement
01:03Project Risk Analysis
03:09Other Actions
02:58Other Organizational Support
01:21Program Budgeting Part One
01:03Program Budgeting Part Two
02:19Lesson Eight: Implementing an Information Security Program
00:13Policy Compliance
02:38Standards Compliance
02:44Training and Education
01:43ISACA Control Objectives
03:52Third-party Service Providers Part One
01:08Third-party Service Providers Part Two
04:22Integration into Lifecycle Processes
02:14Monitoring and Communication
03:33Documentation
01:33The Plan of Action Part One
01:17The Plan of Action Part Two
01:36Lesson Nine: Information Infrastructure and Architecture
00:53Managing Complexity Part One
04:42Managing Complexity Part Two
01:45Objectives of Information Security Architectures Part One
01:30Objectives of Information Security Architectures Part Two
01:15Physical and Environmental Controls
03:32Lesson Ten: Information Security Program
03:03Information Security Program Deployment Metrics
02:27Metrics
02:02Strategic Alignment
00:53Risk Management
01:41Value Delivery
00:35Resource Management
01:22Assurance Process Integration
00:27Performance Measurement
00:41Security Baselines
00:38Lesson Eleven: Security Program Services and Operational Activities
00:48IS Liaison Responsibilities Part One
10:17IS Liaison Responsibilities Part Two
02:28Cross-Organizational Responsibilities
01:34Security Reviews and Audits Part One
03:27Security Reviews and Audits Part Two
01:38Management of Security Technology
01:25Due Diligence Part One
04:10Due Diligence Part Two
01:36Compliance Monitoring and Enforcement Part One
02:02Compliance Monitoring and Enforcement Part Two
01:46Assessment of Risk and Impact Part One
02:16Assessment of Risk and Impact Part Two
01:28Outsourcing and Service Providers
02:33Cloud Computing Part One
01:36Cloud Computing Part Two
01:54Cloud Computing Part Three
02:23Integration with IT Processes
00:42Section Review
01:13
Knowledge Check
Knowledge Check Three
Domain 04: Information Security Incident Management
03:33:59PreviewLesson One: Incident Management Overview Part One
00:47Incident Management Overview Part Two
03:08Incident Management Overview Part Three
03:45Types of Events Part One
02:43Types of Events Part Two
03:20Goals of Incident Management Part One
04:45Goals of Incident Management Part Two
06:31Goals of Incident Management Part Three
03:26Lesson Two: Incident Response Procedures Part One
00:23Incident Response Procedures Part Two
03:40Importance of Incident Management
01:53Outcomes of Incident Management
03:50Incident Management
01:34Concepts Part One
02:07Concepts Part Two
01:35Concepts Part Three
01:34Incident Management Systems Part One
04:02Incident Management Systems Part Two
00:53Lesson Three: Incident Management Organization
02:30Responsibilities Part One
03:01Responsibilities Part Two
02:58Responsibilities Part Three
05:10Senior Management Commitment
01:02Lesson Four: Incident Management Resources
00:25Policies and Standards
00:36Incident Response Technology Concepts
00:42Personnel
03:11Roles and Responsibilities (eNotes)
03:10Skills
08:09Awareness and Education
01:20Audits
02:49Lesson Five: Incident Management Objectives
00:17Defining Objectives
00:48The Desired State
02:36Strategic Alignment
06:42Other Concerns
02:32Lesson Six: Incident Management Metrics and Indicators
05:14Implementation of the Security Program Management
03:01Management Metrics and Monitoring Part One
00:21Management Metrics and Monitoring Part Two
02:48Other Security Monitoring Efforts
04:24Lesson Seven: Current State of Incident Response Capability
00:11Threats
04:39Vulnerabilities
04:09Lesson Eight: Developing an Incident Response Plan
00:44Elements of an Incident Response Plan
00:53Gap Analysis
03:05BIA Part One
03:04BIA Part Two
02:48Escalation Process for Effective IM
02:41Help Desk Processes for Identifying Security Incidents
01:27Incident Management and Response Teams
01:30Organizing, Training, and Equipping the Response Staff
01:55Incident Notification Process
00:55Challenges in making an Incident Management Plan
00:56Lesson Nine: BCP/DRP
07:49Goals of Recovery Operations Part One
02:02Goals of Recovery Operations Part Two
01:57Choosing a Site Selection Part One
05:37Choosing a Site Selection Part Two
00:45Implementing the Strategy
03:58Incident Management Response Teams
02:10Network Service High-availability
04:17Storage High-availability
04:01Risk Transference
01:27Other Response Recovery Plan Options
01:29Lesson Ten: Testing Response and Recovery Plans
00:18Periodic Testing
01:17Analyzing Test Results Part One
02:06Analyzing Test Results Part Two
03:39Measuring the Test Results
00:57Lesson Eleven: Executing the Plan
01:56Updating the Plan
01:15Intrusion Detection Policies
01:38Who to Notify about an Incident
01:52Recovery Operations
01:53Other Recovery Operations
01:57Forensic Investigation
02:02Hacker / Penetration Methodology
11:50Section Review
01:15Sequence Five
01:53
Knowledge Check
Knowledge Check Four
Course Advisor
Dean Pompilio
Technical Trainer, Owner- Steppingstonesolutions IncMr.Pompilio has been an IT Professional since 1989. He has worn many hats along the way and holds over 20 IT certifications which include EC-Council CEI, CEH, CHFI, CISSP, CISA, CISM. His passion is to help IT professionals achieve their training goals and career growth.
Next
CISM Exam & Certification
How do you become a CISM certified professional?
To become CISM certified, you must meet the following requirements:
- Successful completion of the CISM examination
- Adherence to the ISACA Code of Professional Ethics
- Agree to comply with the Continuing Education Policy
- Five years of work experience in the field of information security, three of which must be as an information security manager. Work experience must be gained in three of the four CISM domains. All information must be verified independently by employers.
- Submit an application for CISM certification within five years from the date of initially passing the exam
For additional information on how to become a certified CISM professional and to understand the CISM certification requirements, please visit:
http://www.isaca.org/Certification/CISM-Certified-Information-Security-Manager/How-to-Become-Certified/Pages/default.aspx*Exam Pass Guarantee: Except for Indian Subcontinent, and Africa.
Simplilearn offers Exam Pass Guarantee to our students who complete our course training. We offer a voucher (free of charge) to the students to retake the exam in case they fail ISACA CISM final exam.T&C for claiming the retake voucher as a part of the exam pass guarantee:
- Attend at least one complete instructor-led class
- Must give final exam within 30 days from the date of course completion
- Produce exam failure notice received from ISACA
What are the prerequisites for CISM certification?
To become a CISM certified professional, you need to fulfill the following criteria:- A completed application must be submitted within 5 years from the date of initially passing the examination.
- All experience must be verified independently with employers.
- This experience must have been gained within the 10-year period preceding the application date for certification or within five years of passing the examination.
- Three (3) years of the five (5) years of work experience must be gained performing the role of an information security manager
- In addition, this work experience must be broad and gained in three (3) of the four (4) CISM® domains
What do I need to do to unlock my certificate?
Online Self-learning- Complete 85% of the Online Self Learning Content
- Complete one simulation test with a minimum score of 60%
Online Classroom:
- Attend 1 complete Live Class batch or Complete 85% of the Online Self Learning Content
- Complete one simulation test with a minimum score of 60%
Do you provide any practice tests as part of this course?
Yes, we provide 1 practice test as part of our course to help you prepare for the actual certification exam. You can try this Free CISM Exam Prep Practice Test to understand the type of tests that are part of the course curriculum.
CISM Training Reviews
Peter Bartow
Sr Project Manager IT PMO, MiamiI enjoyed taking the class with so many people from all over the world. The course was elaborate and easy to comprehend.
Tejaswa Rastogi
MumbaiThe course encapsulates the offensive approach, which is good, and there is much to learn.
Hussein Ali AL-Assaad
IT Manager at O&G Engineering, KuwaitSimplilearn has been a great learning experience. The trainer is extremely knowledgeable. The full team is very helpful and flexible. I recommend Simplilearn to my friends and families.
Next
Why Online Bootcamp
- Develop skills for real career growthCutting-edge curriculum designed in guidance with industry and academia to develop job-ready skills
- Learn from experts active in their field, not out-of-touch trainersLeading practitioners who bring current best practices and case studies to sessions that fit into your work schedule.
- Learn by working on real-world problemsCapstone projects involving real world data sets with virtual labs for hands-on learning
- Structured guidance ensuring learning never stops24x7 Learning support from mentors and a community of like-minded peers to resolve any conceptual doubts
CISM Course FAQs
You offer an exam pass guarantee. How does it work?
*Free exam retake terms and conditions:
Terms and Conditions:
Simplilearn offers Exam Pass Guarantee to our students who complete our course training. Simplilearn uses top learning methodologies to equip learners with the knowledge and confidence to pass the CISM exam in the first attempt. If you do not pass the CISM exam at the first attempt, Simplilearn will provide you one free exam retake.
To ensure your success, we strongly recommend that you take the CISM exam within a week of the course completion date—or a maximum of 45 days from the completion of the online training. This way, the course materials will be fresh in your mind.Exam Attempts:
Attempt
Time Frame
Result
Free Exam Retake
First
Within 6 months (180 days) from enrollment date
Did Not Pass
Yes
Exam Pass Guarantee:
If you do not pass the exam on the first attempt, Simplilearn will provide you one free exam retake. You must submit a copy of your scorecard.Terms and Conditions for qualifying:
This money-back guarantee applies only to Simplilearn’s CISM blended learning. The guarantee is valid only for participants who have paid the entire enrollment fee.
The guarantee becomes void if:
- Participants do not take the CISM examination within 45 days of unlocking the certificate.
- Participants do not maintain 100% attendance during the training sessions.
- Participants fail to book their exam within 6 months from the date of enrollment
- Participants do not follow the instructions of the trainer and do not complete the exercises given during the training.
- Participants do not submit the required documents to Simplilearn.
-
Participants failed to request a refund within 15 days of receiving their results
Is the exam fee included in the course fee?
Yes, the CISM exam fee is included in the course fee only for the U.S and ROW customers.What is the structure of the CISM certification exam?
ISACA uses and reports scores on a common scale of 200 to 800. For example, the scaled score of 800 represents a perfect score with all questions answered correctly; a scaled score of 200 is the lowest score possible and signifies that only a small number of questions were answered correctly. You must achieve a score of 450 or higher to pass the CISM exam.What certification will I receive after completing the training?
After successful completion of the training, you will be awarded the course completion certificate along with the 16 CPE certificate from Simplilearn.What is the date of the next CISM exam?
CISM exam is conducted thrice in a year in the months of July, September and December. To find the exam locations & dates go to (www.isaca.org/certification/pages/exam-locations.aspx)Can I defer my exam?
If you are unable to take the exam, you can request a deferral of your registration fees to the next exam date. To learn more about deferring your exam, including deferral deadlines and costs, please visit http://www.isaca.org/certification/pages/exam-deferral.aspx.
Related Programs
- Disclaimer
- PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.