Certified Information Security Manager

Inquire now

Duration 4 days – 28 hrs

 

Overview.

 

The CISM Training Course is tailored for professionals who aim to manage, design, and oversee enterprise-level information security programs. Aligned with ISACA’s CISM curriculum, this course provides in-depth knowledge of security governance, information risk management, incident management, and the development and management of security programs. Participants will gain the skills needed to effectively align information security strategies with organizational goals and prepare thoroughly for the CISM certification exam.

 

Objectives

 

  • Develop skills to create, implement, and manage information security programs aligned with organizational objectives.
  • Learn information risk management principles and apply them to real-world situations.
  • Understand how to establish and govern an information security framework.
  • Master incident management techniques to ensure rapid response and resilience.
  • Prepare for the CISM certification exam with a focus on practical applications and best practices.

 

Audience

  • Information Security Managers
  • IT Security Consultants
  • Chief Information Security Officers (CISOs)
  • IT Directors/Managers
  • Risk Management Professionals
  • Compliance and Governance Officers
  • Professionals preparing for the CISM certification exam

 

Pre- requisites 

  • A minimum of 5 years of work experience in information security management (or equivalent work experience).
  • Familiarity with information security concepts, policies, and procedures.
  • Knowledge of risk management frameworks is beneficial.

Course Content

 

Day 1: Information Security Governance

  • Introduction to Information Security Governance: Understanding the importance of governance in information security.
  • Establishing an Information Security Governance Framework: Components and functions of a governance framework.
  • Security Policies, Standards, and Procedures: Developing and enforcing effective security policies aligned with business objectives.
  • Roles and Responsibilities: Defining roles, such as CISO, security managers, and governance committees.
  • Aligning Security with Business Strategy: Techniques to align security initiatives with organizational goals.

 

Day 2: Information Risk Management

  • Risk Management Overview: The fundamentals of identifying, assessing, and managing risk.
  • Risk Assessment and Analysis: Techniques to conduct quantitative and qualitative risk assessments.
  • Risk Response and Mitigation: Strategies for addressing risks, including risk avoidance, transfer, mitigation, and acceptance.
  • Third-Party Risk Management: Managing security risks from third-party vendors and partners.
  • Risk Monitoring and Reporting: Creating risk dashboards and reporting risk status to stakeholders.

 

Day 3: Information Security Program Development and Management

  • Information Security Program Development: Building a program that meets business needs and regulatory requirements.
      • Program Roadmap and Strategic Planning: Creating a multi-year security program roadmap.
      • Resource Management: Allocating budget, personnel, and technology for program success.
  • Security Controls and Compliance: Implementing and managing security controls across the organization.
      • Technical, Administrative, and Physical Controls: Practical implementation of various control types.
      • Compliance Requirements: Addressing standards such as ISO 27001, NIST, and GDPR.
  • Metrics and Continuous Improvement: Developing key performance indicators (KPIs) to measure program effectiveness.

 

Day 4: Information Security Incident Management

  • Incident Response Framework: Structuring an incident response team and defining response protocols.
  • Incident Response Planning: Developing and testing an incident response plan (IRP).
  • Detection and Analysis: Identifying security events and assessing potential threats.
  • Containment, Eradication, and Recovery: Steps to minimize damage, remove threats, and restore operations.
  • Post-Incident Review: Conducting lessons-learned sessions to prevent future incidents and improve response.

Inquire now

Best selling courses

Duration 3 days – 21 hrs   Overview    This Portfolio Management Training Course is designed to provide banking professionals with a comprehensive understanding of how to effectively manage investment and credit portfolios. Participants will gain insights into strategic allocation, performance measurement, risk management, and optimization of banking portfolios to align with regulatory requirements and...

Duration 2 days – 14 hrs   Overview   This comprehensive Planning and Forecasting Training Course is designed to empower professionals with the tools and techniques necessary to accurately predict future outcomes and develop strategic, operational, and financial plans. The course provides a structured approach to planning and forecasting, integrating both qualitative and quantitative methods....

Duration 3 days – 21 hours   Overview   This Beginner-to-Intermediate PostgreSQL Training Course is designed to build strong foundational skills in PostgreSQL while preparing participants to confidently work with real-world database tasks in modern environments.   Participants will learn how PostgreSQL works, how to write efficient SQL queries, how to design and manage database...

RISK MANAGEMENT

Liquidity Risk Management

Duration 5 days – 35 hrs   Overview.   This Liquidity Risk Management Training Course is tailored for banking professionals in the Philippines, focusing on the skills and knowledge necessary to manage liquidity risk effectively. Participants will learn how to assess liquidity risk, apply regulatory standards, and develop strategies to maintain adequate cash flow and...

Duration 5 days – 35 hrs   Overview    This 5-day advanced training course is designed for senior PMO leaders, program managers, PMO directors, and executives aiming to enhance their leadership capabilities and transform their PMOs into strategic business drivers. The course will explore advanced concepts in PMO strategy, digital transformation, innovation, business case development,...

TRAINOSYS CUSTOMIZED COURSE

Data Analytics from SQL to Power BI

The “Data Analytics from SQL to Power BI” training course is a comprehensive program designed to equip participants with the knowledge and skills necessary to analyze and visualize data using SQL and Power BI. Over the course of five days, participants will learn essential data analytics concepts, master SQL querying techniques for data retrieval and...

Duration 2 days – 14 hrs   Overview   This course provides a comprehensive understanding of the Anti-Money Laundering Act (AMLA) of the Philippines and techniques for identifying and handling counterfeit money. It equips participants with the knowledge to detect suspicious transactions, fulfill AML compliance obligations, and mitigate financial crime risks. Real-world case studies, regulatory...

Duration 2 days – 14 hrs   Overview   This course introduces participants to the principles and tools of data visualization and dashboard design. It focuses on transforming raw data into compelling, clear, and actionable visuals that support decision-making. Participants will explore visualization best practices, storytelling techniques, and hands-on tools (such as Excel, Power BI,...

We use cookies on our website to personalize your experience by storing your preferences and recognizing repeat visits. By clicking “Accept”, you agree to the use of all cookies. You can also select “Cookie Settings” to adjust your preferences and provide more specific consent. Cookie Policy