CISM Certified Information Security Manager

The CISM Certified Information Security Manager course equips professionals with essential skills to manage and govern information security programs, focusing on risk management, incident response, and security governance.

Begin Free Trial

Get in Touch With Us

Who will be funding the course?

My employer I will Not sure

Full Name

Phone Number

+44

Company Email

Message (Optional)

Learning Options

Online self paced
Virtual
Onsite

Online Video-Based Learning
Flexible Schedule
Expert Trainers with Industry Experience
High Pass Rates
24/7 Personalised Support
Interactive Learning Materials

Live Online Classes
Expert Trainers with Industry Experience
Live Assessment and Feedback
Interactive Learning Materials
Networking Opportunities
High Pass Rates

Book Now

Overview

The CISM Certified Information Security Manager course is tailored for professionals seeking to enhance their knowledge and skills in information security management. With cybersecurity being a critical priority for organisations worldwide, this course equips learners with the tools and strategies needed to manage, govern, and protect their organisation's information assets. Effective information security management is vital in safeguarding sensitive data, ensuring compliance, and mitigating risks in an ever-evolving digital landscape.

This comprehensive course covers the four key domains of information security management: Information Risk Management, Information Security Governance, Information Security Program Development, and Incident Management. Delegates will gain a deep understanding of security policies, risk assessment techniques, and the strategic frameworks needed to secure IT infrastructures and data across the organisation.

The 4-Day CISM course by MPES offers an immersive and practical learning experience, incorporating real-world case studies, scenario-based exercises, and practical insights from industry experts. It is ideal for individuals aiming to advance their careers in information security management and take on leadership roles within their organisation's security framework.

Course Objectives

Understand security governance and stakeholder roles in compliance
Master risk management processes for identifying and mitigating risks
Gain expertise in designing and managing security programs
Learn strategies for handling security incidents and breaches
Understand the importance of robust security policies and frameworks
Improve decision-making and leadership in aligning security with business goals
Enhance communication skills for technical and non-technical stakeholders
Build proficiency in using industry-standard security frameworks and tools

Upon successful completion of the CISM Certified Information Security Manager course, delegates will be well-equipped to take on strategic information security management roles. They will possess the confidence and skills necessary to protect sensitive data, influence organisational security policies, and lead teams in creating resilient security infrastructures that mitigate risks and support business continuity.

Average completion time

4 Month

with unlimited support

100% online

Start anytime

Study At Your Own Pace

Course Includes

Course Details

Develop your understanding of essential financial, business and management accounting techniques with ACCA Applied Knowledge. You'll learn basic business and management principles and the skills required of an accountant working in business.

Entry Requirements

Professional Background: While prior experience in information security is not mandatory, a basic understanding of IT infrastructure, network security, and risk management will contribute to a more enriching learning experience.
Language Proficiency: Learners must have a strong command of English, as all course content, discussions, and assessments are delivered in English.
Interest in Information Security: This course is ideal for professionals seeking to advance their career in information security management, with a focus on building leadership capabilities in securing business-critical information.

Learning Outcomes

Understand Information Security Governance: Gain knowledge of the frameworks and practices that are essential for overseeing an organisation’s information security strategy and ensuring compliance with laws and regulations.
Master Risk Management Practices: Learn how to assess, identify, and mitigate security risks across business operations, ensuring a proactive and effective security posture.
Develop Incident Response and Recovery Plans: Understand how to prepare for and respond to security incidents, ensuring rapid recovery and maintaining business continuity in the event of a breach or disruption.
Implement Security Program Management: Learn the processes and methodologies for developing, managing, and enhancing information security programs that align with organisational goals and regulatory requirements.

Target Audience

The CISM Certified Information Security Manager course is ideal for professionals seeking to enhance their information security management skills. This course is tailored for individuals in the following roles:

Information Security Managers

IT Managers

Risk Managers

Compliance Officers

Security Consultants

Security Analysts

Network Engineers

IT Directors

Corporate Trainers

Course content

Domain 1: Information Security Governance

Module 1: Introduction to Information Security Governance

About Information Security Governance
Reason for Security Governance
Security Governance Activities and Results
Risk Appetite
Organisation Culture

Module 2: Legal, Regulatory and Contractual Requirements

Introduction
Requirements for Content and Retention of Business Records

Module 3: Organisational Structures, Roles and Responsibilities

Roles and Responsibilities
Monitoring Responsibilities

Module 4: Information Security Strategy Development

Introduction
Business Goals and Objectives
Information Security Strategy Objectives
Ensuring Objective and Business Integration
Avoiding Common Pitfalls and Bias
Desired State
Elements of a Strategy

Module 5: Information Governance Frameworks and Standards

Security Balanced Scorecard
Architectural Approaches
Enterprise Risk Management Framework
Information Security Management Frameworks and Models

Module 6: Strategic Planning

Workforce Composition and Skills
Assurance Provisions
Risk Assessment and Management
Action Plan to Implement Strategy
Information Security Programme Objectives

Domain 2: Information Security Risk Management

Module 7: Emerging Risk and Threat Landscape

Risk Identification
Threats
Defining a Risk Management Framework
Emerging Threats
Risk, Likelihood and Impact
Risk Register

Module 8: Vulnerability and Control Deficiency Analysis

Introduction
Security Control Baselines
Events Affecting Security Baselines

Module 9: Risk Assessment and Analysis

Introduction
Determining the Risk Management Context
Operational Risk Management
Risk Management Integration with IT Life Cycle Management Processes
Risk Scenarios
Risk Assessment Process
Risk Assessment and Analysis Methodologies
Other Risk Assessment Approaches
Risk Analysis
Risk Evaluation
Risk Ranking

Module 10: Risk Treatment or Risk Response Options

Risk Treatment/Risk Response Options
Determining Risk Capacity and Acceptable Risk
(Risk Appetite)
Risk Response Options
Risk Acceptance Framework
Inherent and Residual Risk
Impact
Controls
Legal and Regulatory Requirements
Costs and Benefits

Module 11: Risk and Control Ownership

Risk Ownership and Accountability
Risk Owner
Control Owner

Module 12: Risk Monitoring and Reporting

Risk Monitoring
Key Risk Indicators
Reporting Changes in Risk
Risk Communication, Awareness and Consulting
Documentation

Domain 3: Information Security Programme Development and Management

Module 13: Information Security Programme Resources

Introduction
Information Security Programme Objectives
Information Security Programme Concepts
Common Information Security Programme Challenges
Common Information Security Programme Constraints

Module 14: Information Asset Identification and Classification

Information Asset Identification and Valuation
Information Asset Valuation Strategies
Information Asset Classification
Methods to Determine Criticality of Assets and Impact of Adverse Events

Module 15: Industry Standards and Frameworks for Information Security

Enterprise Information Security Architectures
Information Security Management Frameworks
Information Security Frameworks Components

Module 16: Information Security Policies, Procedures, and Guidelines

Policies
Standards
Procedures
Guidelines

Module 17: Information Security Programme Metrics

Introduction
Effective Security Metrics
Security Programme Metrics and Monitoring
Metrics Tailored to Enterprise Needs

Module 18: Information Security Control Design and Selection

Introduction
Managing Risk Through Controls
Controls and Countermeasures
Control Categories
Control Design Considerations
Control Methods

Module 19: Security Programme Management

Risk Management
Risk Management Programme
Risk Treatment
Audit and Reviews
Third-Party Risk Management

Module 20: Security Programme Operations

Event Monitoring
Vulnerability Management
Security Engineering and Development
Network Protection
Endpoint Protection and Management
Identity and Access Management
Security Incident Management
Security Awareness Training
Managed Security Service Providers
Data Security
Cryptography
Symmetric Key Algorithms

Module 21: IT Service Management

Service Desk
Incident Management
Problem Management
Change Management
Configuration Management
Release Management
Service Levels Management
Financial Management
Capacity Management
Service Continuity Management
Availability Management
Asset Management

Module 22: Controls

Internal Control Objectives
Information Systems Control Objectives
General Computing Controls
Control Frameworks
Controls Development
Control Assessment

Module 23: Metrics and Monitoring

Types of Metrics
Audiences
Continuous Improvement

Domain 4: Information Security Incident Management

Module 24: Security Incident Response Overview

Phases of Incident Response

Module 25: Incident Response Plan Development

Objectives
Maturity
Resources
Roles and Responsibilities
Gap Analysis
Plan Development

Module 26: Responding to Security Incidents

Detection
Initiation
Evaluation
Recovery
Remediation
Closure
Post-Incident Review

Module 27: Business Continuity and Disaster Recovery Planning

Business Continuity Planning
Disaster
Disaster Recovery Planning
Testing BC and DR Planning

MPES Support That Helps You Succeed

At MPES, we offer comprehensive support to help you succeed in your studies. With expert guidance and valuable resources, we help you stay on track throughout your course.

MPES Learning offers dedicated support to help you succeed in Accounting and Finance courses.
Get expert guidance from tutors available online to assist with your studies.
Check your eligibility for exemptions with the relevant professional body before starting.
Our supportive team is here to offer study advice and support throughout your course.
Access a range of materials to help enhance your learning experience. These resources include practice exercises and additional reading to support your progress.

Career Growth Stories

MPES Learning offers globally recognised courses in accounting,

Arvy Pasanting

As a qualified accountant, studying with MPES has been very rewarding experience. Its team of passionate and dedicated mentors gave me the confidence and knowledge I needed to not just at excel in my current role as an auditor, but also inspired me to expand my horizons. I am very grateful of the support I was given where the skills I gained extended beyond just passing exams and learning about accounting principles - it allowed me to take on roles that benefit the wider community.

Arvy Pasanting

Audit Senior (incoming Reconciliations Manager)

David Ford

I was recommended MPES after searching for a way to pursue a career in the accounting profession, I have studied with them throughout my journey utilising both their “in class” and online learning opportunities that fit around the needs of my employer, I have found them to be consummate professionals delivering first class accounting courses with support always available.

David Ford

Accountant

Aaron Allcote

As a finance officer, MPES has been a huge help in understanding the process of recording and processing transactions from all different perspectives. The courses are very easy to follow, and the training they provide can be applied to real-life scenarios. The courses have been a huge help for me, and I would highly recommend them.

Aaron Allcote

Finance Officer

Bob Beaumont

I completed all of my ACA studies with MPES and I think you would struggle to find a better training provider anywhere in the British Isles. MPES' tutors are excellent both at delivering training and giving individualised feedback and coaching. the supporting materials and the out of class support are also great.

Bob Beaumont

Senior Accountant

George Evans

The Financial Risk Management Course at MPES was invaluable in deepening my understanding of risk assessment and mitigation strategies. The hands-on learning approach allowed me to apply new concepts directly to my work. I highly recommend it for professionals in finance.

George Evans

Risk Manager

James Robinson

As a financial consultant, I am always seeking ways to enhance my expertise. The Investment Analysis Course at MPES exceeded my expectations, offering practical skills and knowledge that I can apply immediately in my consulting work. It's an outstanding choice for professionals in finance.

James Robinson

Financial Consultant

Laura Bennett

The Corporate Finance Course I attended at MPES was transformative. The depth of knowledge shared by the instructors and the relevance of the topics covered have directly impacted on our financial strategy. I strongly endorse this program for anyone in a leadership position in finance.

Laura Bennett

Chief Financial Officer

Emma Johnson

The Financial Modeling and Valuation Course at MPES was incredibly insightful. The practical applications and real-world examples helped solidify my understanding of complex concepts. I highly recommend this course to anyone looking to enhance their financial acumen.

Emma Johnson

Financial Analyst

Need help with your ACCA course?

Our course advisors are here to help guide you and ensure that you choose the right course for you and your career journey.

Call Us

Have Questions? We’ve Got You

If you have any questions, we’re here to help. Find the answers you need in the MPES detailed FAQ section.

Q. What is the primary focus of the CISM Certified Information Security Manager Course?

This course focuses on equipping professionals with the essential knowledge and skills needed to manage and govern enterprise information security programs. It helps delegates understand how to design, implement, and manage information security processes to protect organisational assets and meet business objectives, ensuring compliance with relevant laws and regulations.

Q. What will I learn during the training?

Delegates will learn about the core domains of information security management, including Information Risk Management, Governance, Incident Response, and Program Development. The course also covers best practices for developing security policies, managing vulnerabilities, and leading teams to ensure robust information security across the organisation.

Q. Who is this course intended for?

This course is designed for professionals in information security management roles, such as security managers, consultants, risk management professionals, and anyone involved in the planning, implementation, or management of information security programs within an organisation.

Q. Will this training provide experience with security management tools?

Yes, the course incorporates practical exercises, case studies, and real-world scenarios that allow delegates to apply their learning and gain hands-on experience with security management tools and techniques used in the industry.

Q. How does this course benefit my career in information security management?

This training helps professionals gain a thorough understanding of information security governance and risk management, positioning them as leaders in managing information security programs. It enhances career advancement opportunities, strengthens decision-making abilities, and increases credibility within organisations, driving confidence in managing security risks at the strategic level.

Related Course

Explore additional courses designed to complement your learning journey and enhance your professional skills. Expand your knowledge with these expertly curated options tailored to your career goals.

CISM Certified Information Security Manager Go To Course

04-Dec-2024

Read Blog

Course Schedule

£5995