Course Introduction

CISM Exam Prep

Domain 1: Information Security Governance 17%*

• Enterprise Governance Overview
• Organizational Culture, Structures, Roles and Responsibilities
• Legal, Regulatory and Contractual Requirements
• Information Security Strategy
• Information Governance Frameworks and Standards
• Strategic Planning
• Practice Questions & Review

Domain 2: Information Security Risk Management 20%

• Risk and Threat Landscape
• Vulnerability and Control Deficiency Analysis
• Risk Assessment, Evaluation and Analysis
• Information Risk Response
• Risk Monitoring, Reporting and Communication
• Practice Questions & Review

Domain 3: Information Security Program 33%

• IS Program Development and Resources
• IS Standards and Frameworks
• Defining an IS Program Road Map
• IS Program Metrics
• IS Program Management
• IS Awareness and Training
• Integrating the Security Program with IT Operations
• Program Communications, Reporting and Performance Management
• Practice Questions & Review

Domain 4: Incident Management 30%

• Incident Management and Incident Response Overview
• Incident Management and Response Plans
• Incident Classification/Categorization
• Incident Management Operations, Tools and Technologies
• Incident Investigation, Evaluation, Containment and Communication
• Incident Eradication, Recovery and Review
• Business Impact and Continuity
• Disaster Recovery Planning
• Training, Testing and Evaluation
• Practice Questions & Review

Practice Questions & Review

CISM Exam Prep

*) % of questions on the exam

During the training, participants perform practical exercises to facilitate understanding of the issues discussed and prepare for the exam task.

To become CISM certified, the candidate must:

1. Pass the CISM Exam
2. Apply for certification within the five-year window after passing the exam.
3. Confirm 5 years of experience in the Information Security Management field. To find out whether or not your experience qualifies, you will need to view the CISM job practice areas at: https://www.isaca.org/credentialing/cism/cism-job-practice-areas. You must have experience within 3 out of the 4 domain areas. All experience must be within the 10 years of the application.
4. Verify of Work Experience

Additional information:

The price of the training includes a set of ISACA-accredited training materials for the participant:

• eBook CISM Official Review Manual, 16th Edition)
• A 12-month subscription to the CISM Exam Question, Answer and Explanation
• Certificate of completion of CISM training.

We also recommend the purchase of:

• CISM exam voucher.

Training organization

• Type of training: Public or In-house
• Delivery method: On-site or Remote (instructor-led live online classes)
• Training language: English
• Material language: English
• Group size: Up to 14 participants
• The candidate must set up an account on MyISACA https://www.isaca.org/myisaca
• Training materials, a database of sample exam questions and an exam voucher will be made available on the candidate’s MyISACA account

Remote training organization

• Each participant should register for a remote training session between 8:30-8:50am CET
• The workday will run from 9:00am to 3:30pm CET
• There will be several breaks during the working day, including a 60-minute lunch break and 10-minute coffee breaks after each hour of training
• A set of accredited training materials is distributed electronically

On-site training organization

• The workday will run from 9:00am to 5:00pm CET
• A set of accredited training materials is distributed electronically

Accreditation granted to Asseco Data Systems S.A. (Asseco Academy) by the Information Systems Audit and Control Association (ISACA) and APMG-International Limited.

CISM® is a registered trademark of Information Systems Audit and Control Association, Inc (ISACA), registered in the United States and other countries.