IT Security 202, A Holistic Approach 3/4

This course is now conducted online and is instructor-led in small groups. We’re sorry to those who had wanted to do this this training in-person, but due to the current circumstances around Covid, we have moved delivery to ZOOM. Security is about your safety too!

Part three of four

Responsibility for information security

We will take you through the 4 key domains for the CISM (Certified Information Security Manager) program and touch on all 8 domains of CISSP to make sure you have the full understanding of role of a security professional. This is a critical starting point to becoming an IT security professional.

This is a two day course. Price £1785.

Module 1: Information Security Governance
  • Outline
  • Knowledge Statements
  • Introduction to Information Security Governance
  • Effective Information Security Governance
  • Governance and Third Party Relationships
  • Information Security Metrics
  • Information Security Governance Metrics
  • Information Security Strategy
  • Information Security Strategy Development
  • Strategy Resources and Constraints
  • Other Frameworks
  • Compliances
  • Action Plans to Implement Strategy
  • Governance of Enterprise IT
Module 2: Information Risk Management and Compliance
  • Information Risk Management
  • Task and Knowledge Statements
  • Risk Management Overview
  • Risk Assessment
  • Information Asset Classification
  • Assessment Management
  • Information Resource Valuation
  • Recovery Time Objectives
  • Security Control Baselines
  • Risk Monitoring
  • Training and Awareness
  • Information Risk Management Documentation
Module 3: Information Security Program Development and Management
  • Task and Knowledge Statements
  • Information Security Program Management Overview
  • Information Security Program Objectives
  • Information Security Program Concepts
  • Information Security Program Technology Resources
  • Information Security Program Development
  • Information Security Program Framework
  • Information Security Program Roadmap
  • Enterprise Information Security Architecture (EISA)
  • Security Program Management and Administration
  • Security Program Services and Operational Activities
  • Controls
  • Security Program Metrics and Monitoring
  • Measuring Operational Performance
  • Common Information Security Program Challenges
Module 4: Information Security Incident Management
  • Task and Knowledge Statements
  • Incident Management Overview
  • Incident Management Procedures
  • Incident Management Resources
  • Incident Management Objectives
  • Incident Management Metrics and Indicators
  • Defining Incident Management Procedures
  • Business Continuity and Disaster Recovery Procedures
  • Post Incident Activities and Investigation
  • ISACA Code of Professional Ethics
  • Laws and Regulations
  • Policy Versus Law Within an Organization
  • Ethics and the Internet IAB
  • Certified Information Security Manager
  • Certification requirements
  • CISM in the Workplace
  • The CISM Priorities
  • Understand How Questions Are Structured
  • Preparing for the Examination
  • Recommended Reading for the CISM Exam
  • Exam Favourites
View part two
View part four
Register