CISM Online Training

This intermediate ISACA CISM training prepares learners to take the CISM exam, which is the one required exam to earn the CISM certification.

In any industry, there are professional organizations who design certifications to help define what skills and knowledge are necessary to be considered an expert within the profession. For the world of information security, ISACA is one such organization. The nonprofit org publishes several certifications to define what an expert in developing, managing or maintaining information security programs looks like.

The Certified Information Security Manager is central to a serious security engineer's career — earn one and you can prove your expertise in enterprise information security governance, management and incident response.

For anyone who manages their ISACA training, this ISACA training can be used for CISM exam exam prep, onboarding new security engineers, individual or team training plans, or as a ISACA reference resource.

CISM: What You Need to Know

This CISM training maps to the CISM exam information security exam objectives, and covers topics such as:

Overseeing the actions of information security risk management teams
Analyzing and interpreting infosec governing documents and regulations for your organization
Moving on from technical mastery of information security and into team management
Leading infosec incident response planning and execution

Who Should Take CISM Training?

This CISM training is considered professional-level ISACA training, which means it was designed for security engineers. This information security skills course is designed for security engineers with three to five years of experience with information security and risk management.

New or aspiring security engineers. If you're a brand new security engineer, the CISM may be a tall hurdle to clear at the start of your career. One of the minimum requirements of earning the CISM is 5 years of professional information security management work experience, so you may be best served preparing for it as you work. That said, it's not like the knowledge the cert tests for is restricted to five years of experience: you're free to take the training and even try for the exam at any time. Getting CISM training can help you advance your career whenever you're ready to.

Experienced security engineers. If you've been working as a security engineer for several years already, the CISM has probably been looming in the distance ahead of you for some time. Earning it is a huge milestone in any career and can lead to promotions and more responsibilities. It also costs $575 to attempt the test, so you want to be very sure you're completely ready. CISM training will help make sure you nail the test and don't have to pay for it more than once.

Skill:
Establishing an Information Security Strategy
- 1. Overview
  1 min
- 2. Information Security Governance
  12 mins
- 3. Information Security Strategy
  11 mins
- 4. Security Frameworks
  7 mins
- 5. Identifying and Managing Strategic Objectives
  7 mins
- 6. Business Model for Information Security (BMIS)
  6 mins
- 7. Section Review
  6 mins
- 8. Conclusion
  1 min
Skill:
Security Program Resources
- 1. Overview
  1 min
- 2. Policies, Processes, and Procedures
  8 mins
- 3. Standards, Guidelines, and Architecture
  6 mins
- 4. Controls, Metrics, and Assets
  9 mins
- 5. Risk Ledgers, Vulnerability Assessments, and Insurance oh my!
  6 mins
- 6. Critical Data, BIA’s, and BC/DR Planning
  10 mins
- 7. Incident Logs, Audits, & Culture
  5 mins
- 8. Security Training, Third Party Risk, & LCR Requirements
  6 mins
- 9. Conclusion
  1 min
Skill:
Keys to a Successful Security Program Implementation
- 1. Overview
  1 min
- 2. Creating a Business Case
  11 mins
- 3. Communications & Reporting
  7 mins
- 4. Communicating Technical Information
  6 mins
- 5. Management Commitment
  8 mins
- 6. Security Awareness Training
  7 mins
- 7. Common Causes of Failure
  10 mins
- 8. Conclusion
  1 min
Skill:
Security Roles and Metrics
- 1. Overview
  1 min
- 2. Organizational Roles
  13 mins
- 3. Data Roles
  4 mins
- 4. Metrics
  8 mins
- 5. Metrics Example 1
  13 mins
- 6. Metrics Example 2
  10 mins
- 7. Security Balanced Scorecard
  7 mins
- 8. Conclusion
  1 min
Skill:
Implementing Risk Management
- 1. Overview
  1 min
- 2. The Role of Risk Management
  7 mins
- 3. Risk Management Frameworks
  11 mins
- 4. Risk Management Strategy
  10 mins
- 5. Analyzing Risk
  11 mins
- 6. Risk Analysis Techniques
  8 mins
- 7. Treating Risk
  12 mins
- 8. Conclusion
  1 min
Skill:
Risk Management Standards
- 1. Overview
  1 min
- 2. Risk Management Activities
  11 mins
- 3. NIST SP 800-39
  11 mins
- 4. NIST SP 800-30
  9 mins
- 5. ISO/IEC 27005
  12 mins
- 6. Factor Analysis of Information Risk (FAIR)
  6 mins
- 7. Conclusion
  1 min
Skill:
Asset Inventory and Threats
- 1. Overview
  1 min
- 2. Hardware, Software, and Information Assets
  9 mins
- 3. Cloud and Virtual Assets
  14 mins
- 4. Asset, Information, and System Classification
  10 mins
- 5. Asset Valuation
  4 mins
- 6. Identifying Threats to Assets
  8 mins
- 7. Identifying Asset Vulnerabilities
  5 mins
- 8. Conclusion
  1 min
Skill:
Operational Risk Management
- 1. Overview
  1 min
- 2. Risk Management Objectives
  15 mins
- 3. Third-Party Risk Management
  19 mins
- 4. The Risk Register
  6 mins
- 5. Integrating Risk Management into Other Processes
  9 mins
- 6. Risk Monitoring and Reporting
  6 mins
- 7. Conclusion
  1 min
Skill:
Phases of Incident Response
- 1. Overview
  1 min
- 2. Incident Response Preparation
  13 mins
- 3. Incident Response Planning
  10 mins
- 4. Detection, Initiation, and Evaluation
  9 mins
- 5. Containment, Eradication, and Recovery
  7 mins
- 6. Remediation, Closure, and Post-Incident Review
  5 mins
- 7. Incident Response Resources
  7 mins
- 8. Conclusion
  1 min
Skill:
Business Continuity and Disaster Recovery Planning
- 1. Overview
  1 min
- 2. BC and DR Planning
  4 mins
- 3. BC/DR Planning Process
  12 mins
- 4. Creating a BC Plan
  8 mins
- 5. DR Planning
  15 mins
- 6. Resiliency Technologies
  8 mins
- 7. Testing BC/DR Plans
  6 mins
- 8. Conclusion
  1 min
Skill:
Information Security Program Development
- 1. Overview
  1 min
- 2. Designing an Information Security Program
  5 mins
- 3. Information Security Program Details
  7 mins
- 4. Information Security Architecture
  6 mins
- 5. Information Security Program Management
  11 mins
- 6. Security Policies
  9 mins
- 7. Conclusion
  1 min
Skill:
IS Audit Planning
- 1. Overview
  1 min
- 2. Discussing IS Audit Standards, Guidelines, and Code of Ethics
  9 mins
- 3. Evaluating the Business Process
  10 mins
- 4. Auditing Business Applications
  13 mins
- 5. Defining Types of Controls
  9 mins
- 6. Analyzing Risk Based Audit Planning
  10 mins
- 7. Identifying Types of Audits
  5 mins
- 8. Conclusion
  1 min
Skill:
IS Audit Execution
- 1. Overview
  1 min
- 2. Discussing Audit Project Management
  11 mins
- 3. Sampling Methodologies
  7 mins
- 4. Considering Audit Evidence Collection Techniques
  9 mins
- 5. Exploring Data Analytics
  11 mins
- 6. Implementing Continuous Online Auditing
  7 mins
- 7. Exploring Reporting and Communication Techniques
  7 mins
- 8. Ensuring Quality and Improvement of the Audit Process
  5 mins
- 9. IS Audit Process Domain Review
  9 mins
- 10. Conclusion
  1 min
Skill:
Data Classification and Encryption
- 1. Overview
  1 min
- 2. Exploring Data Classification
  4 mins
- 3. Covering Encryption Basics
  3 mins
- 4. Reviewing Encryption Systems
  6 mins
- 5. Diving into Digital Signatures
  8 mins
- 6. Touring Cryptographic Applications
  3 mins
- 7. Examining Public Key Infrastructure (PKI)
  5 mins
- 8. Conclusion
  1 min
Skill:
Security Program Operations
- 1. Overview
  1 min
- 2. SOCs and Event Monitoring
  11 mins
- 3. Vulnerability and Patch Management
  8 mins
- 4. Network Protection
  13 mins
- 5. Content Filtering
  12 mins
- 6. Endpoint Protection and Management
  7 mins
- 7. Conclusion
  1 min
Skill:
Security Program Management Functions
- 1. Overview
  1 min
- 2. Secure Engineering and Development
  7 mins
- 3. Identity and Access Management
  13 mins
- 4. Security Training and MSSPs
  13 mins
- 5. Data Backup and Recovery
  16 mins
- 6. Financial and Capacity Management
  5 mins
- 7. Conclusion
  1 min
Skill:
Security Controls and Control Frameworks
- 1. Overview
  1 min
- 2. Security Controls
  6 mins
- 3. Security Control Categories
  5 mins
- 4. Security Control Functions
  6 mins
- 5. Testing Security Controls
  8 mins
- 6. Control Objectives and Frameworks
  8 mins
- 7. Designing Controls
  7 mins
- 8. Security Control Review
  15 mins
- 9. Conclusion
  1 min

Loading transcripts...

The Role of Risk Management

Access all premium content with a free week!

Start a free week

Course overview

1 HOURS OF TRAINING

SKILLS

VIDEOS

VIRTUAL LABS

1 PRACTICE EXAM

Bob Salmans

Nugget trainer since 2020

Read the full bio

What is it like to train with us?

Our learners say it best.

Helps me learn the skills I need when I need them

THOMAS S. | SYSTEMS ENGINEER & CONSULTANT

Read Reviews

ISACA CISM – Certified Information Security Manager FAQs: Cost, Training, Value

What will you learn in this Certified Information Security Manager training?

You'll learn everything you need to prove that you're ready to assume the responsibilities of managing an enterprise network's cybersecurity program. This thorough course prepares you for the CISM exam from ISACA and covers managerial expertise in security governance, program development, risk management and handling incidents that do occur.

Who should take this Certified Information Security Manager course?

Anyone who wants to advance their career from an IT tech or security technician position into a managerial role or senior engineer in the cybersecurity field should consider this Certified Information Security Manager course. Take this course, earn the CISM from ISACA and prepare yourself for enterprise security management roles.

Is this Certified Information Security Manager training associated with any certifications?

Yes, this course was specifically tailored to the learning objectives of ISACA's Certified Information Security Manager certification. ISACA is one of the IT industry's most respected certifying bodies for cybersecurity professionals and the CISM is a certification earned by some of the best-trained, most capable security managers.

What certification should you consider after taking this Certified Information Security Manager course?

You don't have to attempt the Certified Information Security Manager exam after taking this course, but if you don't, you'd be missing a valuable opportunity. What you'll learn from this course is valuable for anyone in a managerial position in an enterprise network, but it's especially good for cert prep.

Why should you take this Certified Information Security Manager training?

You should take this Certified Information Security Manager training if you have any interest in earning ISACA's premier certification in information security governance, program development and incident response. You'll learn what the best enterprise cybersecurity program managers know how to do, which can advance your career into exciting positions.

Certified in Risk and Information Systems Control (CRISC)

(ISC)² CISSP – Certified Information Systems Security Professional

What is it like to train with us?

Our learners say it best.

ISACA CISM – Certified Information Security Manager FAQs: Cost, Training, Value

Let's chat!