Information Security Program Development: Resources


Overview/Description
Target Audience
Expected Duration
Lesson Objectives
Course Number


Overview/Description
As an information security manager, one of your primary responsibilities will be to manage and leverage company and external resources needed to make your projects succeed. This course examines information security infrastructures and architectures and the industry models that can be used as a basis for them. This course also examines controls and countermeasures that can be used to detect, prevent, and protect company resources. It examines the roles of individuals in an information security program, and looks at how documentation is kept at all levels while creating the information security program. This course prepares you for the Certified Information Security Manager (CISM) exam.

Target Audience
Experienced IT security professionals seeking to pass the Certified Information Security Manager (CISM) exam, or otherwise gain knowledge in managing, designing, and overseeing an enterprise's information security

Expected Duration (hours)
2.0

Lesson Objectives

Information Security Program Development: Resources

  • recognize the definition of information security architecture
  • recognize key concepts of the SABSA Model for security architecture development
  • recognize how to use personnel-related resources during information security program development and implementation
  • recognize examples of activities that build a security culture
  • recognize the results of commonly used risk analysis methods
  • recognize the key concepts related to information security architecture
  • recognize the methods for managing human resources during the development and implementation of an information security program
  • distinguish between various risk analysis methods
  • recognize principles of effective security control
  • match types of information security controls with corresponding examples
  • match technologies with their corresponding definitions
  • recognize audit and enforcement activities given a scenario
  • recognize security controls and control principles
  • recognize the role that a given technology plays in ensuring an information security program is effective
  • recognize the role that policies, audits, and compliance enforcement play in ensuring an information security program is effective

    • Course Number:
    sp_cism_a07_it_enus