Information Security Program Management: Introduction and Framework


Overview/Description
Target Audience
Expected Duration
Lesson Objectives
Course Number


Overview/Description
As an information security manager, it is your job to make sure that the program for information security management that is put in place is effective, cost-efficient, and most importantly, that it meets the business needs of the organization. This course examines what information security management is, how it is used, and the common challenges that an information security manager faces while trying to establish the program. This course also examines the roles and responsibilities of the individuals in the organization regarding the program, with special attention to the role of upper management and the commitment they must have towards the plan. Finally this course looks at components of the information security framework and metrics used to measure the effectiveness of the program. This course prepares you for the Certified Information Security Manager (CISM) exam.

Target Audience
Experienced IT security professionals seeking to pass the Certified Information Security Manager (CISM) exam, or otherwise gain knowledge in managing, designing, and overseeing an enterprise's information security.

Expected Duration (hours)
2.0

Lesson Objectives

Information Security Program Management: Introduction and Framework

  • identify the types of activities that are involved in managing information security
  • identify the tasks within the information security program management job practice area
  • match security management outcomes with corresponding descriptions of how to achieve each outcome
  • identify common challenges to information security management
  • match information security management roles to their corresponding responsibilities
  • recognize examples of information security management activities
  • recognize strategies for overcoming challenges related to information security management
  • determine the responsibilities of personnel given a specific information security outcome
  • match components of the information security management framework with corresponding examples
  • recognize examples of metrics used to measure performance of an information security program
  • recognize key concepts related to information security components and performance

    • Course Number:
    sp_cism_a09_it_enus