CISM: Information Security Governance (Part 2)

Overview/Description
Target Audience
Expected Duration
Lesson Objectives
Course Number

---

Overview/Description
Many companies realize that their information security is not in the state that it should be. As an information security manager, it will be your role to guide your organization to where information-related risks are controlled and sound information security processes are being followed by each and every employee. In order to move a company from a current state, to a desired state, there are many steps that must be taken. This course examines what an information security strategy is, frameworks and models you can use to build your strategy, who the strategy participants are, and constraints that may stand in your way. This course prepares you for the Certified Information Security Manager (CISM) exam and follows the 2015 ISACA Candidate Information Guide.

Target Audience
Experienced IT security professionals seeking to pass the Certified Information Security Manager (CISM) exam or otherwise gain knowledge in managing, designing, and overseeing an enterprise's information security

Expected Duration (hours)
2.0

Lesson Objectives

CISM: Information Security Governance (Part 2)

match the key participants in developing an information security strategy with their corresponding responsibilities

recognize appropriate models for developing an information security strategy

label examples of pitfalls that organizations may encounter as they develop an information security strategy

assess the effectiveness of a given management team's efforts to develop an information security strategy

recognize questions that an information strategy should answer

recognize two types of objectives an information security strategy should have

identify the key elements of a business case for an information security program

recognize key concepts related to approaches for determining the desired state of security

identify the aspects of security that must be assessed when determining the current state

identify the components of a roadmap for achieving security objectives

match constraints that must be considered when developing an information security strategy to their corresponding descriptions

assess the efforts of a given management team to create a roadmap for its information security strategy

Course Number:
sp_ciso_a02_it_enus