CISM: Information Security Program Development and Management (Part 2)


Overview/Description
Target Audience
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description
An information security framework represents the entire IS management structure. This course examines governance frameworks such as COBIT 5 and industry standards like ISO/IEC 27001:2013. This course also examines the components of a security framework: operational components, management components, administrative components, and education and informational components. The course then explains how an IS program road map is defined, and the elements that make up the road map. Finally, the course describes the security architectures and how they are implemented. This course prepares you for the Certified Information Security Manager (CISM) exam and follows the 2015 ISACA Candidate Information Guide.

Target Audience
Experienced IT security professionals seeking to pass the Certified Information Security Manager (CISM) exam, or otherwise gain knowledge in managing, designing, and overseeing an enterprise's information security

Expected Duration (hours)
1.5

Lesson Objectives

CISM: Information Security Program Development and Management (Part 2)

  • describe the function of COBIT 5 in the information security management framework
  • identify the objectives of the information security management framework
  • describe the function of ISO/IEC 27001:2013 in the information security management framework
  • recognize the components of the information security management framework
  • create an information security program road map
  • recognize what the information security architecture involves
  • recognize the questions an information security manager should ask when building an IS architecture
  • develop an information security management framework

    • Course Number:
    sp_ciso_a07_it_enus

    Expertise Level
    Expert