Certified Information Security Manager
CISM
5 Day Intensive Course
™
Certified Information
Security Manager™
The ISACA® Certified Information Security Manager™ is the fastest growing and
arguably the most prestigious qualification available for Information Security
managers today.
CISM properly recognises that security is first and foremost a management rather than
a technical issue. CISM defines the core competencies and international standards of
performance that information security managers are expected to master. It provides
executive management with the assurance that those who have earned their CISM have
the experience and knowledge to offer effective security management and advice.
This 5-day training program is presented by international security expert Krag Brotby,
lead author of official ISACA CISM Review manual and recipient of the ISACA 2009
John W. Lainhart IV Common Body of Knowledge Award. The course provides an
intense environment in which participants can acquire, thoroughly
and properly, the skills and knowledge expected of a world-class
information security manager. In the process the course provides
outstanding preparation for the CISM exam.
refer to website
for current dates
www.alctraining.co.nz
CISM and Certified Information Security Manager are the registered trademarks of ISACA, the Information Systems Audit and Control Association
CISM™Certified Information
Security Manager™
Course Objectives
Background to the CISM Qualification
This course has been independently
commissioned with two objectives:
The CISM has evolved from a comprehensive analysis of the
1. To provide an environment in which
tasks performed by, and knowledge areas that are required of,
security professionals can acquire,
successful information security managers around the world. Five
thoroughly and properly, the skills and
core competencies have been identified:
knowledge expected of a world-class
information security manager. Whether
■ Information Security Governance
or not you intend to sit for the CISM
■ Risk Management
exam, this course is a powerful way to
equip yourself with the knowledge of
■ Information Security Program Management
the five core competencies that define
■ Information Security Management
the successful information security
■ Response Management
manager
2. To maximise your prospects at the
The CISM qualification has been created to measure and validate
CISM exam if you choose to sit it.
the attainment of international standards of performance that
information security managers are expected to master. It provides
Who Should Attend
executive management with the assurance that those who have
The CISM designation is for Information
earned their CISM have the experience and knowledge to offer
Security professionals who have 3-5 years
of front-line experience with the security
effective security management and consulting services.
of information. This credential is geared
towards Information Security managers
Who Should Earn the CISM Designation?
and those who have information security
CISM is more than an entry-level certification. It is specifically
management responsibilities.
developed for the information security professional who has
Course Structure
acquired experience working on the front lines of information
This 5-day course is structured to follow
security. Individuals with three years or more of experience
the CISM review manual and examination
managing the information security function of an enterprise or
flow. A ful day is provided for each of the
performing such duties will find CISM tailored to their knowledge
core competencies and associated task and
knowledge statements, thereby ensuring
and skills.
a detailed and thorough coverage of al areas
that will be tested. The fundamental thrust
Benefits of CISM Certification
of the examination is on understanding the
concepts, not on memorizing facts. As a
■ Recognition of attainment of advanced job skills as
result, the course wil be presented in an
required for an information security professional
interactive manner to ensure the underlying
■ Worldwide recognition as an information security
concepts are understood and examination
manager
questions can be analysed properly to
achieve the correct answer.
■ Opportunity to build upon existing certifications/
credentials already earned
Credits for Other Qualifications
■ Provides tangible evidence of career growth
If you have other security qualifications
■ Potential for a salary increase and/or promotion
you may be entitled to a one, or even two,
year experience waiver. Please refer to our
Exclusive Warranty
website for details.
This course is the result of extensive research and development
What You Receive
combined with high-level expertise. ALC backs the quality of this
■ Comprehensive and rigorous 5-day
course unreservedly with an exclusive warranty. If for whatever
coverage of all the material needed for
reason the unthinkable should happen and you do not pass the
the CISM exam
■ Official CISM Review Manual
CISM exam the first time, you are entitled to re-sit the entire
■ CISM 100-Question Practice Test
course, or any part thereof, for free on any subsequent date.
Manual
■ A structured program of assignments
and exercises to complete after the
course and before the exam
■ Exclusive access to our CISM Hotline
www.alctraining.co.nz
and pre-exam online support
Refer to Website for Current Dates
CISM™ Certified Information Security Manager™
Course Content
1 Information Security
■ Security Metrics and Monitoring
Governance and
3 Information Security
Program Management
■ The Change Management
Strategy
Process
1. Introduction
■ Vulnerability Assessments
1. Introduction
■ Definition
■ Due Diligence
■ Definition
■ Objectives
■ Resolution of Non-Compliance
■ Objectives
■ Tasks
Issues
■ Tasks
■ Overview
■ Culture, Behaviour and Security
■ Overview
2. Topics
Awareness
2. Topics
■ Planning
Practice Questions
Review of Practice Questions
■ Effective Information Security
■ Security Baselines
Governance
Reference Materials and Glossary
■ Business Processes
■ Key Information Security
■ Infrastructure
Concepts and Issues
■ Malicious Code (Malware)
5 Response
■ The IS Manager
■ Life Cycles
Management
■ Scope and Charter of
■ Impact on End Users
Information Security Governance
■ Accountability
1. Introduction
■ IS Governance Metrics
■ Security Metrics
■ Definition
■ Developing an IS Strategy –
■ Managing Internal and External
■ Objectives
Common Pitfalls
Resources
■ Tasks
■ IS Strategy Objectives
Practice Questions
■ Overview
■ Determining Current State of
Review of Practice Questions
2. Topics
Security
Reference Materials and Glossary
■ Performing a Business Impact
■ Strategy Resources
Analysis
■ Strategy Constraints
■ Developing Response and
■ Action Plan Immediate Goals
4 Information Security
Management
Recovery Plans
■ Action Plan Intermediate Goals
■ Incident Response Processes
Practice Questions
1. Introduction
Review of Practice Questions
■ Testing the Response and
■ Definition
Reference Materials and Glossary
Recovery Plans
■ Objective
■ Executing Response and
2
■ Tasks
Risk
Recovery Plans
■ Overview
Management
■ Documenting Events
2. Topics
■ Post Event Reviews
1. Introduction
■ Implementing Effective
Practice Questions
■ Definition
Information Security
Review of Practice Questions
■ Objective
Management
Reference Materials and Glossary
■ Tasks
■ Security Controls and Policies
■ Overview
■ Standards and Procedures
2. Topics
■ Trading Partners and Service
Providers
■ Effective Information Security
Risk Management
■ Integration into Life Cycle
Processes
CISM Exam
■ Implementing Risk Management
Refer to Website for Current Dates
■ Risk Identification and Analysis
Methods
The CISM exam is set, administered and marked by ISACA, the Information
■ Mitigation Strategies and
Systems Audit and Control Association® (www.isaca.org). The exam is held
Prioritisation
twice per year in June and December and consists of 200 multiple-choice
questions. Comprehensive information is available in the “CISM Exam Bulletin
■ Reporting Changes to
Management
of Information” which can be downloaded from the ISACA web site or from the
CISM page on our own web site. You must register directly with ISACA by the
Practice Questions
Exam Closing Date. ISACA does not accept late registrations under any
Review of Practice Questions
circumstances.
Reference Materials and Glossary
www.alctraining.co.nz
Presenter: Krag Brotby
Presenter Krag Brotby has more than twenty Brotby is a frequent presenter at numerous conferences globally and
years in the computer security field with a focus conducts training seminars for information security governance and
on governance and architecture. He is co-author information security management and metrics throughout Asia, Australia,
of the official ISACA CISM Review manuals and the Middle East, and the US, including training for the US Department of
related presentation materials. Brotby has served Defence.
on the ISACA security practice development He has authored numerous white papers and articles on risk management,
committee and has been appointed to the Test PKI, and training and is a foundation patent holder in the early days of digital
Enhancement Committee which defines the rights management.
practice area for the coming years. As a con-
tributor of CISM examination questions, Krag Clients have included Microsoft, Unisys, AT&T, Alyeska, Countrywide
has an intimate understanding of the type and Financial, Informix, VISA, Verisign, Digital Signature Trust, Australia Post,
level of security governance knowledge required ZANTAZ, Bank Al Bilad, JP Morgan Chase, Singapore Government,
to be successful at the examination.
Certicom, Paycom among others.
An early contributor to SABSA methodology and developer of the Business He is currently focused on an information security metrics project for
Process Assurance model (BPA) and the Rapid Security Assessment ISACA as the researcher and author in addition to completing reference
Model (RSAM), Krag has extensive experience with security governance books on security metrics and security governance for Auerbach and Wiley
issues and practices. He is author of Information Security Governance: and Sons. Mr Brotby is based in California, USA.
Guidance for Boards of Directors and Executive Management published by
the IT Governance Institute (2006).
HOW TO REGISTER
COURSE DETAILS
Register Online
FEES: (per delegate)
A$
CISM™ Certified Information Security Manager
1.
3450 +GST
www.alctraining.co.nz
Course fee does not include exam
Send your details by email
VENUE: The course will be held at a high quality centrally-located hotel. Full
2.
learn@alctraining.co.nz
details will be on your confirmation letter and can also be found on our web site.
Fax the Enrolment Form below to:
COURSE INFORMATION: The course is held from 9.00am to 5.00pm and
Fax: 09 353 1834
registration is from 8.30am. Fees include lunch, refreshments and all course
3.
materials.
Any queries please call Customer Service
TERMS and GUARANTEE: To ensure your admission to the course, fees are
Tel: 09 359 7404 or 0800 540 161
payable in advance. To guarantee your satisfaction we offer a money-back or
4.
full credit policy. Details will be on your confirmation letter and our website.
Post the completed Enrolment Form to:
Cancellations with full refund will be accepted up to 10 working days before
ALC Training NZ Limited
the course. After that time no refunds can be given, but substitutions may be
5.
Level 20, ASB Bank Centre,
sent at any time.
135 Albert Street, Auckland 1010
ALC Training NZ Limited is a leading provider of quality IT training for business and
government in the Asia-Pacific region. ALC courses are held in Australia, Hong Kong,
ENROLMENT FORM
Malaysia, New Zealand and Singapore. ALC specialises in the three leading best-
practice frameworks: ITIL for IT Service Management, PRINCE2 for Project Management
- CISM™ Certified Information Security Manager™
and SABSA for Security Management. ALC has no affiliations with vendors of software
or hardware and provides completely independent unbiased education.
NAME
POSITION
CITY
Mr/Mrs/Miss/Ms
1 Email
Mobile
Mr/Mrs/Miss/Ms
2 Email
Mobile
TRACK CODE: A B C D R
Organisation:
Address:
Postcode:
Phone: ( )
Fax: ( )
1. Cheque payable to ALC Training NZ Limited
2. Purchase Order No.:
3. Charge to: Master Card Visa Amex
Cardholder Name:
Card No.:
Exp Date:
/
Signature: ✗
Mr/Mrs/Miss/Ms
Mr/Mrs/Miss/Ms
Person Position
Phone
Send
Position
Phone
Making
Invoice
Booking:
To:
Email
Email
© ALC ALC Training NZ Limited. IRN 103-913-004. All rights reserved.
