How To Teach A Security Manager



Similar documents
Certified Information Security Manager (CISM)

Certified Business Analysis Professional (CBAP )

PMI: Introducción a la Gestión de Proyectos

Cisco CCNP: Troubleshooting Certification Training with Real Live Practice Labs. Cisco

Cisco CCNP: Switch Certification Training with Real Live Practice Labs. Cisco

(Instructor-led; 3 Days)

Cambridge IGCSE.

Por qué ExecuTrain? Por qué ExecuTrain? Modalidad de servicio

Stepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM

COBIT Helps Organizations Meet Performance and Compliance Requirements

Equity and Fixed Income

COPYRIGHTED MATERIAL. Contents. Acknowledgments Introduction

Comments on Draft OECD/IOPS Good Practices on Pension Fund s Use of Alternative Investments and Derivatives

IMPLEMENTATION OF HIGH-PERFORMANCE SECURITY MANAGEMENT PROCESSES

DIPLOMADO EN BASE DE DATOS

Somewhere Today, A Project is Failing

FORMACIÓN E-LEARNING DE MICROSOFT

itsmf USA Problem Management Community of Interest

BtoB MKT Trends. El Escenario Online. Luciana Sario. Gerente de Marketing IDC Latin America 2009 IDC W W W. I D C. C O M / G M S 1

Application for CISM Certification

LINIO COLOMBIA. Starting-Up & Leading E-Commerce. Luca Ranaldi, CEO. Pedro Freire, VP Marketing and Business Development

En esta guía se encuentran los cursos que se recomiendan los participantes en la implementación de un SGEn en dependencias del Gobierno Federal.

Cursos elearning disponibles en Microsoft IT Academy Advanced Level NIVEL CURSO O COLECCIÓN DE CURSOS IDIOMA Windows Server 2008 Advanced Clinic

Military Scholarship & Employment Program (MSEP)

CISM ITEM DEVELOPMENT GUIDE

Tutorial: Towards better managed Grids. IT Service Management best practices based on ITIL

50399AE Diseño de soluciones Business Intelligence con Microsoft SQL Server 2008

Complimentary Relationship Between ITIL and PMBOK

Security Controls What Works. Southside Virginia Community College: Security Awareness

Introduction to ITIL for Project Managers

ITIL v3 Service Manager Bridge

Implicaciones para. CISA, CISM, CGEIT, CRISC, CISSP, OSCP, Cobit FC, ITIL v3 FC

Cybersecurity Audit Why are we still Vulnerable? November 30, 2015

How To Compare Itil To Togaf

Enhancing IT Governance, Risk and Compliance Management (IT GRC)

EVALUATION FRAMEWORK FOR SERVICE CATALOG MATURITY IN INFORMATION TECHNOLOGY ORGANIZATIONS

2013 ASIS PUERTO RICO CHAPTER Inc. PRESENTS: 2013 SECURITY PROGRAM DESIGN 2-Day Program

EA vs ITSM. itsmf

Domain 1 The Process of Auditing Information Systems

Oracle 11g Administration

Benchmark of controls over IT activities Report. ABC Ltd

Manejo Basico del Servidor de Aplicaciones WebSphere Application Server 6.0

Certified Information Systems Auditor (CISA)

PCI Policy Compliance Using Information Security Policies Made Easy. PCI Policy Compliance Information Shield Page 1

Skills Development Matrix

Preparation Guide. Side entry to the EXIN Expert in IT Service Management based on ISO/IEC 20000

Maintaining PCI-DSS compliance. Daniele Bertolotti Antonio Ricci

Summer Reading and Class Assignments Rising Seniors

IT Service Management ITIL, COBIT

ICAO State Safety Programme (SSP) Introduction

Terms of Reference for an IT Audit of

VMware vsphere with Operations Management: Fast Track

The CIPM certification is comprised of two domains: Privacy Program Governance (I) and Privacy Program Operational Life Cycle (II).

IS Management, ITIL, ISO, COBIT...

ISC Spain. Enjoy a unique experience.

Entrenamiento a Embajadores Ambassador training

CLASSIFICATION SPECIFICATION FORM

Information Security Management Systems

Sales Management Main Features

PA (Process. Areas) Ex - KPAs

Understanding COBIT 5. based on ISACA Materials Prepared by: Deb Mallette, CGEIT, CISA, CSSBB, IMG BSMS EPDM, Process Consultant

CONCEPTS OF INDUSTRIAL AUTOMATION. By: Juan Carlos Mena Adolfo Ortiz Rosas Juan Camilo Acosta

Enterprise Partner Sales Kickoff 2011 Plan: Connect Engage Execute John Carr, VP CALA

NEC Managed Security Services

Sage ERP X3 Standard Edition

Cursos Generales Complementarios. Universidad del TURABO. Escuela: Ingeniería Grado: Bachillerato

Governance and Management of Information Security

Preparation Guide. EXIN IT Service Management Associate based on ISO/IEC 20000

Adaptación de MoProSoft para la producción de software en instituciones académicas

INFORMATION SECURITY & GOVERNANCE SYSTEMS AND IT INFRASTRUCTURE INFOSEC & TECHNOLOGY TRAINING. forebrook

ITIL V3 Service Lifecycle Key Inputs and Outputs

Blend Approach of IT Service Management and PMBOK for Application Support Project

Val-EdTM. Valiant Technologies Education & Training Services. 2-day Workshop on Business Continuity & Disaster Recovery Planning

Prepárate. BT Computer ABCs for Women in Transition

Entry to Year 7 - Information for Parents

Project Management and ITIL Transitions

Título del curso Créditos Pre-requisitos

Hans Bos Microsoft Nederland.

Memorial Health Care System Catholic Health Initiatives Financial Assistance Application Form

ENVIRONMENT: Collaborative Learning Environment

CRISC Glossary. Scope Note: Risk: Can also refer to the verification of the correctness of a piece of data

LOS ANGELES UNIFIED SCHOOL DISTRICT REFERENCE GUIDE

SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles

Strategic IT audit. Develop an IT Strategic IT Assurance Plan

AULA EUROPEA DE EMPRESA

HKITPC Competency Definition

HPN Product Tools. Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.

How To Understand The Language Of Chile

16) INFORMATION SECURITY INCIDENT MANAGEMENT

Preparation Guide. EXIN IT Service Management Associate Bridge based on ISO/IEC 20000

Information Security Management System (ISMS) Overview. Arhnel Klyde S. Terroza

Business Case Outsourcing Information Security: The Benefits of a Managed Security Service

Transcription:

ISACA: Certified Information Security Manager Certification Training

Certified Information Security Manager (CISM) DESCRIPCIÓN: El programa de certificación CISM (Certified Information Security Manager) se ha desarrollado específicamente para los administradores de seguridad de la información con experiencia y aquellos que tienen responsabilidades de gestión de seguridad de la información. CISM es reconocida mundialmente como la principal certificación para gerentes de seguridad de la información. Nuestro curso CISM proporciona al estudiante los conocimientos y competencias para prepararse para el examen de certificación CISM 2011 reconocida a nivel mundial. La certificación CISM combina el logro de pasar un examen completo con el reconocimiento del trabajo, la gestión y la experiencia educativa, que le proporciona una mayor credibilidad en el mercado. Este curso sumergirá a los estudiantes en el tema, con una cobertura en profundidad de la información que abarca los cinco ámbitos que conforman el "Body of Knowledge" para el examen CISM 2011 y proporcionará al estudiante las herramientas técnicas para manejar, diseño, supervisar y evaluar la seguridad de la información de una empresa. CARACTERÍSTICAS DEL CURSO: Instructor altamente capacitado conduce presentaciones en vídeo. Puede revisar cada lección según sea necesario para reforzar sus conocimientos. Preguntas de Repaso. Soporte en línea en nuestra comunidad Mentoring. PRERREQUISITOS Este curso no tiene prerrequisitos establecidos. Se recomienda experiencia laboral en servicios de TI. Nuestro curso es en Idioma inglés y modalidad en línea a través del portal educativo de BPUniversity.

Certified Information Security Manager (CISM) Course Introduction Course Introduction Domain 01 - Information Security Governance Lesson 1: Information Security Governance Overview Information Security Governance Overview Importance of Information Security Governance Outcomes of Information Security Governance Lesson 2: Effective Information Security Governance Business Goals and Objectives Roles and Responsibilities of Senior Management Governance, Risk Management and Compliance Business Model for Information Security Dynamic Interconnections Lesson 3: Information Security Concepts and Technologies Information Security Concepts and Technologies Technologies Lesson 4: Information Security Manager Responsibilities Senior Management Commitment Obtaining Senior Management Commitment Establishing Reporting and Communication Channels Lesson 5: Scope and Charter of Information Security Governance Assurance Process Integration and Convergence Convergence Governance and Third-Party Relationships Lesson 6: Information Security Governance Metrics Metrics Effective Security Metrics Security Implementation Metrics Strategic Alignment Risk Management Value Delivery Resource Management Performance Measurement Assurance Process Integration/Convergence Lesson 7: Information Security Strategy Overview Another View of Strategy Lesson 8: Creating Information Security Strategy Information Security Strategy Common Pitfalls Objectives of the Information Security Strategy What is the Goal? Defining Objectives Business Linkages Business Case Development Business Case Objectives The Desired State COBIT COBIT Controls 3m 3hr 48m

COBIT Framework Capability Maturity Model Balanced Scorecard Architectural Approaches ISO/IEC 27001 and 27002 Risk Objectives Lesson 9: Determining Current State Of Security Current Risk BIA Lesson 10: Information Security Strategy Development Elements of a Strategy The Roadmap Strategy Resources and Constraints Lesson 11: Strategy Resources Policies and Standards Definitions Enterprise Information Security Architectures Controls Countermeasures Technologies Personnel Organizational Structure Employee Roles and Responsibilities Skills Audits Compliance Enforcement Threat Assessment Vulnerability Assessment Risk Assessment Insurance Business Impact Assessment Outsourced Security Providers Lesson 12: Strategy Constraints Legal and Regulatory Requirements Physical Constraints The Security Strategy Lesson 13: Action Plan to Implement Strategy Gap Analysis Policy Development Standards Development Training and Awareness Action Plan Metrics General Metric Considerations CMM4 Statements Objectives for CMM4 Domain 01 Review Domain 02 - Information Risk Management Lesson 1: Risk Management Overview Types of Risk Analysis The Importance of Risk Management Risk Management Outcomes Risk Management Strategy 2hr 18m

Lesson 2: Good Information Security Risk Management Context and Purpose Scope and Charter Assets Other Risk Management Goals Roles and Responsibilities Lesson 3: Information Security Risk Management Concepts Technologies Lesson 4: Implementing Risk Management The Risk Management Framework The External Environment The Internal Environment The Risk Management Context Risk Analysis Lesson 5: Risk Assessment NIST Risk Assessment Methodology Aggregated or Cascading Risk Other Risk Assessment Approaches Identification of Risks Threats Vulnerabilities Risks Analysis of Relevant Risks Risk Analysis Semi-Quantitative Analysis Quantitative Analysis Example Evaluation of Risks Risk Treatment Options Impact Lesson 6: Controls Countermeasures Controls Residual Risk Information Resource Valuation Methods of Valuing Assets Information Asset Classification Determining Classification Impact Lesson 7: Recovery Time Objectives Recovery Point Objectives Service Delivery Objectives Third-Party Service Providers Working with Lifecycle Processes IT System Development Project Management Lesson 8: Risk Monitoring and Communication Risk Monitoring and Communication Other Communications Domain 02 Review Domain 03 - Information Security Program Development Lesson 1: Development of Information Security Program Importance of the Program Outcomes of Security Program Development Effective Information Security Program Development Cross Organizational Responsibilities 2hr 50m

Lesson 2: Information Security Program Development Concepts Technology Resources Information Security Manager Lesson 3: Scope and Charter of Information Security Program Development Assurance Function Integration Challenges in Developing Information Security Program Pitfalls Objectives of the Security Program Program Goals The Steps of the Security Program Defining the Roadmap Elements of the Roadmap Gap Analysis Lesson 4: Information Security Program Resources Resources Documentation Enterprise Architecture Controls as Strategy Implementation Resources Common Control Practices Countermeasures Technologies Personnel Security Awareness Awareness Topics Formal Audits Compliance Enforcement Project Risk Analysis Other Actions Other Organizational Support Program Budgeting Lesson 5: Implementing an Information Security Program Policy Compliance Standards Compliance Training and Education ISACA Control Objectives Third-party Service Providers Integration into Lifecycle Processes Monitoring and Communication Documentation The Plan of Action Lesson 6: Information Infrastructure and Architecture Managing Complexity Objectives of Information Security Architectures Physical and Environmental Controls Lesson 7: Information Security Program Information Security Program Deployment Metrics Metrics Strategic Alignment Risk Management Value Delivery Resource Management Assurance Process Integration Performance Measurement Security Baselines

Domain 04 - Information Security Program Management Lesson 1: Information Security Management Overview Importance of Security Management Outcomes of Effective Security Management Risk Management Value Delivery Business Process Assurance Lesson 2: Organizational Roles and Responsibilities Information Security Manager Responsibilities Risk Management Responsibilities Technology Competencies Management and Administrative Responsibilities Board of Directors Executive Management Security Steering Committee Information Technology Unit Business Unit Manager Other Business Units Lesson 3: The Framework for Information Security Management Technical Components Operational Components of Security Management Components of Security The Administration Components of Security Other Components Lesson 4: Measuring Performance Measuring Risk and Loss Metrics for Organizational Objectives Determining Compliance Measuring Productivity Other Metrics Lesson 5: Challenges Facing Information Security What Is the State of Security Management The State of Information Security Management Lesson 6: Resources Control Best Practices Control Countermeasures Other Control Countermeasures Lesson 7: Other Management Considerations Implementation of the Security Program Management Management Metrics and Monitoring Other Security Monitoring Efforts The Lifecycle Process Other Aspects of Monitoring What Should Be Done About Noncompliance Issues Domain 05 - Incident Management and Response Lesson 1: Responding to the Incident Overview Responding to the Incident Overview Response and Management Incident Response Planning Importance of Incident Response Outcomes of the IRP 2hr 22m 2hr 57m

Lesson 2: Incident Management Concepts Software Engineering Institute Definitions Technologies of Incident Response Incident Management Charter Lesson 3: The Incident Response Manager The Objectives of Incident Management Monitoring and Measuring Incident Management Alignment Integration Other Incident Management Considerations Lesson 4: What Are Good Incident Management Procedures The Difficulties of Creating an Incident Management Plan Lesson 5: Resources for Incident Management Human Resources Incident Response Team Organization IRT Roles and Responsibilities IRT Roles IRT Skills BIA IRT Capability Combining the BIA with the IRT Creating the Incident Response Plan Response and Recovery Plans Goals of Recovery Operations Choosing a Site Selection Implementing the Strategy Incident Management Response Teams Network Service High-availability Storage High-availability Risk Transference Other Response Recovery Plan Options Lesson 6: Testing Response and Recovery Plans Periodic Testing Analyzing Test Results Measuring the Test Results Lesson 7: Executing the Plan Updating the Plan Intrusion Detection Policies Who to Notify about an Incident Recovery Operations Other Recovery Operations Forensic Investigation Hacker / Penetration Methodology Demo - Vulnerability Scan Domain 05 Review Course Closure Total Duration: 14hrs 19m ITIL is a registered trade mark of AXELOS Limited. The Swirl logo is a trade mark of AXELOS Limited. IT Infrastructure Library is a Registered Trade Mark of AXELOS Limited ISO, IEC, Microsoft, MOF, COBIT, ISACA, CISA, CISM, CRISC, Risk IT, SEI, CMMI, PMI, PMP, PMBOK, Glomark-Governan, EVC, Genius, BMC, Remedy, HP, Service Manager, BAC are trademarks or registered trademarks of their respective holders. All other bodies of knowledge, certifications, organizations, companies, products, services, brands, and logos may be trademarks or registered trademarks of their respective holders.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information