Certified Information Security Manager (CISM)
Defscope will provide training based on ISACA’s Certified Information Security Manager® (CISM) certification program.
ISACA is a professional membership organization committed to the advancement of digital trust by empowering IS/IT professionals to grow their skills and knowledge in audit, cybersecurity, emerging tech and more.
ISACA’s Certified Information Security Manager® certification indicates expertise in information security governance, program development and management, incident management and risk management. If you are a mid to advanced-career IT professional aspiring to senior management roles in IT security and control, CISM can get you the visibility you need.
Biz nə öyrədirik?
Module 1: Information security governance
· Organizational Culture
· Legal, Regulatory and Contractual Requirements
· Information Security Strategy Development
· Organizational Structures, Roles and Responsibilities
· Information Governance Frameworks and Standards
· Strategic Planning (e.g., Budgets, Resources, Business Case)
Module 2: Risk Management
· Emerging Risk and Threat Landscape
· Vulnerability and Control Deficiency Analysis
· Risk Assessment and Analysis
· Risk Treatment / Risk Response Options
· Risk and Control Ownership
· Risk Monitoring and Reporting
Module 3: Information security program development and management
· Information Security Program Resources (e.g., People,Tools, Technologies)
· Information Asset Identification and Classification
· Industry Standards and Frameworks for Information Security
· Information Security Policies, Procedures and Guidelines
· Information Security Program Metrics
· Information Security Control Design and Selection
· Information Security Control Implementation and Integrations
· Information Security Control Testing and Evaluation
· Information Security Awareness and Training
· Management of External Services (e.g., Providers,Suppliers, Third Parties, Fourth Parties)
· Information Security Program Communications and Reporting
Module 4: Information security incident management
· Incident Response Plan
· Business Impact Analysis (BIA)
· Business Continuity Plan (BCP)
· Disaster Recovery Plan (DRP)
· Incident Classification/Categorization
· Incident Management Training, Testing and Evaluation
· Incident Management Tools and Techniques
· Incident Investigation and Evaluation
· Incident Response Communications (e.g., Reporting, Notification, Escalation)
· Incident Eradication and Recovery
· Post-Incident Review Practices
Təlimçi
Vusal Salmanli
Principal Cyber Security Consultant
Background: Former Systems & Network Engineer turned into global cybersecurity instructor, consultant and business owner with around 15 years professional experience in ICT
Day to Day: Principal CyberSecurity Consultant @ CDW USA, Business owner @ Defscope, Co-Founder and Community Leader @ INSECO
Degree & Certifications: MSc, MCP, CCNA, OCE, CCSA, CISA, CISM, CEH, CDPSE
Membership:
•ISACA Gold Level Member (www.isaca.org)
•Member of CompTIA Instructor Network (www.comptia.org)
•Member of AKTA Azerbaijan (www.akta.az)