Certified Information Security Manager (CISM)

Course Outline:

Information Security Governance

Establish and maintain an information security governance framework and supporting processes to ensure that the information security strategy is aligned with organizational goals and objectives, information risk is managed appropriately, and program resources are managed responsibly.


Information Risk Management

Manage information risk to an acceptable level based on risk appetite in order to meet organizational goals and objectives.


Information Security Program Development and Management

Develop and maintain an information security program that identifies, manages and protects the organization’s assets while aligning to information security strategy and business goals, thereby supporting an effective security posture.


Information Security Incident Management

Plan, establish and manage the capability to detect, investigate, respond to and recover from information security incidents to minimize business impact.



5 days or 35 training hours



Candidate must have a minimum of five years of information security experience, of which three or more years must be information security management work.


Target Audience:

Senior executives, IT managers, information security professionals, IT software system and application developers and IT auditors.



Upon completion of this course, the students will be able to acquire the required skills to face the most difficult problems, which include:

  • Information security strategy development.
  • Selecting and appropriate risk governance frameworks.
  • Choosing the right organizational structure and roles establish incident management process.


Official Exam

Official exam and courseware are included.