The Knowledge Academy
Certified Information Security Manager
The Knowledge Academy deliver this 4-day course to provide you with the required knowledge to sit the professional certification accredited by ISACA for the Certified Information Systems Auditor exam.
There are no pre-requisites to attending the Knowledge Academy Certified Information Security Manager (CISM) course or to taking the CISM exam. The course is open to any individuals who have an interest in information security management. The examination is open to all individuals who are experienced information security managers and those who have information security management responsibilities.
Successful examination candidates will be sent all information required to apply for certification with their notification of a passing score. It is important to note that many individuals choose to take the CISM exam prior to meeting the experience requirements. This practice is acceptable and encouraged although the CISM designation will not be awarded until all the work experience requirements are met.
Following the successful passing of the exam candidates need to submit verified evidence of a minimum of five years of information security work experience, with a minimum of three years of information security management work experience in three or more of the job practice analysis areas. The work experience must be gained within the ten-year period preceding the application date for certification or within five years from the date of originally passing the exam.
The following security-related certifications and information systems management experience can be used to satisfy the indicated amount of information security work experience.
- Certified Information Systems Auditor (CISA) in good standing
- Certified Information Systems Security Professional (CISSP) in good standing
- Post-graduate degree in information security or a related field (e.g., business administration, information systems, information assurance)
- One full year of information systems management experience
- One full year of general security management experience
- Skill-based security certifications (e.g., SANS Global Information Assurance Certification (GIAC), Microsoft Certified Systems Engineer (MCSE), CompTIA Security +, Disaster Recovery Institute Certified Business Continuity Professional (CBCP), ESL IT Security Manager)
- Completion of an information security management program at an institution aligned with the Model Curriculum
The experience substitutions will not satisfy any portion of the three-year information security management work experience requirement.
Who Should Attend
IT Security Managers, Security Officers & Security Consultants who are seeking to take the CISM examination.
In the preparation for the CISM Examination, we recommend that each participant purchase the following ISACA study materials directly from the ISACA bookstore:
CISM Review Manual
CISM Review Questions, Answers & Explanations Manual
CISM Practice Questions Database
Certified Information Security Manager Course Agenda (as a brief guidance)
Testing-Taking Tips and Study Techniques
Preparation for the CISM exam
Submitting Required Paperwork
Resources and Study Aids
Passing the Exam the First Time
Information Security Governance
Information Risk Management
Asset Classification and Ownership
Structured Information Risk Assessment Process
Business Impact Assessments
Information Security Program Development
Information Security Strategy
Program Alignment of Other Assurance Functions
Development of Information Security Architectures
Security Awareness, Training, and Education
Communication and Maintenance of Standards, Procedures, and Other Documentation
Information Security Program Management
Security Program Management Overview
Security Program Infrastructure
Security Impact on Users
Incident Management and Response
Response Management Overview
Importance of Response Management
Performing a Business Impact Analysis
Developing Response and Recovery Plans
The Incident Response Process
Implementing Response and Recovery Plans
The CISM examination is carried out twice a year during the months of June & December.
Registration for the exam is 3 months prior to the test date. This has to be actioned directly with ISACA at www.isaca.org
The examination consists of 200 multiple-choice questions within a 4-hour time limit. Exam scores are reported on a scale from 200 to 800. A candidate must receive a score of 450 or higher to pass the exam.
How to become a Business Analyst
Business analysis is the task of understanding business change needs – Assessing the business impact of those changes, capturing, analysing and documenting requirements and supporting the communication and delivery with relevant stakeholders. The Business Analyst is someone who is a part of the business operation and works with IT to improve the quality if the services being delivered.
Businesses need to adapt continually if they are to be successful. The business analyst is the catalyst of these changes, working closely with the business to create innovative solutions to business problems.
The typical deliverables of a Business Analyst could very between; business and functional/non-functional requirements as well as as-is and to-be processes including a business case.
The Business Analyst records requirements a form of management tool, whether it be simple spreadsheet or a complex application.
Areas of business analysis:
- Strategic planning - To identify the organisation's business needs
- Business model analysis - To define the organisation's policies and market approaches
- Process design - To standardise the organisation's workflows
- Systems analysis - The interpretation of business rules and requirements for technical systems
You could find yourself in a variation of industries, some including; finance, banking, insurance, telecoms, utilities, software services etc.
To gain a Diploma, candidates must pass four one-hour written examinations on a number of business topics.
There is a combination of core and specialist modules and an oral examination.
There are two types of core modules in the Diploma, these can be gained in any order. You can choose from either “BCS Certificate in Business Analysis Practice” or “BCS Certificate in Requirements Engineering”.
Candidates must also choose one “knowledge-based” module and one “practitioner” module to complete their certificates. You make your choice depending on your own background and preferences. As well as what your organisation requires and the nature of your role(s).
Finally you must sit an oral examination (this lasts for just under an hour). The candidate is required to demonstrate that they can put the competences gained in the written exams into coherent context.
Do you think you’ve got what it takes to become a Business Analyst?