CISM Certified Information Security Manager Overview

Certified Information Security Manager (CISM) Training Course Outline

Domain 1: Information Security Governance

Module 1: Introduction to Information Security Governance

  • About Information Security Governance
  • Reason for Security Governance
  • Security Governance Activities and Results
  • Risk Appetite
  • Organisation Culture

Module 2: Legal, Regulatory and Contractual Requirements

  • Introduction
  • Requirements for Content and Retention of Business Records

Module 3: Organisational Structures, Roles and Responsibilities

  • Roles and Responsibilities
  • Monitoring Responsibilities

Module 4: Information Security Strategy Development

  • Introduction
  • Business Goals and Objectives
  • Information Security Strategy Objectives
  • Ensuring Objective and Business Integration
  • Avoiding Common Pitfalls and Bias
  • Desired State
  • Elements of a Strategy

Module 5: Information Governance Frameworks and Standards

  • Security Balanced Scorecard
  • Architectural Approaches
  • Enterprise Risk Management Framework
  • Information Security Management Frameworks and Models

Module 6: Strategic Planning

  • Workforce Composition and Skills
  • Assurance Provisions
  • Risk Assessment and Management
  • Action Plan to Implement Strategy
  • Information Security Program Objectives

Domain 2: Information Security Risk Management

Module 7: Emerging Risk and Threat Landscape

  • Risk Identification
  • Threats
  • Defining a Risk Management Framework
  • Emerging Threats
  • Risk, Likelihood and Impact
  • Risk Register

Module 8: Vulnerability and Control Deficiency Analysis

  • Introduction
  • Security Control Baselines
  • Events Affecting Security Baselines

Module 9: Risk Assessment and Analysis

  • Introduction
  • Determining the Risk Management Context
  • Operational Risk Management
  • Risk Management Integration with IT Life Cycle Management Processes
  • Risk Scenarios
  • Risk Assessment Process
  • Risk Assessment and Analysis Methodologies
  • Other Risk Assessment Approaches
  • Risk Analysis
  • Risk Evaluation
  • Risk Ranking

Module 10: Risk Treatment or Risk Response Options

  • Risk Treatment/Risk Response Options
  • Determining Risk Capacity and Acceptable Risk
  • (Risk Appetite)
  • Risk Response Options
  • Risk Acceptance Framework
  • Inherent and Residual Risk
  • Impact
  • Controls
  • Legal and Regulatory Requirements
  • Costs and Benefits

Module 11: Risk and Control Ownership

  • Risk Ownership and Accountability
  • Risk Owner
  • Control Owner

Module 12: Risk Monitoring and Reporting

  • Risk Monitoring
  • Key Risk Indicators
  • Reporting Changes in Risk
  • Risk Communication, Awareness and Consulting
  • Documentation

Domain 3: Information Security Programme Development and Management

Module 13: Information Security Program Resources

  • Introduction
  • Information Security Program Objectives
  • Information Security Program Concepts
  • Common Information Security Program Challenges
  • Common Information Security Program Constraints

Module 14: Information Asset Identification and Classification

  • Information Asset Identification and Valuation
  • Information Asset Valuation Strategies
  • Information Asset Classification
  • Methods to Determine Criticality of Assets and Impact of Adverse Events

Module 15: Industry Standards and Frameworks for Information Security

  • Enterprise Information Security Architectures
  • Information Security Management Frameworks
  • Information Security Frameworks Components

Module 16: Information Security Policies, Procedures, and Guidelines

  • Policies
  • Standards
  • Procedures
  • Guidelines

Module 17: Information Security Program Metrics

  • Introduction
  • Effective Security Metrics
  • Security Program Metrics and Monitoring
  • Metrics Tailored to Enterprise Needs

Module 18: Information Security Control Design and Selection

  • Introduction
  • Managing Risk Through Controls
  • Controls and Countermeasures
  • Control Categories
  • Control Design Considerations
  • Control Methods

Module 19: Security Programme Management

  • Risk Management
  • Risk Management Programme
  • Risk Treatment
  • Audit and Reviews
  • Third-Party Risk Management

Module 20: Security Programme Operations

  • Event Monitoring
  • Vulnerability Management
  • Security Engineering and Development
  • Network Protection
  • Endpoint Protection and Management
  • Identity and Access Management
  • Security Incident Management
  • Security Awareness Training
  • Managed Security Service Providers
  • Data Security
  • Cryptography
  • Symmetric Key Algorithms

Module 21: IT Service Management

  • Service Desk
  • Incident Management
  • Problem Management
  • Change Management
  • Configuration Management
  • Release Management
  • Service Levels Management
  • Financial Management
  • Capacity Management
  • Service Continuity Management
  • Availability Management
  • Asset Management

Module 22: Controls

  • Internal Control Objectives
  • Information Systems Control Objectives
  • General Computing Controls
  • Control Frameworks
  • Controls Development
  • Control Assessment

Module 23: Metrics and Monitoring

  • Types of Metrics
  • Audiences
  • Continuous Improvement

Domain 4: Information Security Incident Management

Module 24: Security Incident Response Overview

  • Phases of Incident Response

Module 25: Incident Response Plan Development

  • Objectives
  • Maturity
  • Resources
  • Roles and Responsibilities
  • Gap Analysis
  • Plan Development

Module 26: Responding to Security Incidents

  • Detection
  • Initiation
  • Evaluation
  • Recovery
  • Remediation
  • Closure
  • Post-Incident Review

Module 27: Business Continuity and Disaster Recovery Planning

  • Business Continuity Planning
  • Disaster
  • Disaster Recovery Planning
  • Testing BC and DR Planning

Show moredowndown

Who should attend this CISM Certified Information Security Manager Course?

The CISM Training Course is a globally recognised certification focusing on developing a professional’s expertise in managing Information Security systems and practices. This CISM Certification Course can be beneficial for professionals, including:

  • Information Security Managers
  • Internal Auditors
  • Risk Management Specialists
  • Compliance Officers
  • Security Analysts
  • IT Consultants
  • Data Protection Officers

Prerequisites of the CISM Certified Information Security Manager Course

There are no formal prerequisites for this CISM Certified Information Systems Manager Training Course. However, a basic understanding of Information Security and experience in job roles related to it can be beneficial for delegates.

CISM Certified Information Security Manager Course Overview

The Certified Information Security Manager (CISM) Training equips professionals with the skills and knowledge to safeguard valuable information assets. It is a highly relevant and crucial discipline in a technology-driven landscape. CISM, offered by ISACA, is a globally recognised certification that ensures individuals are well-versed in managing and governing an organisation's information security.

Proficiency in the CISM Training Course is vital as it empowers professionals to navigate the complex landscape of Information Security, ensuring the confidentiality, integrity, and availability of data. IT and Cybersecurity Experts, Risk Managers, Compliance Officers, and those aspiring to lead and manage information security teams should aim to master CISM.

The Knowledge Academy’s 4-day CISM Training gives delegates a comprehensive understanding of Information Security Management. Delegates will gain expertise in risk management, governance, incident response, and security development. Through real-world case studies and practical exercises, delegates will learn how to apply their knowledge effectively, making them invaluable assets to their organisations.

Course Objectives

  • To understand the core principles of Information Security governance
  • To learn to develop and manage an Information Security aligned with business objectives
  • To master risk management processes to safeguard an organisation's assets
  • To acquire skills for incident response and recovery
  • To gain the ability to establish and maintain Information Security policies and procedures
  • To develop the competence to align Information Security with regulatory and compliance requirements
  • To learn how to manage and govern Information Security teams effectively
  • To prepare for the CISM exam and enhance their career prospects

After completing this CISM Training and passing the certification exam, delegates will be recognised as Certified Information Security Managers. This globally respected certification demonstrates their expertise in Information Security management and opens up numerous career opportunities.

Show moredowndown

What’s included in this CISM Certified Information Security Manager Course?

  • World-Class Training Sessions from Experienced Instructors
  • CISM Certificate
  • Digital Delegate Pack

Show moredowndown

Why choose us

Ways to take this course

Experience live, interactive learning from home with The Knowledge Academy's Online Instructor-led CISM Certified Information Security Manager. Engage directly with expert instructors, mirroring the classroom schedule for a comprehensive learning journey. Enjoy the convenience of virtual learning without compromising on the quality of interaction.

Unlock your potential with The Knowledge Academy's CISM Certified Information Security Manager, accessible anytime, anywhere on any device. Enjoy 90 days of online course access, extendable upon request, and benefit from the support of our expert trainers. Elevate your skills at your own pace with our Online Self-paced sessions.

Experience the most sought-after learning style with The Knowledge Academy's CISM Certified Information Security Manager. Available in 490+ locations across 190+ countries, our hand-picked Classroom venues offer an invaluable human touch. Immerse yourself in a comprehensive, interactive experience with our expert-led CISM Certified Information Security Manager sessions.


Highly experienced trainers

Boost your skills with our expert trainers, boasting 10+ years of real-world experience, ensuring an engaging and informative training experience


State of the art training venues

We only use the highest standard of learning facilities to make sure your experience is as comfortable and distraction-free as possible


Small class sizes

Our Classroom courses with limited class sizes foster discussions and provide a personalised, interactive learning environment


Great value for money

Achieve certification without breaking the bank. Find a lower price elsewhere? We'll match it to guarantee you the best value

Streamline large-scale training requirements with The Knowledge Academy’s In-house/Onsite CISM Certified Information Security Manager at your business premises. Experience expert-led classroom learning from the comfort of your workplace and engage professional development.


Tailored learning experience

Leverage benefits offered from a certification that fits your unique business or project needs


Maximise your training budget

Cut unnecessary costs and focus your entire budget on what really matters, the training.


Team building opportunity

Our CISM Certified Information Security Manager offers a unique chance for your team to bond and engage in discussions, enriching the learning experience beyond traditional classroom settings


Monitor employees progress

The course know-how will help you track and evaluate your employees' progression and performance with relative ease

What our customers are saying

CISM Certified Information Security Manager FAQs

CISM Certified Information Security Manager is a globally recognised certification validating expertise in designing and managing information security programs. It emphasises skills in risk management, governance, and strategic alignment.
Completing this CISM Certified Information Security Manager Course offers several benefits, including advanced knowledge and skills in information security management, career advancement opportunities, increased earning potential, global recognition, and the ability to mitigate security risks effectively within organisations.
No, you do not need any prior qualifications to attend this CISM Certified Information Security Manager Training Course.
The Knowledge Academy’s flexible learning options allow you to take this CISM Training as an Online Instructor-led, Online Self-paced, Classroom, or Onsite training.
This CISM Certified Information Security Manager Training is ideal for IT Professionals, Security Managers, Information Security Consultants, Security Architects, and individuals aspiring to advance their careers in Information Security Management.
Monitor all operations and infrastructure, maintain all security tools and technology, monitor internal and external policy compliance, monitor regulation compliance, ensure cybersecurity stays on the organisational radar, etc., are the main roles and responsibilities of the Information Security Manager.
During the CISM Certified Information Security Manager Training course, you will learn various essential topics such as disaster recovery planning, risk assessment and analysis, plan development, maturity, types of metrics, incident management tools and technologies configuration management, capacity management, business alignment, and many more.
The difficulty level of these CISM Certified Information Security Manager Courses can vary based on the individual's prior experience, knowledge of information security concepts, and familiarity with the CISM exam content.
Yes, you can register for this CISM Certified Information Security Manager Course even if you have no experience in the field. However, having some foundational knowledge of information security concepts would be beneficial for better comprehension.
This CISM Certified Information Security Manager Course comes with a 4-day training session from experienced trainers, a digital delegate pack, and a certificate upon completion of the course.
The Certified Information Security Manager (CISM) Certification focuses on information security management, emphasising governance, risk management, and compliance. Other cybersecurity certifications like CISSP, CEH, and CompTIA Security+ cover broader areas within cybersecurity, such as technical skills, ethical hacking, and general security concepts.
After completing CISM Training, apply for the CISM exam, study extensively, and pass the exam to become a certified Information Security Manager. Use your certification to advance your career in information security management roles.
Yes, we offer 24/7 support for this CISM Certified Information Security Manager Training.
The duration of this CISM Training spans across 4 days.
Yes, we provide self-paced online CISM Certified Information Security Manager Course.
Please get in touch with our customer support team to resolve any issues related to CISM Certified Information Security Manager Training Course.
The training fees for CISM Certified Information Security Manager certification in Taiwan, Province of China starts from $2895
The Knowledge Academy is the Leading global training provider for CISM Certified Information Security Manager.
Please see our CISM Training courses available in Taiwan, Province of China
Show more down

Why choose us


Best price in the industry

You won't find better value in the marketplace. If you do find a lower price, we will beat it.


Many delivery methods

Flexible delivery methods are available depending on your learning style.


High quality resources

Resources are included for a comprehensive learning experience.

barclays Logo
deloitte Logo
Thames Water Logo

"Really good course and well organised. Trainer was great with a sense of humour - his experience allowed a free flowing course, structured to help you gain as much information & relevant experience whilst helping prepare you for the exam"

Joshua Davies, Thames Water

santander logo
bmw Logo
Google Logo

CISM Certified Information Security Manager in Taiwan, Province of China

backBack to course information

Security Certification

Save upto 25%
4 courses

Total without package:  $13680

Package price:  $10295 (Save $3385)

Purchase now

Information Security Bundle

Save upto 40%
3 courses

Total without package:  $10785

Package price:  $6495 (Save $4290)

Purchase now


Special Discounts




Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.



Press esc to close

close close

Back to course information

Thank you for your enquiry!

One of our training experts will be in touch shortly to go overy your training requirements.

close close

Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.