Certified Information Security Manager (CISM) | Course

Global recognition in information security management


Next GUARANTEED DATES       17-Feb-2021, Live Training   Register now       21-Apr-2021, Live Training   Register now       

course evaluation     4.7 in 5


This course is available to be delivered in a classroom and Live-Training model.
Live Training brings you the dynamic environment of the classroom, to your desk. Using your computer, you interact with the trainer and the trainees as if you were with them in the classroom.

This course is designed for managers and senior professionals in information security who intend to take the Certified Information Security Manager (CISM) examination. Recognized internationally, CISM certification is issued by the Information Systems Audit and Control Association (ISACA). The curriculum covers all four of the key domains addressed in the exam: Information Security Governance, Information Risk Management and Compliance, Information Security Program Development and Management, Information Security Incident Management

Training Methodology
In this CISM preparation course the participants will revise the main concepts of information security management in accordance with the best practices of ISACA and the CISM certification domains, consolidate their knowledge through questions of exam preparation and in the end, perform a test simulation in order to assess the level of knowledge and the amount of effort needed to be aligned and to successfully pass the CISM certification exam.

Candidates and prospective candidates for the CISM examination and those wishing to expand their knowledge in the field of Information Security Management.

In order to attend to course it is recommended that:
  • Participants possess a basic knowledge about the different domains that will be addressed in the CISM exam. The course is an intensive review in preparation for the examination, not basic training;
  • Participants must understand English since the provided documentation is written in that language.

Duration (days)
3 days

Learning Objectives
At the end of the course students should be able to:
  • Establish and maintain a framework to provide assurance that information security strategies are aligned with business objectives and consistent with applicable laws and regulations
  • Identify and manage information security risks to achieve business objectives
  • Design, develop and manage an information security program to implement the information security governance framework
  • Oversee and direct information security activities to execute the information security program
  • Develop and manage a capability to respond to and recover from disruptive and destructive information security events

  1. Information Security Governance
    • Basic Concepts of Information Security Governance
    • Effective Information Security Governance
    • Information Security Concepts and Technologies
    • Scope and Charter of Information Security Governance
    • Information Security Governance Metrics
    • Information Security Strategy
    • Action Plan Intermediate Goals
    • Information Security Program Objectives

  2. Information Risk Management and Compliance
    • Risk management Overview
    • Risk management Strategy
    • Effective Information Security Risk Management
    • Information Security Risk Management Concepts
    • Implementing Risk Management
    • Risk Assessment and Analysis Methods
    • Risk Assessment
    • Information Resource Valuation
    • Recovery Time Objectives
    • Third Party Providers
    • Integration With Life Cycle Processes
    • Security Control Baselines
    • Risk Monitoring and Communication
    • Training and Awareness
    • Documentation

  3. Information Security Program Development and Management
    • Information Security Program Management Overview
    • Information Security Program Objectives
    • Information Security Program Concepts
    • Scope and Charter of an Information Security Program
    • The Information Security Management Framework
    • Information Security Framework Components
    • Defining an Information Security Program Road Map
    • Information Security Infrastructure and Architecture
    • Architecture Implementation
    • Security program Management and Administrative Activities
    • Security Program Services and Operational Activities
    • Controls and Countermeasures
    • Security Program Metrics and Monitoring
    • Common Information Security Program Challenges

  4. Information Security Incident Management
    • Incident management overview
    • Incident response procedures
    • Incident management organization
    • Incident management resources
    • Incident management objectives
    • Incident management metrics and indicators
    • Defining incident management procedures
    • Current state of incident response capability
    • Developing na incident response plan
    • Business continuity and Disater recovery procedures
    • Testing incident response and BC / DRP
    • Executing response and recovery plans
    • Postincident activities and investigantion

  5. Exam Preparation: Simulation Exam

  • You can include the CISM certification exam in the course. The exam is held at Behaviour. After passing the exam successfully, you must submit your application on the ISACA website (www.isaca.org);
  • CISM certification is based on a multiple-choice exam consisting of 150 multiple choice questions with four choices each, about the 4 domains – Length: 4 hours. The passing mark is 450 in a scale from 200 to 800;

Certified Information Security Manager (CISM)

Our specialists are consultants and auditors, with several years of experience in the areas of implementation, auditing and training in best practices, methodologies, standards in the most recognized frameworks.
Some of our experts work directly in the improvement of these frameworks, methodologies and standards through its participation in the technical committees, as members or taking distinct roles in the major organizations worldwide, working and supporting the best practices communities. Our team of instructors are ISACA certified, holding the CISA, CISM, CGEIT, CRISC and COBIT certifications, and others from the most recognized worldwide, as CISSP, PMP, ISO 27001 LA / LI, among others.

General Information
  • Training in English language.
  • Course manual in English, containing information and exercises per domain.
  • Official ISACA - CISM manual in English.
  • Exam simulation on the last day of the course.
  • Behaviour Participation Certificate with 35 CPD (Continuing Professional Development).
  • If CISM exam included, you can schedule a date within 11 months after beginning of the course. It is not possible to change the date of the exam.
  • If CISM exam included, registration offer as a member of ISACA
  • Coffee break in the morning and afternoon (Applies to all training that take place in Behaviour facilities).
  • ISACA application for certification fee is not included.

  • CISM course is oriented towards the acquisition of knowledge of the four key domains addressed in the exam: Information Security Governance, Information Risk Management and Compliance, Information Security Program Development and Management, Information Security Incident Management

  • Behaviour Pedagogical Model aims to provide a learning environment conducive to acquisition of competences, in accordance with objectives of each training program. Promoting interaction, participation and appreciation of experiences, we contribute to meaningful learning, certification and international recognition but, above all to the development of critical thinking and autonomy.

  • Behaviour is an organization accredited by DGERT (Portuguese Government Entity) and certified on ISO 9001. Behaviour has its Quality Management System (QMS) implemented in accordance with the requirements of ISO 9001, the requirements of DGERT, the requirements of the European standard NP 4512 and the standard ISO 10015.

Dates and Price

Guaranteed Dates Program
All dates of this course are guaranteed.
At Behaviour, all courses take place regardless of the number of trainees on each course. The concept of setting up classes does not exist in our educational model, which is why all public dates, presented on the website, are guaranteed. So if you're in Portugal or anywhere else in the world, you can prepare your week or your trip, as long as you ensure your registration in the course.

Volume Discounts
For companies, Behaviour offer discounts, between 10% and 40% of the value of training, starting from the registration of the 2nd participant, in the same course and on the same date.
Simulate the prices for the number of participants you want to register to training@behaviour-group.com or contact us via chat.

Hotels and Useful Information
Know where you can stay in Lisbon, near Behaviour. For more information please see >> Booking <<