Information Security Training Courses Icon

CISM Exam Boot Camp


3 Days Classroom Session   |  
4 Days Live Online
Classroom Registration
Individual:
$1895.00
Group Rate:
$1695.00
(per registrant, 2 or more)
GSA Individual:
$1383.35
Live Online Registration
Live Online:
$1895.00
Private Onsite Package

This course can be tailored to your needs for private, onsite delivery at your location.

Request a Private Onsite Price Quote

Professional Credits

IIBA (CDU)

ASPE is an IIBA Endorsed Education Provider of business analysis training. Select Project Delivery courses offer IIBA continuing development units (CDU) in accordance with IIBA standards.

NASBA (CPE)

NASBA continuing professional education credits (CPE) assist Certified Public Accountants in reaching their continuing education requirements.

This course offers 21.00 NASBA CPEs.

PMI (PDU)

Select courses offer Leadership (PDU-L), Strategic (PDU-S) and Technical PMI professional development units that vary according to certification. Technical PDUs are available in the following types: ACP, PBA, PfMP, PMP/PgMP, RMP, and SP.

This course offers:
    19.00 PMP/PgMP Technical PDUs
    2.00 PMI Leadership PDUs

21
NASBA CPEs
21
PMI PDUs
Certification
Overview

Designed  to be the most clear cut path to obtaining the prestigious CISM certification; this three-day Tactical Security CISM Exam Preparation course offers a comprehensive review of the ISACA CISM topic areas without a lot of "off topic" discussions.

Not just CISM test prep – We build real-world security management skills.

The course specifically covers the task statements and knowledge statements contained within the four major content areas of CISM including:

  • Information Security Governance (24%)
  • Information Risk Management and Compliance (33%)
  • Information Security Program Development and Management (25%)
  • Information Security Incident Management (18%)

After completion of this preparation course, you will be ready to take the internationally-acclaimed CISM certification exam. When it comes to information security, a single differentiator can be all that stands between a multimillion dollar contract or a promotion. ISACA's Certified Information Security Manager (CISM) certification is that differentiator. CISM is recognized around the world as the leading certification for enterprise security management. CISM certified individuals are part of an elite group of professionals who have demonstrated a mastery of the concepts and skills of information security, have the experience to back up the knowledge and are dedicated to continually learning and staying current within the information security field.

The CISM® exam is offered three times per year, over a window of dates. The window dates for 2017 are:

  1. May 1 – June 30
  2. August 1 – September 30
  3. November 1 – December 31

To find a testing location near you, please visit www.isaca.org/examlocations.

Master the CISM exam content areas
Get CISM test taking skills from our experts
Learn to align security to your business processes
In-depth coverage: Information Security Governance
In-depth coverage: Information Risk Management & Compliance
In-depth coverage: Information Security Program Development & Management
In-depth coverage: Information Security Incident Management
Upcoming Dates and Locations
Guaranteed To Run
Jan 8, 2018 – Jan 10, 2018    8:30am – 4:30pm Live Online Register
Jan 8, 2018 – Jan 10, 2018    8:30am – 4:30pm New York , New York

Please call ASPE for location details
at 1-877-800-5221
New York, NY 10001
United States

Register
Feb 12, 2018 – Feb 14, 2018    8:30am – 4:30pm Saint Louis , Missouri

Saint Louis University - Workforce Ctr
3545 Lindell Blvd.
2nd Floor Wool Center
Saint Louis, MO 63103
United States

Register
Feb 12, 2018 – Feb 14, 2018    9:30am – 5:30pm Live Online Register
Mar 12, 2018 – Mar 14, 2018    8:30am – 4:30pm Dallas , Texas

Microtek Dallas
5430 Lyndon B Johnson Fwy
Three Lincoln Centre, Suite 300
Dallas, TX 75240
United States

Register
Mar 12, 2018 – Mar 14, 2018    9:30am – 5:30pm Live Online Register
Apr 4, 2018 – Apr 6, 2018    8:30am – 4:30pm Live Online Register
Apr 4, 2018 – Apr 6, 2018    8:30am – 4:30pm Columbia , Maryland

Homewood Suites by Hilton
8320 Benson Drive
Columbia, MD 21045
United States

Register
May 7, 2018 – May 9, 2018    8:30am – 4:30pm Live Online Register
May 7, 2018 – May 9, 2018    8:30am – 4:30pm Atlanta , Georgia

Microtek Atlanta
1000 Abernathy Rd. NE Ste 194
Northpark Bldg 400
Atlanta, GA 30328
United States

Register
Jun 4, 2018 – Jun 6, 2018    8:30am – 4:30pm San Diego , California

San Diego Training and Conference Center
350 Tenth Avenue
Suite 950
San Diego, CA 92101
United States

Register
Jun 4, 2018 – Jun 6, 2018    11:30am – 7:30pm Live Online Register
Jul 9, 2018 – Jul 11, 2018    8:30am – 4:30pm Live Online Register
Jul 9, 2018 – Jul 11, 2018    8:30am – 4:30pm Raleigh , North Carolina

ASPE Training
114 Edinburgh South Dr
Suite 200
Cary, NC 27511
United States

Register
Aug 6, 2018 – Aug 8, 2018    8:30am – 4:30pm Live Online Register
Aug 6, 2018 – Aug 8, 2018    8:30am – 4:30pm Washington , District of Columbia

Microtek-Washington, DC
1110 Vermont Avenue NW
Suite 700
Washington, DC 20005
United States

Register
Sep 5, 2018 – Sep 7, 2018    8:30am – 4:30pm Live Online Register
Sep 5, 2018 – Sep 7, 2018    8:30am – 4:30pm Philadelphia , Pennsylvania

ExitCertified
1150 First Ave
Ste 200
King Of Prussia, PA 19406
United States

Register
Oct 1, 2018 – Oct 3, 2018    8:30am – 4:30pm Kansas City , Kansas

Centriq Training
8700 State Line Road
Suite 200
Leawood, KS 66206
United States

Register
Oct 1, 2018 – Oct 3, 2018    9:30am – 5:30pm Live Online Register
Course Outline

I. About CISM

  1. Requirements for certification
    • Experience
    • Passing the exam
    • The ISACA Code of Ethics
    • Maintaining certification

II. Information Security Governance

  1. Overview
    • Information is a valuable resource in all of its formats
    • Not just IT related
    • We need to converge information security into the business
  2. Effective information security governance
    • Business drivers
    • Business support
    • Provide assurance to management
  3. Risk objectives
    • Operational risk management
    • We must be able to meet our desired state
  4. Build an information security strategy
    • Business model for information security (BMIS)
    • Strategy
  5. Controls
    • Types of controls
    • IT controls
    • Non-IT controls
    • Countermeasures
    • Example defense in depth
  6. Provide assurance to management
    • ISO 27001
    • Security Metrics
  7. Extend security knowledge to everyone
    • Awareness
    • Training
    • Education
  8. Action plan to implement strategy
    • Projects
    • Gap analysis
    • Critical success factors

III. Information Risk Management & Compliance

  1. Overview
  2. Information classification
    • Why should information be classified
    • Developing the program
    • Ownership
    • Responsibilities
  3. Methods to evaluate impact of adverse events
    • Business impact analysis
  4. Legal and regulatory requirements
  5. Emerging threats and vulnerabilities
    • Sources of information
  6. Risk management
    • Elements of risk
    • Risk assessment
    • Prioritizing risk
    • Reporting risk
    • Monitoring Risk
    • Risk handling
    • Control baseline modeling
    • Controls
    • Gap analysis
    • Integrate risk management into business and IT processes
    • Compliance
  7. Re-assessing risk and changing security program elements
    • Risk management is a cyclic process
    • Triggers to re-assess

IV. Information Security Program Development & Management

  1. Overview
  2. Align information security program to business function
  3. Resource requirements definition
    • Internal
    • External
    • Identify, acquire and manage
  4. Emerging trends in information security
    • Cloud computing
    • Mobile computing
  5. Security control design
  6. Security architectures
    • BSIM
  7. Methods to develop
    • Standards
    • Procedures
    • Guidelines
  8. Methods to implement and communicate
    • Policies
    • Standards
    • Procedures
    • Guidelines
  9. Security awareness and training
    • Methods to establish
    • Methods to maintain
  10. Methods to integrate security requirements into organizational processes
  11. Methods to incorporate security requirements
    • Contracts
    • 3rd party management processes
  12. Security metrics
    • Design
    • Implement
    • Report
  13. Testing security controls
    • Effectiveness
    • Applicability

V. Information Security Incident Management

  1. Overview
  2. Definition
    • Distinction between IR, BCP and DRP
    • Senior management commitment
    • Policy
    • Personnel
  3. Objectives
    • Intended outcomes
    • Incident management
    • Incident handling
    • Incident response
    • Incident systems and tools
  4. What technologies must an IRT know?
    • Vulnerabilities/Weaknesses
    • Networking
    • Operating systems
    • Malicious software
    • Programming languages
  5. Defining incident management procedures
    • Plan for management
  6. Current state of incident response plan
    • Gap analysis
  7. Develop a plan
    • Plan elements
    • Notification process
    • Escalation process
    • Help desk process for identifying incidents
    • Response teams
  8. Challenges in developing a plan
  9. BCP/DRP
    • Recovery operations
    • Recovery strategies
    • Recovery sites
    • Basis for recovery site selection
    • Notification requirements
    • Supplies
    • Communication structure
    • Testing the plan
    • Recovery test metrics
    • Test results
    • Post-incident activities and investigations
Who should attend
  • Information security managers
  • Information security practitioners
  • Security auditors
  • Security consultants
  • Chief Information Security Officers (CISOs)
  • Chief Security Officers (CSOs)
  • Privacy officers
  • Security administrators
  • IT managers
Bonus Materials

This course includes a complete CISM Study Guide.

Pass ISACA's CISM exam – guaranteed

If you take the CISM® exam within four weeks of taking this course and do not pass, send us the score report and you may attend another CISM Exam Boot Camp session within one year at no additional cost. 

Download the brochure