Request Callback Contact us
Certified Information Security Manager (CISM®)
Project & Programme Management Category Banner Image
  • ISACA

Certified Information Security Manager (CISM®)

  • Length 4 days
  • Price  $4015   $3415.50 inc GST
  • Version Updated in April 2022
Course overview
View dates &
book now

Why study this course

Gain knowledge and experience to demonstrate your understanding of the relationship between an information security program and broader business goals and objectives as you prepare for the Certified Information Security Manager (CISM) certification. Excelling in the CISM certification exam is a step towards being CISM certified, a testament to your expertise in information security management.

CISM certification distinguishes you as having not only information security expertise, but also knowledge and experience in the development and management of an information security program. The uniquely management-focused CISM certification promotes international security practices and recognises the individual who manages, designs, oversees and assesses an enterprise’s information security. 

CISM certification affirms your ability to assess risks, implement effective governance, and proactively respond to incidents. With a highlight on emerging technologies such as AI and blockchain, it guarantees your skillset meets evolving security threats and industry requirements. By addressing top-of-mind concerns like data breaches and ransomware attacks, crucial for IT professionals, this certification ensures you are staying ahead of the pace of change.

This course includes a digital courseware manual and 6 months access to the CISM Questions, Answers and Explanations (QAE) database.

Please note: The exam is not included in the course fee but can be purchased separately. Please contact us for a quote.

Request Course Information

What you’ll learn

After completing this CISM course, participants should be able to:

  • Explain the relationship between executive leadership, enterprise governance and information security governance

  • Outline the components used to build an information security strategy

  • Explain how the risk assessment process influences the information security strategy

  • Articulate the process and requirements used to develop an effective information risk response strategy

  • Describe the components of an effective information security program

  • Explain the process to build and maintain an enterprise information security program

  • Outline techniques used to assess the enterprise’s ability and readiness to manage an information security incident

  • Outline methods to measure and improve response and recovery capabilities

ISACA Accredited Elite Partner Logo

ISACA at Lumify Work

ISACA provides practical guidance, benchmarks and other effective tools for all enterprises that use information systems. Through its comprehensive guidance and services, ISACA defines the roles of information systems governance, security, audit and assurance professionals worldwide.

Lumify Work is an Accredited Elite Partner of ISACA.

Who is the course for?

This course is designed for IT professionals with technical expertise and experience in IS/IT security and control looking to transition from team player to manager, including:

  • Senior Executives

  • IT Managers

  • Information Security Professionals

  • IT Software System and Application Developers

  • IT Auditors

Course subjects

Domain 1: Information Security Governance

  • Enterprise Governance Overview

  • Organisational Culture, Structures, Roles and Responsibilities

  • Legal, Regulatory and Contractual Requirements

  • Information Security Strategy

  • Information Governance Frameworks and Standards

  • Strategic Planning

Domain 2: Information Security Risk Management

  • Risk and Threat Landscape

  • Vulnerability and Control Deficiency Analysis

  • Risk Assessment, Evaluation and Analysis

  • Information Risk Response

  • Risk Monitoring, Reporting and Communication

Domain 3: Information Security Program Development and Management

  • IS Program Development and Resources

  • IS Standards and Frameworks

  • Defining an IS Program Road Map

  • IS Program Metrics

  • IS Program Management

  • IS Awareness and Training

  • Integrating the Security Program with IT Operations

  • Program Communications, Reporting and Performance Management

Domain 4: Information Security Incident Management

  • Incident Management and Incident Response Overview

  • Incident Management and Response Plans

  • Incident Classification/Categorisation

  • Incident Management Operations, Tools and Technologies

  • Incident Investigation, Evaluation, Containment and Communication

  • Incident Eradication, Recovery and Review

  • Business Impact and Continuity

  • Disaster Recovery Planning

  • Training, Testing and Evaluation

Prerequisites

It is recommended that you have 3-5 years of information security experience.

To earn the CISM certification, students must pass the CISM Exam and also meet the additional criteria as determined by ISACA.

Industry Association Recognition

This course is eligible for Continuing Professional Education (CPE) hours/points to assist in maintaining your ISACA certification.

  • Contact hours: 28 hours

  • Continuing Professional Education: 28 CPEs

If you wish to claim CPEs, Lumify Work can verify your attendance. Please complete this ISACA form and email us at [email protected].

Terms & Conditions

The supply of this course by Lumify Work is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.

Request Course Information

Select and book a course

June
July
August
October
November
January
February
March

Can't find a date you like?

Contact sales
Hardy Vargas
Assistant Directors for the IT Security team, Australian Bureau of Statistics (ABS)
Given the global shortage of digital workers, especially in Cyber Security, we spend time and effort in ensuring our staff get the training they need to do their jobs, keeping their knowledge and skills up to date and progressing their careers. Three members of my team have also undertaken the CISSP course and all three of them got themselves certified as well. The course has given me an appreciation for how people in the private sector and other
  • CISSP
  • ISC2
  • Cyber Security