CISM (Certified Information Security Manager)


Around the world, demand for skilled information security management professionals is on the rise, and the CISM certification is the globally accepted standard of achievement in this area. The uniquely management-focused CISM certification ensures holders understand business, and know how to manage and adapt technology to their enterprise and industry. Since its inception in 2002, thousands of professionals worldwide have earned the industry-leading CISM to affirm both their high level of technical competence and qualifications for top caliber leadership and management roles.

SKU: 990989702-1-1-1-1-1-1-1-1-1-1-1-1-1-1-1-1-1-1-1-1-1-1-1-1-1-1-1-1


  • In addition to technical competence, CISM demonstrates a deep understanding of the relationship between information security programs and broader business goals and objectives.
  • Earning a CISM is considered a great way to pave the path from security technologist to security manager, and helps you rise to the top of hiring managers‚Äô resume/CV stacks. CISM holders are consistently recognized among the most-qualified professionals in the information security and risk management fields.
  • CISM promotes international security practices and CISM-certified employees provide enterprises with an information security management certification recognized by organizations and clients around the globe. So having a CISM certification adds directly to the value you offer the enterprise you serve.
  • The credibility CISM offers is strengthened by its real-world experience requirement. Unlike some security certifications, CISM verifies that holders have a minimum of five years of information security work experience, in addition to having passed an exam.

Target Audience

The CISM certification was developed specifically for experienced information security managers and those with information security management responsibilities who include:

  • Information Security Managers
  • Aspiring Information Security Managers
  • IS/IT Consultants
  • Chief Information Officers


The curriculum of CISM¬ģ Review Program is in line with the CISM¬ģ examination guidelines. They are:

  • Information Security Governance
    1. Information Security Governance Overview
    2. Effective Information Security Governance
    3. Governance and Third-party Relationship
    4. Information Security Governance Metrics
    5. Information Security Strategy Overview
    6. Developing an Information Security Strategy
    7. Information Security Strategy Objectives
    8. Determining Current State of Security
    9. Information Security Strategy Development
    10. Strategy Resources
    11. Strategy Constraints
    12. Action Plan to Implement Strategy
    13. Implementing Security Governance-Example
    14. Action Plan Intermediate Goals
    15. Information Security Program Objectives
    16. Case Study
  • Information Risk Management and Compliance
    1. Risk Management Overview
    2. Risk management Strategy
    3. Effective Information Risk Management
    4. Information Risk Management Concepts
    5. Implementing Risk Management
    6. Risk Assessment and Analysis Methodologies
    7. Risk Assessment
    8. Information Resource Valuation
    9. Recovery Time Objectives
    10. Integration With Life Cycle Processes
    11. Security Control Baselines
    12. Risk Monitoring and Communication
    13. Training and Awareness
    14. Documentation
  • Information Security Program Development and Management
    1. Information Security Program Management Overview
    2. Information Security Program Objective
    3. Information Security Program Concepts
    4. Scope and Character of an Information Security Program
    5. The Information Security Management Framework
    6. Information Security Framework Components
    7. Defining an Information Security Program Road Map
    8. Information Security Infrastructure and Architecture
    9. Architecture Implementation
    10. Security Program Management and Administration activities
    11. Security Program Services and Operational Activities
    12. Controls and Countermeasures
    13. Security Program Metrics and Monitoring
    14. Common Information Security Program Challenges
  • Information Security Incident Management
    1. Incident Management Overview
    2. Incident Response Procedures
    3. Incident Management Organization
    4. Incident Management Resources
    5. Incident Management Objectives
    6. Incident Management Metrics and Indicators
    7. Defining Incident Management Procedures
    8. Current State of Incident Response Capability
    9. Developing and Incident Response Plan
    10. Business Continuity and Disaster Recovery Procedures
    11. Testing Incident Response and Business Continuity/Disaster Recovery Plans
    12. Executing Response and Recovery Plans4.13. Post Incident Activities and Investigation

*Material is presented in English, while lecturing is in Bahasa Indonesia.

Duration4 Days
PaketTraining + exam

Related products

[yikes-mailchimp form=”2″]

× Apa yang bisa kami bantu?