Choose your language:

France
Germany
Hong Kong
India
Ireland
Japan
Malaysia
Netherlands
New Zealand
Singapore
Sweden
United Kingdom
United States
IT manager

Free training spotlight:
InfoSec program development and management

August 8, 2017

By TEKsystems

Ah yes, information security. We don’t need to watch “Mr. Robot to know that hackers and cyber criminals are continually finding new ways to gain unauthorized access to data. Even if you’re an expert in the IT security field, hiring managers frequently look at training and certifications to see a drive to learn and improve your craft. Who else is going to one-up those hacker vigilantes and other bad actors?  

If you’re an experienced IT security manager, we’re looking at you. TEKsystems conveniently offers our consultants a massive amount of free training through our partnership with Skillsoft: over 4,000 courses and 37,000 videos at your disposal. You have self-service access to InfoSec Skillsoft courses through the Virtual Support Community, or you can ask your recruiter for help.

 Information Security Program Development and Management is a five-part course that prepares you for the Certified Information Security Manager (CISM) exam and covers the scope and charter of an InfoSec program, the components of a security framework, the many activities an information security manager is responsible for, and the metrics and monitoring practices that should be part of a security program.

Take a look at the lesson objectives to get an idea of what this course is all about.

CISM: Information Security Program Development and Management (Part 1)

  • Define the purpose of the Information Security Program Development and Management domain
  • Describe the tasks within Information Security Program Development and Management job practice area
  • Describe the fundamentals of an information security program
  • Recognize how an information security program supports the objectives of information security governance
  • Identify the defining goals of the information security program
  • Identify key information security program concepts
  • Develop an information security program
  • Develop an information security program

CISM: Information Security Program Development and Management (Part 2)

  • Describe the function of COBIT 5 in the information security management framework
  • Identify the objectives of the information security management framework
  • Describe the function of ISO/IEC 27001:2013 in the information security management framework
  • Recognize the components of the information security management framework
  • Create an information security program road map
  • Recognize what the information security architecture involves
  • Recognize the questions an information security manager should ask when building an IS architecture
  • Develop an information security management framework

CISM: Information Security Program Development and Management (Part 3)

  • Identify responsibilities of an information security manager related to administering an information security program
  • Identify good practices related to security personnel and positive security culture
  • Identify areas that should be part of a security awareness program
  • Identify areas that an information security manager must be aware of and raise awareness of amongst security personnel
  • Identify responsibilities of information security manager related to documentation
  • Identify project management processes that are performed by information security managers
  • Recognize key activities of the PDCA methodology
  • Identify key points regarding the evaluation of an information security program
  • Recognize key points related to information security management
  • Recognize key project management responsibilities of an information security manager
  • Recognize key points about evaluating an information security program

CISM: Information Security Program Development and Management (Part 4)

  • Match information organizational roles to their corresponding responsibilities
  • Determine the responsibilities of individuals within an organization related to standard security program components
  • Sequence the steps of a security review, given a scenario
  • Identify key points regarding audits that an information security manager should remember during program implementation
  • Identify preventive measures that minimize security risk
  • Identify the responsibilities of an information security manager with relation to compliance monitoring and enforcement
  • Recognize the results of commonly used risk analysis methods
  • recognize the responsibilities of an information security manager related to monitoring and compliance
  • Identify activities that allow an information security manager to integrate a security program within an organization
  • Recognize strategies for managing risk of outsourcing when using third-party service providers
  • Recognize examples of cloud computing models
  • Recognize the responsibilities of an information security manager related to process integration and outsourcing

CISM: Information Security Program Development and Management (Part 5)

  • Distinguish between two types of information security controls
  • Recognize principles of effective security control
  • Recognize examples of physical, environmental, and technical controls
  • Distinguish between examples of controls and countermeasures
  • Identify factors to consider when recommending improvements to information security controls
  • Describe types of controls and how they are used in information security management
  • Explain the use of controls and countermeasures to manage risk
  • Categorize examples of information security metrics
  • Determine whether a given metric would be effective
  • Recognize examples of measures used to assess the effectiveness of an information security program
  • Recognize examples of monitoring activities
  • Recognize the relationship between information security metrics, measurement, and monitoring
  • Recognize effective approaches to measuring and monitoring an information security program
  • Recognize strategies for overcoming common challenges to information security management
Blog Archive
2016201520142013