You are on page 1of 5

CISM Exam Preparation

Introduction to CISM With this training Nugget introduction, we will go over what to expect in this series and also an overview of the CISM certification exam. Note: This vendor independent certification is only administered twice per year.

Information Security Governance (Part 1) The first of a three part training to cover information security governance. Overview and Definitions.

Information Security Governance (Part 2) We continue to cover ISG in part 2 of the training. Scope, metrics, strategy goals and objectives overview. Remember, this topic is 23% of the overall exam.

Information Security Governance (Part 3) Time to conclude the 3 part training coverage of the ISG portion of the CISM certification exam. Approaches to security framework, strategy resources and constraints, action plan for strategy.

Risk Management (Part 1) Ready for Risk? In this Nugget, we will begin training on Risk Management. This is an important topic and 22% of the CISM exam. We will break this topic up into 3 parts. Part 1: definition, overview, strategy, effective risk management.

ISACA - CISM

Page 1

CISM Exam Preparation

Risk Management (Part 2) Part two of the training will cover; the process, define framework, analysis framework, and assessment overview.

Risk Management (Part 3) We conclude the Risk management portion of the CISM certification exam training by covering; threats & vulnerabilities, operational risk categories, risk response, impacts, controls and countermeasures.

Information Security Program Development (Part 1) Information Security Program Development is the 3rd and one of the smaller domains in the CISM certification exam. While this is only 17% of the CISM exam, we will go through this training in 3 parts. Part 1: Overview, importance and results, management workflow, relevant technologies and security manager.

Information Security Program Development (Part 2) Part 2 of your CISM training on ISPD will cover; scope, challenges, objectives, strategy, development roadmap.

ISACA - CISM

Page 2

CISM Exam Preparation


Information Security Program Development (Part 3) The conclusion to the ISPD section of the CISM training will cover; documentation requirements, operational security architecture and SABSA framework for security management.

Security Program Management (Part 1) It is important that you master this topic of Security Program Management. The CISM certification exam puts the highest emphasis on this topic. Again, we will break this training into three parts. Part 1: Overview, results of effective scheme, roles and responsibilities and framework.

Security Program Management (Part 2) Security Training part Two: Performance Measurement, obstacles, evaluation, and mgmt resources.

Security Program Management (Part 3) Lets wrap up the Security Program Management training topic in part 3. Part 3 will cover: Policies and standards, metrics and monitoring, control testing, 3rd party providers, life cycle integration, communication, documentation, assurance integration, acceptable use policies, assigning roles and responsibilities, change mgmt, vulnerability assessment, due diligence and resolving non-compliance.

ISACA - CISM

Page 3

CISM Exam Preparation


Incident Management and Response (Part 1) The final domain of the training series for the CISM certification exam is Incident Management and Response. Part 1 includes: overview, concepts and technologies, manager responsibilities and objectives, metrics, indicators, procedures, resources and a closer look at BIA.

Incident Management and Response (Part 2) Lets dive into the final CISM training Nugget, with part 2 of the incident management topic. Part 2: evaluating the state of incident response, developing the plans, testing the plans, implementing the plans, documentation and post review.

Security Governance Update Training Update: This update covers the changes to the CISM certification exam on the Security Governance topic.

Risk Management Content Update: This training update covers the changes to the CISM certification exam on the Risk Management topic.

Security Program Development Update Content Update: This training update covers the changes to the CISM certification exam on the Security Program Development topic.

ISACA - CISM

Page 4

CISM Exam Preparation

Information Security Management Update Training Update: This update covers the changes to the CISM certification exam on the Information Security Management topic.

Incident Management and Response Update Training Update: This update covers the changes to the CISM certification exam on the Incident Management and Response topic.

ISACA - CISM

Page 5