You are cordially invited to join the training for one of the most recognized information security certificates in the world – CISM (Certified Information Security Manager). The review course will be led online by the accredited trainer Uroš Žust. The training will follow the updated CISM curriculum that will be in effect with exams from June 1st 2022 on.
When?
From July 4th till 8th 2022
How?
Online (Zoom), in English
A few facts about CISM
What is CISM?
SACA’s Certified Information Security Manager® (CISM®) certification indicates expertise in information security governance, program development and management, incident management and risk management. If you are a mid-career IT professional aspiring to senior management roles in IT security and control, CISM can get you the visibility you need.
Program
1 | Information Security Governance |
A | Enterprise Governance |
1A1 | Organizational Culture |
1A2 | Legal, Regulatory, and Contractual Requirements |
1A3 | Organizational Structures, Roles, and Responsibilities |
B | Information Security Strategy |
1B1 | Information Security Strategy Development |
1B2 | Information Governance Frameworks and Standards |
1B3 | Strategic Planning (e.g., budgets, resources, business case). |
2 | Information Security Risk Management |
A | Information Security Risk Assessment |
2A1 | Emerging Risk and Threat Landscape |
2A2 | Vulnerability and Control Deficiency Analysis |
2A3 | Risk Assessment and Analysis |
B | Information Security Risk Response |
2B1 | Risk Treatment / Risk Response Options |
2B2 | Risk and Control Ownership |
2B3 | Risk Monitoring and Reporting |
3 | Information Security Program |
A | Information Security Program Development |
3A1 | Information Security Program Resources (e.g., people, tools, technologies) |
3A2 | Information Asset Identification and Classification |
3A3 | Industry Standards and Frameworks for Information Security |
3A4 | Information Security Policies, Procedures, and Guidelines |
3A5 | Information Security Program Metrics |
B | Information Security Program Management |
3B1 | Information Security Control Design and Selection |
3B2 | Information Security Control Implementation and Integrations |
3B3 | Information Security Control Testing and Evaluation |
3B4 | Information Security Awareness and Training/td> |
3B5 | Management of External Services (e.g., providers, suppliers, third parties, fourth parties) |
3B6 | Information Security Program Communications and Reporting |
4 | Incident Management |
A | Incident Management Readiness |
4A1 | Incident Response Plan |
4A2 | Business Impact Analysis (BIA) |
4A3 | Business Continuity Plan (BCP) |
4A4 | Disaster Recovery Plan (DRP) |
4A5 | Incident Classification/Categorization |
4A6 | Incident Management Training, Testing, and Evaluation |
B | Incident Management Operations |
4B1 | Incident Management Tools and Techniques |
4B2 | Incident Investigation and Evaluation |
4B3 | Incident Containment Methods |
4B4 | Incident Response Communications (e.g., reporting, notification, escalation) |
4B5 | Incident Eradication and Recovery |
4B6 | Post-incident Review Practices |
Trainer
Uroš is a director in Broader Assurance Services for SEE at PwC Slovenia. He has more than 17 years of experience in the fields of IT auditing, cyber security, security assessments, risk management, corporate compliance management in a wide range of industries. He has obtained his experience both in Europe as well as in US, where he lived and worked for 5 years.
He is an accredited trainer for ISACA CISA and CISM certification, and a seasoned presenter, that has led the aforementioned trainings in Slovenia, US, Serbia and Czech Republic.
PRICE & APPLICATION
The regular price for attending this 5-day course is 897 EUR + VAT. If you are a member of ISACA, your price is 570 EUR + VAT.
The participation needs to be paid in advance. Your application can be cancelled without penalties by June 27th 2022. A cancellation after this date will not result in a refund. ISACA Slovenian Chapter reserves the right to cancel the training (for any reason) before the start of the training.