Cari Training



Contact Expertindo

Kantor Expertindo Training
Jl. Kaliurang Km 10, Kompleks Perum Puri Gentan Asri No 11, Yogjakarta

Phone

  • 082327539001 - Tlp/SMS/WA (Triyuni Saputri)
  • 085385532986 - Tlp /SMS/WA (Nafis Afiana)
  • 081392639023 (Eli)

Fax: 0274-4532686

 

Email

mail@expertindo-training.com

expertindotraining@gmail.com









CERTIFIED INFORMATION SECURITY MANAGER (CISM)

Home / CERTIFIED INFORMATION SECURITY MANAGER (CISM)

Kategori:
Certification


Deskripsi

The Certified Information Security Manager® (CISM®) certification program is developed specifically for experienced information security managers and those who have information security management responsibilities. The CISM certification is for the individual who manages, designs, oversees and/or assesses an enterprise’s information security (IS). The CISM certification promotes international practices and provides executive management with assurance that those earning the designation have the required experience and knowledge to provide effective security management and consulting services. Individuals earning the CISM certification become part of an elite peer network, attaining a one-of-a-kind credential. The CISM job practice also defines a global job description for the information security manager and a method to measure existing staff or compare prospective new hires.  The course contents are impregnated by standard course recognized by CISA ( Certified Information Security  Auditor)

Tujuan

The course has been designed to enhance the skill of participants in the area of security management, especially in relation to their day-to-day operation as related to information security management. The training shall provide the participant  with the following capabilities:

- Have thorough understanding on Common Body of Knowledge within the scope of  Information Security Management

- Enhanced knowledge and skill in dealing with the operational issues as related to information security within day-to-day installation operation

- Enhanced the skill in the design, implement, manage, and asses the organization’s  IT security system by applying the Common Body of Knowledge in CISM

- Prepare individual competency for the CISM professional exam

- To enhanced the skill of the participants in Information Secuity, and escalate their  management  proficiency with broad managerial perspective essential for their day-to-day IT security  operation and preparing the skill for IT security management  procedural set up.

Materi

1. Information Security Governance

2. Information Risk Management

3. Information Security Program(me) Development

4. Information Security Program(me) Management

5. Information Security Management

6. Incident and Respone Management

7. An Information ecurity steering group function

8. Legal and regulatory issues associated with internet businesses, global transmissions and trans border data flows

9. Common insurance policies and imposed conditions

10. Information security process improvement

11.  Recovery time objectives (RTO) for information resources

12.  Cost benefit analysis techniques in assessing options for mitigating risks threats and exposures to acceptable levels.

13.  Security metrics design, development and implementation.

14.  Information security management due diligence activities and reviews of the infrastructure.

15.  Events affecting security baselines that may

16.  The requirements for collecting and presenting evidence; rules for evidence, admissibility of evidence, quality and completeness of evidence.

17.  External vulnerability reporting sources

18.  The key components of cost benefit analysis and enterprise migration plans

19.  Privacy and tax laws and tariffs, data import/export restrictions, restrictions on cryptography, warranties, patents, copyrights, trade secrets, national security

20.  CISM information classification methods

21.  Life-cycle-based risk management principles and practices.

22.  Cost benefit analysis techniques in assessing options for mitigating risks threats and exposures to acceptable levels.

23.  Security baselines and configuration management in the design and management of required risk assessment

24.  Changes to information security requirements in security plans, test plans and re-performance

25.  Disaster recovery testing for infrastructure and critical business applications, business applications and the infrastructure

26.  Acquisition management methods and techniques

Evaluation of vendor service level agreements, preparation of contracts) CISM question and answer


 Metode :

       Presentation

       Discussion

       Case Study

Investasi dan Fasilitas

   Quota minimum 2 peserta

   Fasilitas : Certificate,Training kits, USB,Lunch,Coffe Break, Souvenir 

   Untuk peserta luar kota disediakan transportasi antar-jemput dari Bandara/Stasiun ke Hotel (Bagi Perusahaan yang mengirimkan minimal 3 orang peserta). 

 

Instruktur

Dr. Ir. Fauzi Hasan. MM, MBA, and Team