The CISM Online Review Course is an online preparation course that will prepare you for the CISM certification exam using proven instructional design techniques and interactive activities. The course covers all four of the CISM domains. The course incorporates video, interactive eLearning modules, downloadable, interactive workbooks, downloadable job aids, case study activities, and pre- and post-course assessments. You will be able to navigate the course at your own pace, following a recommended structure, or target preferred job practice areas. You may also start and stop the course based on your study schedule, picking up exactly where you left off the next time they access.
Trained by ISACA. Certified by ISACA.
At the completion of this course the learner will be able to:
- Establish and/or maintain an information security governance framework and supporting processes to ensure that the information security strategy is aligned with organizational goals and objectives.
- Manage information risk to an acceptable level based on risk appetite to meet organizational goals and objectives.
- Develop and maintain an information security program that identifies, manages and protects the organization’s assets while aligning to information security strategy and business goals, thereby supporting an effective security posture.
- Plan, establish and manage the capability to detect, investigate, respond to and recover from information security incidents to minimize business impact.
- 50 questions
- Results broken down per domain
- Welcome video
- Getting started Job Aid
Domain 1 – Information Security Governance
- Explain the need for and the desired outcomes of an effective information security strategy
- Create an information security strategy aligned with organizational goals and objectives
- Gain stakeholder support using business cases
- Identify key roles and responsibilities needed to execute an action plan
- Establish metrics to measure and monitor the performance of security governance
Domain 2 – Information Risk Management
- Explain the importance of risk management as a tool to meet business needs and develop a security management program to support these needs
- Identify, rank, and respond to a risk in a way that is appropriate as defined by organizational directives
- Assess the appropriateness and effectiveness of information security controls
- Report information security risk effectively
Domain 3- Information Security Program Development and Management
- Align information security program requirements with those of other business functions
- Manage the information security program resources
- Design and implement information security controls
- Incorporate information security requirements into contracts, agreements and third-party management processes
Domain 4 – Information Security Incident Management
- Understand the concepts and practices of Incident Management
- Identify the components of an Incident Response Plan and evaluate its effectiveness
- Understand the key concepts of Business Continuity Planning, or BCP and Disaster Recovery Planning, or DRP
- Be familiar with techniques commonly used to test incident response capabilities
CISM Sample Exam
Delivery Method: Online, self-paced
Duration: Approximately 17 hours
Subscription: 1 year access to the course
Price: ISACA Members: $795 / Non-members: $895
- Interactive Content
- Downloadable workbooks and job aids
- Case study activities
- Practice exam
- Professionals preparing to become CISM certified
- CISA or CISSP-certified individuals looking to move into information security management
- General security management professionals looking to move into information security
- Information security managers
- Mid-level career change
CPE Hours: 21
Level: Beginner – Intermediate
For More Information: https://support.isaca.org
All purchases of online learning courses are final. Access to the online learning courses and materials is immediate upon purchasing; therefore, no refunds or exchanges will be provided. Prices subject to change without notice.
Online review courses are also available for purchase through our enterprise sales team for larger organizations. Visit the Enterprise Training page and reach out to an associate for more information.