CISM (Update 2021)

(1 customer reviews)

Leading the way

CISM (Update 2021)

(1 customer reviews)

| Total Course Video Hours: 17 Hrs 18 Min
|  Videos: 48
|  Course Access: 12 Months Unlimited Access
|  Study Method: Online Video Lessons
|  Course Type: Certificate Course
|  Award: Cyber Studies Institute

Course Fee:


Current Special Ends in:

  • 00Days
  • 00Hours
  • 00Min
  • 00Sec


The CISM training course is designed to provide on-the-job skills, as well as knowledge to pass the Certified Information System Manager (CISM) certification exam. This is advanced-level cybersecurity training to complete once the PenTest+, CySA+, and various higher-level certifications in Cisco and Microsoft have been completed.

The course instructor is Roger St Hilaire, with 30+ years of experience and CISM, CGEIT, MOF, TOGAF & PSP-Rainmaker Foundation Certifications.

The course will cover the following list of main areas, spanning the four domains of the CISM practice and the related tasks. The CISM Exam Preparation Course Outline is as follows:

  • Information Security Defined
  • Information Security Principles
  • Support the Business
  • Defend the Business
  • Promote Responsible Information Security Behavior

DOMAIN 1 – Information Security Governance

  • Section One: Designing a Strategy and Governance Framework
  • Section Two: Gaining Management Approval
  • Section Three: Implementing the Security Strategy

DOMAIN 2 – Information Security Risk Management

  • Section One: Risk Identification
  • Section Two: Risk Analysis and Treatment
  • Section Three: Risk Monitoring and Reporting

DOMAIN 3 – Information Security Program Development and Management

  • Section One: Alignment and Resource Management
  • Section Two: Standards Awareness and Training
  • Section Three: Building Security into Processes and Practices
  • Section Four: Security Monitoring and Reporting

DOMAIN 4 – Information Security Incident Management

  • Section One: Planning and Integration
  • Section Two: Readiness and Assessment
  • Section Three Identification and Response
  • Exam Techniques
  • ISACA Requirements for Certification:
  • To facilitate the student’s understanding of ISACA’s approach to information security, and its related concepts such as risk.
  • Develop an understanding of key practices in the governance, management of risk, program development, and incident management in the realm of information security.
  • Ensure that the student is appropriately prepared for successful completion of the Certified Information Security Manager exam given by ISACA on the first attempt.
Claim your FREE R500 Gift Voucher

FREE R500 gift voucher, especially for you 🎁

Join our mailing list and get your free exclusive R500 discount voucher.

This Voucher can be used for any of our Bundle Courses.


Instructor bio
Roger St Hilaire

CISM, CGEIT, CRISC, TOGAF, Certified Trainer and Governance Specialist

Designed the first knowledge engine for UNDP SubRegional Resource Facility. The system
known as the Request Tracker facilitated workflowbased tracking of all queries coming into
the organization from inception along with all the work done including searches and
documents shared with the client. It tracked time used in addressing the query, the material
used to solve the query and any additional supplemental information shared with the client in
solving the issue at hand. The system keeps all queries categorized according to the UNDP
keyword data set, and was fully searchable by staff for reuse of information in solving new
queries. Additionally, the system via a single click could report on the productivity of staff by
staff member based on time period categorizing the results in the UNDP focus areas.

Took over the management and growth of a $70 million USD dual data centre national
network system for the Trinidad and Tobago Government. Expanding it from 400+ connected
sites to 512 within one year with no breaches and increasing customer satisfaction with use
of the network. Motivated the teams and increased team moral while increasing performance
to handle upward of 2000 Queries per month with a customer satisfaction rating of 4.5 out of
a possible 5.

Negotiated with vendors to support the organization during a crisis event to the tune of
approximately $200K USD committed support with no payback required.

Saved a BPR client $60KUSD by reviewing and realigning the analysis of one of their
support lines. The actions improved the organization’s ability to support its field teams and
streamline its update and testing metrics for increased reliability.

Improved security for BPR client by reviewing the processes used for information exchange,
and metrics used for management of funds on site at the retail outlets.

Course Prerequisites

Understanding of information security concepts

Some background in technology and information management

Course Objective

In this course, you will learn how to:

Design and Implement a Security Strategy and Governance Framework

Leverage the Enterprise Risk Management Practice in the organization for identification,
analysis, treatment and monitoring of Security Risks.

Develop and Implement a Security Program

Manage Information Security Incident Management

Course Duration


Course outline

Module 1: Introduction

1.1 Instructor Introduction

1.2 Course Introduction

1.3 Exam Overview

Module 2: M1 Information Security Governance

2.1 Module Overview

2.2 InfoSec Strategic Context Part 1

2.3 InfoSec Strategic Context Part 2

2.4 GRC Strategy and Assurance

2.5 Roles and Responsibilities

2.6 GMA Tasks Knowledge and Metrics

2.7 IS Strategy Overview

2.8 Strategy Implementation

2.9 Strategy Development Support

2.10 Architecture and Controls

2.11 Considerations and Action Plan

2.12 InfoSec Prog Objectives and WrapUp

Module 3: Information Security Risk Management

3.1 Module Overview

3.2 Risk Identification Task and Knowledge

3.3 Risk Management Strategy

3.4 Additional Considerations

3.5 Risk Analysis and Treatment Tasks & Knowledge
3.6 Leveraging Frameworks

3.7 Assessment Tools and Analysis

3.8 Risk Scenario Development

3.9 Additional Risk Factors

3.10 Asset Classification and Risk Management

3.11 Risk Monitoring and Communication

3.12 Information Risk Management Summary

Module 4: InfoSec Prog Development and Management

4.1 Module Overview

4.2 Alignment and Resource Management Task and Knowledge

4.3 Key Relationships

4.4 Standards Awareness and Training Tasks and Knowledge

4.5 Awareness and Training

4.6 Building Security into Process and Practices Tasks and Knowledge

4.7 Additional Technology Infrastructure Concerns

4.8 Security monitoring and reporting Overview Tasks and Knowledge

4.9 Metrics and Monitoring

4.10 Summary

Module 5: Information Security Incident Management

5.1 Module Overview

5.2 Planning and Integration Overview Task and Knowledge

5.3 Incident Response Concepts and Process

5.4 Forensics and Recovery

5.5 Readiness and Assessment Overview Tasks and Knowledge

5.6 Identification and Response Overview Tasks and Knowledge

5.7 Incident Processes

Module 6: Exam Prep

6.1 Case Study Security On a Shoestring Budget

6.2 Case Study APT In Action

6.3 Summary

6.4 Exam Prep

1 review for CISM (Update 2021)

  1. Noluthando

    I’m forever grateful to CSI for providing such an outstanding course.

Add a review

Your email address will not be published. Required fields are marked *

Excited to Study Enroll Qualify

If you are ready to take the next step, click on the “Enroll Now” button below or “Contact us now” on this course for a detailed course outline or if you have any questions. An expert course adviser is standing by to assist you.

CompTIA Authorized Partner

Cyber Studies Institute (Pty) Ltd is proud to be an Official CompTIA Authorized Partner. Ensuring that you receive the best training in the world.

CompTIA Authorized Partner

How does studying with CSI work?

Click here to read how the process of studying at CSI work.