Certified Information Security Manager (CISM)
CISM (Certified Information Security Manager) is an advanced certification that signifies an individual's expertise and experience in developing and managing robust enterprise information security programs.
ISACA's Certified Information Security Manager (CISM) certification is tailored for professionals with deep technical knowledge and practical proficiency in IS/IT security and control, aspiring to transition from a team member to a managerial position. By attaining the CISM certification, you enhance your credibility and confidence when engaging with internal and external stakeholders, peers, and regulatory bodies.
With a strong emphasis on management, ISACA's CISM certification equips professionals to strategically design, construct, and oversee comprehensive enterprise information security programs. By achieving this esteemed credential, you become part of an expanding and esteemed community of information security experts dedicated to safeguarding organizations from evolving cyber threats.
Funding by SSG - Up to 70% of the course fees (excluding GST) and Applicable for *UTAP*
Certified Information Security Manager (CISM)
Certified Information Security Manager (CISM) is globally recognized as the gold standard for professionals aspiring to excel in information security. It symbolizes expertise, dedication, and a deep commitment to ensuring robust information security practices.
Our comprehensive CISM training course delves into the essential aspects of constructing, developing, and governing information security operations. By completing this rigorous program, participants enhance their value within their organizations and gain a competitive edge in the market. The knowledge and skills acquired through this training enable professionals to implement information security governance and drive successful program development effectively.
By becoming a certified CISM professional, you will position yourself as a trusted authority in information security. Gain recognition from industry peers, attract new clients, and elevate your career to new heights.
Here's why AgileAsia is the ideal choice for your CISM training:
Expertise: Our trainers are highly experienced and possess extensive knowledge of information security management. They bring real-world industry insights and practical knowledge to the training sessions, ensuring a comprehensive learning experience.
Comprehensive Curriculum: Our CISM course is designed to cover all aspects of information security management, including the development, implementation, and governance of information security programs. The curriculum is aligned with the latest industry standards and best practices, equipping you with the knowledge and skills needed to excel in your role.
Interactive Learning Environment: We believe in engaging and interactive learning experiences. Our training sessions incorporate various teaching methods, including case studies, group discussions, and practical exercises. This approach ensures that you understand the concepts and know how to apply them effectively.
Industry Recognition: AgileAsia is recognized for its high-quality training programs and industry-leading certifications. By choosing AgileAsia for your CISM training, you align yourself with a reputable organization that produces skilled and competent professionals.
Support and Resources: We provide ongoing support after completing the training program. We want you to know that we aim to ensure your success in implementing information security governance and program development within your organization. You can access additional materials, participate in discussion forums, and seek guidance from our experts whenever you need it.
By choosing AgileAsia for your CISM training, you invest in your professional growth and future success in information security management. Join us and become part of a thriving community of professionals committed to excellence in information security.
- Evaluate information security governance, risk, and implications: Gain the ability to assess the current state of information security governance within an organization, identify risks, and understand the impact of those risks.
- Develop an information security governance process aligned with organizational goals: Learn strategies and techniques for developing an effective information security governance process that supports the goals and objectives of the organization. This includes incorporating cyber risk assessment methodologies.
- Enhance information security governance given frameworks and emerging risks: Understand common frameworks and standards for information security governance and stay updated on emerging security risks and threats. Learn how to adapt and improve the governance process accordingly.
- Implement information security risk management: Acquire the skills to identify, assess, treat, and monitor information security risks within an organization. Learn how to develop and implement risk management strategies to safeguard critical assets.
- Evaluate resource requirements for implementing an information security program: Assess the human and technological resources needed to establish and maintain an effective program. Understand the cost implications and potential benefits of implementing such a program.
- Develop an information security roadmap and strategy: Create a comprehensive roadmap and strategy for developing and implementing an information security program. Address potential cyber security risks and ensure the program aligns with organizational objectives.
- Establish an incident response management program: Learn how to develop an incident response management program to identify and address cybersecurity vulnerabilities effectively. Be prepared to handle incidents and minimize the impact on the organization's security.
By the end of this course, participants will have the knowledge and skills to evaluate information security governance, develop effective strategies, implement risk management practices, and establish incident response programs. This will enable them to contribute to the overall security posture of their organizations and effectively manage potential cyber security risks.
Understand the future of IT-oriented security and risk environment: Gain insights into the evolving landscape of IT security and risk and equip yourself with the knowledge and skills to navigate this dynamic field. Ensure that your organization's governance objectives are achieved in this ever-changing environment.
Identify, design, and implement a comprehensive information security program: Learn the technical skills and knowledge necessary to identify potential security risks, design robust security measures, and implement an effective program. This includes understanding the latest industry best practices and techniques.
Manage information security on a day-to-day basis: Acquire the skills to effectively manage and oversee the day-to-day operations of an information security program. Ensure that the goals of information security align with the overall organizational objectives and that the information and related technologies are used responsibly.
Understand the relationship between executive leadership, enterprise governance, and information security governance: Explore the crucial relationship between organizational leadership, enterprise governance, and information security governance. Learn how these elements intersect and influence each other to ensure adequate information security management.
Develop an information security strategy: Outline the key components of a robust information security strategy. Understand how to align the system with organizational goals and objectives and ensure its effectiveness in mitigating risks and protecting critical assets.
Influence the information security strategy through risk assessment: Understand how the risk assessment process plays a vital role in shaping the information security strategy. Learn to identify and assess risks, prioritize actions, and make informed decisions to mitigate potential threats.
Develop an information risk response strategy: Articulate the process and requirements for an effective information risk response strategy. Learn how to proactively address and manage risks, ensuring a swift and efficient response to potential security incidents.
Build and maintain an enterprise information security program: Understand the components necessary for building and maintaining a comprehensive enterprise information security program. Gain insights into the organizational structures, policies, procedures, and technologies required to ensure the program's effectiveness.
Assess the enterprise's readiness to manage information security incidents: Learn techniques to assess the enterprise's ability and willingness to handle information security incidents. Understand how to effectively evaluate and strengthen response and recovery capabilities to address security breaches.
Measure and improve response and recovery capabilities: Explore methods to measure, evaluate, and continuously improve the response and recovery capabilities of an organization's information security program. I'd like you to learn how to enhance incident management processes and ensure a resilient and proactive approach to security incidents.
Identify critical issues and customize company-specific practices: As a CISM-certified professional, you will have the expertise to identify essential information security issues and tailor practices that align with your organization's unique needs. This enables effective governance of information and related technologies, ensuring the confidentiality, integrity, and availability of valuable assets.
Enhance enterprise credibility: Earning the CISM certification brings credibility to your enterprise. This certification demonstrates your commitment to excellence in information security management and assures stakeholders, including clients, partners, and regulators, that the organization takes security seriously.
Gain a comprehensive view of information systems security management: The CISM certification provides a holistic understanding of security management and its vital role in achieving organizational success. You will develop the knowledge and skills to address complex security challenges and make informed decisions to protect critical assets.
Communicate a commitment to compliance, security, and integrity: CISM certification is a powerful message to enterprise customers, showcasing your organization's dedication to compliance, safety, and integrity. This commitment contributes to the attraction and retention of customers, instilling confidence in their interactions with your organization.
Improve alignment with organizational goals and objectives: With CISM certification, you will ensure improved alignment between your organization's information security program and its broader goals and objectives. Integrating security into the organizational strategy can drive effective risk management, resource allocation, and decision-making processes.
Gain recognition from multinational clients and enterprises: The CISM certification is recognized and respected globally by global clients and enterprises. By holding this certification, you enhance the reputation and credibility of your enterprise in the international marketplace, opening doors to new opportunities and collaborations.
By attaining the CISM certification, you position yourself as a trusted information security professional equipped with the knowledge and skills to navigate complex security challenges and contribute to the success and growth of your organization.
Course Name: Certified Information Security Manager (CISM)
Course Duration: 4 Days
Course Fees: $2,240.00 (exclusive of GST and Exam Fees)
Funding: Up to 70% (by SSG)
After 70% Subsidy: $851.20
After 50% Subsidy: $1,299.20
Can claim UTAP: Yes
Can use skillsfuture credit: Yes
Exam Fees: $600.00 (together with course), or $900.00 (just exam voucher)
Curriculum
Module 1
Information Security Governance
- Describe the role of governance in creating value for the enterprise.
- Explain the importance of information security governance in the context of overall enterprise governance.
- Describe the influence of enterprise leadership, structure, and culture on the effectiveness of an information security strategy.
- Identify the relevant legal, regulatory, and contractual requirements that impact the enterprise.
- Describe the effects of the information security strategy on enterprise risk management.
- Evaluate the common frameworks and standards used to govern an information security strategy.
- Explain why metrics are critical in developing and evaluating the information security strategy.
Module 2
Information Risk Management and Compliance
- Apply risk assessment strategies to reduce the impact of information security risk.
- Assess the types of threats faced by the enterprise.
- Explain how security control baselines affect vulnerability and control deficiency analysis.
- Differentiate between the application of risk treatment types from an information security perspective.
- Describe the influence of risk and control ownership on the information security program.
- Outline the process of monitoring and reporting information security risk
Module 3
Information Security Program Development and Management
- Outline the components and resources used to build an information security program.
- Distinguish between common IS standards and frameworks available to build an information security program.
- Explain how to align IS policies, procedures, and guidelines with the needs of the enterprise.
- Describe the process of defining an IS program road map.
- Outline key IS program metrics used to track and report progress to senior management.
- Explain how to manage the IS program using controls.
- Create a strategy to enhance awareness and knowledge of the information security program.
- Describe the process of integrating the security program with IT operations and third-party providers.
- Communicate key IS program information to relevant stakeholders
Module 4
Information Security Incident Management
- Distinguish
between incident management and incident response.
- Outline the
requirements and procedures necessary to develop an incident response plan.
- Identify
techniques used to classify or categorize incidents.
- Outline the
types of roles and responsibilities required for an effective incident
management and response team.
- Distinguish
between the types of incident management tools and technologies available to an
enterprise.
- Describe
the processes and methods used to investigate, evaluate and contain an
incident.
- Identify
the types of communications and notifications used to inform key stakeholders
of incidents and tests.
- Outline the
processes and procedures used to eradicate and recover from incidents.
- Describe
the requirements and benefits of documenting events.
- Explain the
relationship between business impact, continuity, and incident response.
- Describe
the processes and outcomes related to disaster recovery.
- Explain the impact of metrics and testing when evaluating the incident response plan.
Upcoming Course Schedules & Details
| No Upcoming Schedules |
Please Note:
- Our classes are conducted at our office training venues.
Funding Eligibility
| Individual - Singaporeans aged 40 & above | |
|---|---|
| Course Fees | $ 2240.00 |
| Funding | 70 % |
| Nett Fees | $ 672.00 |
| GST | $ 201.60 |
| Nett Fees + GST | $ 873.60 |
| Individual - Singaporeans aged below 40 & All PRs | |
|---|---|
| Course Fees | $ 2240.00 |
| Funding | 50 % |
| Nett Fees | $ 1120.00 |
| GST | $ 201.60 |
| Nett Fees + GST | $ 1321.60 |
| Others | |
|---|---|
| Course Fees | $ 2240.00 |
| Funding | 0 % |
| Nett Fees | $ 2240.00 |
| GST | $ 201.60 |
| Nett Fees + GST | $ 2441.60 |
Please Note:
INDIVIDUAL SPONSORED -
SkillsFuture Credit:
- Eligible Singapore Citizens can use their SkillsFuture Credit to offset course fees payable after funding.
UTAP:
- NTUC Members can enjoy up to 50% of funding (capped at $250 per year) under UTAP.
PSEA:
- Eligible Singapore Citizens can use Post-Secondary Education Account funds to offset course fees payable after funding.
- For physical class, check my SkillsFuture (TGS-2023020112), and scroll down to the "Keyword Tags" section for PSEA eligibility verification.
- Not all courses are eligible for PSEA funding.
COMPANY SPONSORED -
Absentee Payroll (AP) Funding:
- $4.50/ hour, capped at $100,000 per organization per calendar year.
- Absentee Payroll funding will be computed based on the actual number of training hours attended by the trainee.
- Training is fully sponsored by the company, which is registered or incorporated in Singapore.
- Sponsored employee must be a Singapore Citizen or Singapore Permanent Resident and attend both training and final assessment (FA) on the assigned date and achieve a minimum of 75% attendance, and be certified competent in all the assessment components.
- Should the sponsored employee fail to meet the attendance/ assessment requirements and/or terms and conditions of SSG’s funding, the company will not be eligible.
For the latest SSG subsidy scheme, please refer to SSG website https://www.skillsfuture.gov.sg/
There are no prerequisite requirements for taking the CISM Course or the CISM exam.
To apply for CISM certification, you must have five or more
years of professional experience in information security management, including
at least three years of practical experience in one of the areas listed below.
At the discretion of ISACA, you will be eligible to claim certain security or
information system certification degrees or credentials for up to two years of
the required five years of experience.
- Duration: 4 Hours
- Number of questions: 150
- Question format: Multiple Choice
- Passing marks: 450 out of 800
- Exam language: English
In addition to passing the examination, there are additional requirements for obtaining the certificate. These can be found at: https://www.isaca.org/credentialing/cism/get-cism-certified
The certification is valid for a period of 3 years. Certified CISM’s must complete the re-certification process every three years in order to retain the qualification.
The certification is valid for a period of 3 years.
Certified CISM’s must complete the re-certification process every three years in order to retain the qualification.
To apply for CISM certification, you must have five or more
years of professional experience in information security management, including
at least three years of practical experience in one of the areas listed below.
At the discretion of ISACA, you will be eligible to claim certain security or
information system certification degrees or credentials for up to two years of
the required five years of experience.
Click here to read about our Refund Policy and Process
Testimonials
Never have I attended such an engaging course and it makes my journey of Agile and Scrum journey much more fun and fulfilling. Trainer Stuart Mitchell has definitely take up the standard of teaching and coaching up many notches. Very insightful views from vast working experiences that Stu has. Highly recommended!
Eugene Lee
Project Manager
Dennis and team are just simply great to work with. They are prompt with their replies and clear with their instructions to ensure that learners get the best experience and learning journey with them. That's why I had chosen to go back to them for my CSPO course after taking my CSM course with them. I am looking forward to the post course gatherings and informal trainings which I heard they they organize after Covid.
Edwin Anuruddha Chow
Event Manager
The class was conducted in the best way possible (online zoom classes)! Stu is really passionate and shares many tips on facilitation. Highly recommend to anyone!
Quah Kai Li
Senior Auditor
Thanks for the CSM course, I found it a rewarding experience. The course was well set out, easy to understand, and had an amazing trainer and coach (Stuart). It wasn’t just about certification, but also gave insights to a lot of engagement techniques and real world experiences. I would highly recommend this course.
Shibil Poulose
Senior Director at VISA Singapore
The CSPO course that I took recently from Agile Asia was excellent. The instructor Mr.Sam had made us understand the responsibility of a PO very easily, with good hands-on practices and Q&A sessions after each topic. I would recommend this course for anyone, who would like to acquire Agile skills in a short period.
Renganayaki Ramasamy
Junior Product Associate
Absolutely wonderful course - The 2-day program was concise yet informative, also very engaging. Highly recommend anyone looking to do Certified Scrum Master to go with Agile Asia. The payment was also fuss-free, and if you are Singaporean, Skillsfuture credits were easily utilized
Abby Zhijun Wu
Software Engineers
Excellent course. The trainer was very interactive and provided very useful examples and facilitation techniques that are relatable in the working world. It was a good and enriching experience engaging with the trainer and other team members via the different platforms used throughout the course.
Lydiawati
Junior Product Associate
The program was concise and practical. I get to walk through the entire scrum process. Stu guided the team into role-playing for experiential learning! Much enjoyed! Word of caution: High energy and focus required throughout the course.
Terry Ng
Software Engineers
One of the best providers in the agile training space. The facilitators Stu and Sam have been there are done Scrum in large organizations and bring a wealth of knowledge. They convey concepts so well during classes that even people without a prior background can assimilate the knowledge easily.
Ajay Kumar Venkatasubramanian
Junior Product Associate
Attended CSM course by Stu Mitchell. Really enjoyed his lesson. Taught us how to be a good ScrumMaster. The techniques and case studies and engagement by the trainer, really showed the role is key in the scrum team. Definitely recommend.
Herman Shah
Software Engineers
This is an excellent training program conducted by a highly professional, knowledgeable and practicing trainer supported by a very motivated team. Stu Mitchell demonstrated in the real-life example of how to facilitate a Scrum team as a Scrum Master. His role plays often depict the real-life example
Poh Sing Low
Software Engineers
Thanks again for the course, I found it excellent and connected directly to all the challenges we talked through (especially as I am in large scale scrum delivery, plugging into multiple waterfall teams/cultures - not easy!).
S. Davidson
Executive Director, JP Morgan (October 2017)
As a course participant you will definitely learn how to implement Scrum, but more importantly, exposure to Stuart’s passion will give you both critical insights into the underlying, non obvious, issues and tools and techniques you can use to immediately increase the odds that your orgnanization’s
R. Roach
CSM Trainer (TCS)
I cleared my Scrum Master certification examination with 100% mark. I am so grateful for your efforts! Stuart is an incredible trainer. I will highly recommend you to my friends and colleagues
A. Nath
Trainer (Oracle)
I had some agile experience going into the training, and it was very helpful to learn what I do well. More importantly, I learned what I don’t do well and how to change that.
C.Popescu
Senior Scientist at Oracle