Certified Information Security Manager® (CISM)
CISM (Certified Information Security Manager) is an advanced certification that indicates that an individual possesses the knowledge and experience required to develop and manage an enterprise information security (infosec) program.
ISACA’s Certified Information Security Manager (CISM) certification is for those with technical expertise and experience in IS/IT security and control who want to make the move from team player to manager. CISM can add credibility and confidence to your interactions with internal and external stakeholders, peers, and regulators.
ISACA’s CISM (Certified Information Security Manager) certification is a management-focused certification designed for professionals who design, build and manage enterprise information security programs. Achieving this leading information security credential will help you join a growing and elite network.
Launching Soon - Reserve your slot first
Certified Information Security Manager® (CISM)
Certified Information Security Manager (CISM) has been accepted as the universal standard to strive towards the sphere of information security, thus depicting the qualification as a prominent representation of expertise and commitment.
This Certified Information Security Manager (CISM) training course focuses on the construction, development, and governance of information security operations. Successfully completing this CISM Training makes delegates valuable for their organisation and helps to expand their clientele due to their implementation of information security governance and program development.
- Premier Training Provider specializing in Agile Training, with up to 70% fees subsidy + UTAP claimable courses.
- Trained > 10,000 participants locally for the past two years, conducted by Top Scrum Alliance Certified Trainers from the UK and Australia with > 15 years of hands-on experience in the Agile landscape.
- Fun and engaging activities-based learning, with lifelong online support for individual learners and transformation consultation sessions for corporate partners after course completion.
- Explore the CISM course and discover how it can add value to you in IT Governance
- Acquire knowledge on how the Governance process works, understanding the organizational goals and objectives, strategy, and how IT and IT security strategies align with organizational goals and objectives
- Learn how to develop and implement the IT Security strategies and the resources needed, and the constraints in achieving them
- Learn how Risk Management helps to achieve the goals and objectives and the process of IT risk management, including identification, assessment, treatment, and monitoring of risk
- Understand the frameworks required to implement an Information Security Program
- Understand and develop the resources required and the constraints that need to be addressed to implement an Information Security Program
- Learn about the desired state and the current state of Information Security and the requirement of gap analysis to develop the road map and strategy for program development
- Understand the role of metrics in the Information Security Program Implementation
- Learn about Incident management and how it helps in Governance and Risk Management
- Explore the steps involved in developing, implementing, and maintaining an Incident response management program.
After
completing this course, participants should be able to:
- Explain the
relationship between executive leadership, enterprise governance, and
information security governance
- Outline the
components used to build an information security strategy
- Explain how
the risk assessment process influences the information security strategy
- Articulate the
process and requirements used to develop an effective information
risk response strategy
- Describe
the components of an effective information security program
- Explain the
process to build and maintain an enterprise information security program
- Outline
techniques used to assess the enterprise’s ability and readiness to manage
an information security incident
- Outline
methods to measure and improve response and recovery capabilities
- Identify critical issues and customize company-specific
practices to support the governance of information and related technologies
- Bring credibility to the enterprise for which they are
employed
- Take a comprehensive view of information systems security
management and their relationship to organizational success
- To enterprise customers about their commitment to
compliance, security, and integrity, and ultimately contribute to the
attraction and retention of customers
- Ensure that there is improved alignment between the organization's
information security program and its broader goals and objectives
- Provide the enterprise with a certification for Information
security management that is recognized by multinational clients and
enterprises, lending credibility to the enterprise
Course Name: Certified Information Security Manager® (CISM)
Course Duration: 4 Days
Course Fees: $2,240.00 (exclusive of GST)
Certification Fees: Not inclusive
Curriculum
Module 1
Information Security Governance
- Describe the role of governance in creating value for the enterprise.
- Explain the importance of information security governance in the context of overall enterprise governance.
- Describe the influence of enterprise leadership, structure, and culture on the effectiveness of an information security strategy.
- Identify the relevant legal, regulatory, and contractual requirements that impact the enterprise.
- Describe the effects of the information security strategy on enterprise risk management.
- Evaluate the common frameworks and standards used to govern an information security strategy.
- Explain why metrics are critical in developing and evaluating the information security strategy.
Module 2
Information Risk Management and Compliance
- Apply risk assessment strategies to reduce the impact of information security risk.
- Assess the types of threats faced by the enterprise.
- Explain how security control baselines affect vulnerability and control deficiency analysis.
- Differentiate between the application of risk treatment types from an information security perspective.
- Describe the influence of risk and control ownership on the information security program.
- Outline the process of monitoring and reporting information security risk
Module 3
Information Security Program Development and Management
- Outline the components and resources used to build an information security program.
- Distinguish between common IS standards and frameworks available to build an information security program.
- Explain how to align IS policies, procedures, and guidelines with the needs of the enterprise.
- Describe the process of defining an IS program road map.
- Outline key IS program metrics used to track and report progress to senior management.
- Explain how to manage the IS program using controls.
- Create a strategy to enhance awareness and knowledge of the information security program.
- Describe the process of integrating the security program with IT operations and third-party providers.
- Communicate key IS program information to relevant stakeholders
Module 4
Information Security Incident Management
- Distinguish
between incident management and incident response.
- Outline the
requirements and procedures necessary to develop an incident response plan.
- Identify
techniques used to classify or categorize incidents.
- Outline the
types of roles and responsibilities required for an effective incident
management and response team.
- Distinguish
between the types of incident management tools and technologies available to an
enterprise.
- Describe
the processes and methods used to investigate, evaluate and contain an
incident.
- Identify
the types of communications and notifications used to inform key stakeholders
of incidents and tests.
- Outline the
processes and procedures used to eradicate and recover from incidents.
- Describe
the requirements and benefits of documenting events.
- Explain the
relationship between business impact, continuity, and incident response.
- Describe
the processes and outcomes related to disaster recovery.
- Explain the impact of metrics and testing when evaluating the incident response plan.
Upcoming Course Schedules & Details
For eligible company sponsored participants, please send details to training@agileasia.com for registration as the Invoice will be issued under company name. Participants may make payment using this Invoice and receipt issued for reimbursement.
| No Upcoming Schedules |
Please Note:
- Our classes are conducted at our office training venues.
Funding Eligibility
(Pending Approval)
| Singapore Citizen Aged 40 and above | |
|---|---|
| Course Fees | $ 2240.00 |
| Funding | 0 % |
| Nett Fees | $ 2240.00 |
| GST | $ 179.2 |
| Nett Fees + GST | $ 2419.20 |
| Singapore Citizen Aged below 40 and All PRs | |
|---|---|
| Course Fees | $ 2240.00 |
| Funding | 0 % |
| Nett Fees | $ 2240.00 |
| GST | $ 179.20 |
| Nett Fees + GST | $ 2419.20 |
| Others | |
|---|---|
| Course Fees | $ 2240.00 |
| Funding | 0 % |
| Nett Fees | $ 2240.00 |
| GST | $ 179.20 |
| Nett Fees + GST | $ 2419.00 |
Please Note:
For all courses commencing after 01st Jan 2023:
Self-Sponsored Category (in the Finance and Banking Industries)
- Singapore Citizens aged 40 years old and above – 70% Subsidy + 100% GST
- Singapore Citizens aged 40 years old and below – 50% Subsidy + 100% GST
- Singapore Permanent Residents – 50% Subsidy + 100% GST
Company-Sponsored Category (in the Finance and Banking Industries)
- Singapore Citizens aged 40 years old and above – 70% Subsidy + 100% GST
- Singapore Citizens aged 40 years old and below – 50% Subsidy + 100% GST
- Singapore Permanent Residents – 50% Subsidy + 100% GST
- HR needs to create a company account, register, and payment for the participants
For Individuals and Companies NOT in the Finance and Banking Industries
- Full payment - 100% Course Fees + 100% GST
For the latest IBF subsidy scheme, please refer to IBF website https://www.ibf.org.sg/programmes/Pages/IBF-STS.aspx
- To qualify for the funding, a trainee MUST successfully complete the course (including achieving at least 75% attendance and passing all assessments)
- NTUC Members can enjoy up to 50% funding (capped at $500 per year) under the Union Training Assistance Programme (UTAP)
There are no prerequisite requirements for taking the CISM Course or the CISM exam.
To apply for CISM certification, you must have five or more
years of professional experience in information security management, including
at least three years of practical experience in one of the areas listed below.
At the discretion of ISACA, you will be eligible to claim certain security or
information system certification degrees or credentials for up to two years of
the required five years of experience.
- Duration: 4 Hours
- Number of questions: 150
- Question format: Multiple Choice
- Passing marks: 450 out of 800
- Exam language: English
In addition to passing the examination, there are additional requirements for obtaining the certificate. These can be found at: https://www.isaca.org/credentialing/cism/get-cism-certified
The certification is valid for a period of 3 years. Certified CISM’s must complete the re-certification process every three years in order to retain the qualification.
The certification is valid for a period of 3 years.
Certified CISM’s must complete the re-certification process every three years in order to retain the qualification.
To apply for CISM certification, you must have five or more
years of professional experience in information security management, including
at least three years of practical experience in one of the areas listed below.
At the discretion of ISACA, you will be eligible to claim certain security or
information system certification degrees or credentials for up to two years of
the required five years of experience.
Click here to read about our Refund Policy and Process
Testimonials
Never have I attended such an engaging course and it makes my journey of Agile and Scrum journey much more fun and fulfilling. Trainer Stuart Mitchell has definitely take up the standard of teaching and coaching up many notches. Very insightful views from vast working experiences that Stu has. Highly recommended!
Eugene Lee
Project Manager
Dennis and team are just simply great to work with. They are prompt with their replies and clear with their instructions to ensure that learners get the best experience and learning journey with them. That's why I had chosen to go back to them for my CSPO course after taking my CSM course with them. I am looking forward to the post course gatherings and informal trainings which I heard they they organize after Covid.
Edwin Anuruddha Chow
Event Manager
The class was conducted in the best way possible (online zoom classes)! Stu is really passionate and shares many tips on facilitation. Highly recommend to anyone!
Quah Kai Li
Senior Auditor
Thanks for the CSM course, I found it a rewarding experience. The course was well set out, easy to understand, and had an amazing trainer and coach (Stuart). It wasn’t just about certification, but also gave insights to a lot of engagement techniques and real world experiences. I would highly recommend this course.
Shibil Poulose
Senior Director at VISA Singapore
The CSPO course that I took recently from Agile Asia was excellent. The instructor Mr.Sam had made us understand the responsibility of a PO very easily, with good hands-on practices and Q&A sessions after each topic. I would recommend this course for anyone, who would like to acquire Agile skills in a short period.
Renganayaki Ramasamy
Junior Product Associate
Absolutely wonderful course - The 2-day program was concise yet informative, also very engaging. Highly recommend anyone looking to do Certified Scrum Master to go with Agile Asia. The payment was also fuss-free, and if you are Singaporean, Skillsfuture credits were easily utilized
Abby Zhijun Wu
Software Engineers
Excellent course. The trainer was very interactive and provided very useful examples and facilitation techniques that are relatable in the working world. It was a good and enriching experience engaging with the trainer and other team members via the different platforms used throughout the course.
Lydiawati
Junior Product Associate
The program was concise and practical. I get to walk through the entire scrum process. Stu guided the team into role-playing for experiential learning! Much enjoyed! Word of caution: High energy and focus required throughout the course.
Terry Ng
Software Engineers
One of the best providers in the agile training space. The facilitators Stu and Sam have been there are done Scrum in large organizations and bring a wealth of knowledge. They convey concepts so well during classes that even people without a prior background can assimilate the knowledge easily.
Ajay Kumar Venkatasubramanian
Junior Product Associate
Attended CSM course by Stu Mitchell. Really enjoyed his lesson. Taught us how to be a good ScrumMaster. The techniques and case studies and engagement by the trainer, really showed the role is key in the scrum team. Definitely recommend.
Herman Shah
Software Engineers
This is an excellent training program conducted by a highly professional, knowledgeable and practicing trainer supported by a very motivated team. Stu Mitchell demonstrated in the real-life example of how to facilitate a Scrum team as a Scrum Master. His role plays often depict the real-life example
Poh Sing Low
Software Engineers
Thanks again for the course, I found it excellent and connected directly to all the challenges we talked through (especially as I am in large scale scrum delivery, plugging into multiple waterfall teams/cultures - not easy!).
S. Davidson
Executive Director, JP Morgan (October 2017)
As a course participant you will definitely learn how to implement Scrum, but more importantly, exposure to Stuart’s passion will give you both critical insights into the underlying, non obvious, issues and tools and techniques you can use to immediately increase the odds that your orgnanization’s
R. Roach
CSM Trainer (TCS)
I cleared my Scrum Master certification examination with 100% mark. I am so grateful for your efforts! Stuart is an incredible trainer. I will highly recommend you to my friends and colleagues
A. Nath
Trainer (Oracle)
I had some agile experience going into the training, and it was very helpful to learn what I do well. More importantly, I learned what I don’t do well and how to change that.
C.Popescu
Senior Scientist at Oracle
Frequently Asked Questions
Enquire Now
