Course Information
Registration period
Year-round Recruitment
Price
-
Course Level
Study Mode
Duration
18 Hour(s)
Language
Cantonese
Location
九龍旺角亞皆老街 109 號皆旺商業大廈 18 樓 1802 - 1807 室
18 views
Course Overview
ISACA® 成立於 1969 年,多年來不斷參與各項系統確認性與安全、企業資訊治理及資訊風險的活動,口碑載譽。
ISACA® 會員遍佈逾 180 個國家,總數超過 140,000 人。其頒授的全球認可的國際資訊安全經理人 (CISM® - Certified Information Security Manager®) 資格,更是各位資訊管理人員必考的證書。
CISM 認證是為信息安全經理和處理信息安全管理職責的專業人員而設計。擁有 CISM 認證標誌著該專業人員具備信息風險管理,同時在管理和設計資訊安全計劃上具備認可的專業知識。
What You’ll Learn
課程名稱:CISM 國際認可證書課程
- 簡稱:CISM Training Course
1 Information Security Governance
1.1 Enterprise Governance
1.1.1 Organizational Culture
1.1.2 Legal, Regulatory, and Contractual Requirements
1.1.3 Organizational Structures, Roles, and Responsibilities
1.2 Information Security Strategy
1.2.1 Information Security Strategy Development
1.2.2 Information Governance Frameworks and Standards
1.2.3 Strategic Planning (e.g., budgets, resources, business case).
2 Information Security Risk Management
2.1 Information Security Risk Assessment
2.1.1 Emerging Risk and Threat Landscape
2.1.2 Vulnerability and Control Deficiency Analysis
2.1.3 Risk Assessment and Analysis
2.2 Information Security Risk Response
2.2.1 Risk Treatment / Risk Response Options
2.2.2 Risk and Control Ownership
2.2.3 Risk Monitoring and Reporting
3 Information Security Program
3.1 Information Security Program Development
3.1.1 Information Security Program Resources (e.g., people, tools, technologies)
3.1.2 Information Asset Identification and Classification
3.1.3 Industry Standards and Frameworks for Information Security
3.1.4 Information Security Policies, Procedures, and Guidelines
3.1.5 Information Security Program Metrics
3.2 Information Security Program Management
3.2.1 Information Security Control Design and Selection
3.2.2 Information Security Control Implementation and Integrations
3.2.3 Information Security Control Testing and Evaluation
3.2.4 Information Security Awareness and Training
3.2.5 Management of External Services (e.g., providers, suppliers, third parties, fourth parties)
3.2.6 Information Security Program Communications and Reporting
4 Incident Management
4.1 Incident Management Readiness
4.1.1 Incident Response Plan
4.1.2 Business Impact Analysis (BIA)
4.1.3 Business Continuity Plan (BCP)
4.1.4 Disaster Recovery Plan (DRP)
4.1.5 Incident Classification/Categorization
4.1.6 Incident Management Training, Testing, and Evaluation
4.2 Incident Management Operations
4.2.1 Incident Management Tools and Techniques
4.2.2 Incident Investigation and Evaluation
4.2.3 Incident Containment Methods
4.2.4 Incident Response Communications (e.g., reporting, notification, escalation)
4.2.5 Incident Eradication and Recovery
4.2.6 Post-incident Review Practices
The course content above may change at any time without notice in order to better reflect the contents of examination.
