| Learning Heights Tanzania

Learning Heights

Download Catalogue

Certified Information Security Manager (CISM)

Validate your expertise in information security governance, program development, and management.

Course Overview

The Certified Information Security Manager (CISM) certification, offered by ISACA, is designed for experienced information security managers and professionals who manage, design, oversee, and assess an enterprise's information security. This globally recognized certification demonstrates your expertise in information security governance, risk management, program development and management, and incident management. This course provides comprehensive preparation for the CISM exam.

Learning Outcomes

Upon successful completion of this course, you will gain the knowledge to:

  • Establish and maintain an information security governance framework and supporting processes aligned with business goals.
  • Manage information risk to an acceptable level based on risk appetite to meet organizational objectives.
  • Develop, implement, and manage an information security program to protect the organization's assets.
  • Plan, establish, and manage the capability to detect, investigate, respond to, and recover from information security incidents to minimize business impact.
  • Understand the specific task and knowledge statements for the four CISM certification domains.
  • Effectively prepare for the CISM examination through focused content review and practice.

Comprehensive Syllabus

  • Enterprise Governance and Information Security Governance Principles
  • Developing an Information Security Strategy aligned with Business Goals
  • Establishing Information Governance Frameworks (Policies, Standards, Procedures)
  • Legal, Regulatory, Compliance, and Contractual Requirements
  • Organizational Structure, Roles, and Responsibilities for Information Security
  • Information Security Metrics and Reporting (KPIs, KRIs)
  • Information Risk Management Concepts (Threats, Vulnerabilities, Impact)
  • Implementing Risk Management Processes
  • Information Asset Classification and Ownership
  • Information Risk Assessment Methodologies
  • Risk Treatment Options (Avoid, Mitigate, Transfer, Accept)
  • Risk Monitoring, Reporting, and Communication
  • Information Security Program Objectives and Alignment with Business
  • Developing an Information Security Architecture
  • Defining and Managing Information Security Program Resources (Budget, Personnel)
  • Implementing and Managing Security Controls and Countermeasures
  • Integrating Security Requirements into Business Processes (SDLC, Change Control)
  • Security Awareness, Training, and Education Programs
  • Managing Third-Party Security
  • Incident Management and Response Plans and Procedures
  • Establishing Incident Response Teams (IRT/CSIRT)
  • Incident Detection, Classification, and Analysis Techniques
  • Incident Containment, Eradication, and Recovery Strategies
  • Business Continuity and Disaster Recovery Planning Integration
  • Post-Incident Activities (Lessons Learned, Reporting)
  • Incident Management Tools and Technologies

Certification Exam

This course prepares you for the official Certified Information Security Manager (CISM) exam administered by ISACA.

  • Exam Format: Multiple choice questions
  • Number of Questions: 150 questions
  • Pass Mark: Scaled score of 450 or higher (on a scale of 200-800)
  • Duration: 4 hours (240 minutes)
  • Exam Type: Proctored exam (typically computer-based)
  • Experience Requirement: Note that achieving CISM certification requires passing the exam AND verifying 5 years of relevant work experience in information security management across the CISM domains (waivers available). Refer to ISACA for details.

Quick Course Info

Target Audience: Experienced InfoSec Managers, IT Managers/Directors, Security Consultants, Auditors, Aspiring CISOs.

Prerequisites: While no formal prerequisites for the course, CISM certification requires 5 years of verified information security work experience across the CISM domains (see ISACA for details/waivers).

Duration: Typically 4-5 Days (Adjust as needed)

Format: In-Person (Dar es Salaam) & Online Live options available.

Certification: Certified Information Security Manager (CISM) by ISACA

What's Included

Accredited courseware, CISM Review Manual (digital/physical - specify), CISM Review Questions Database access (specify if included), practice exams, official exam voucher (specify if included).

Enrollment Options

Request Training Info Request Corporate Training
 Chat on WhatsApp Chat with Us!