Starting in the industry, cism international registered information security manager

 

Starting in the industry, cism international registered information security manager

Cism Information Security Manager (Certified Information Security Manager) was launched by ISACA in 2002 and is specialized in the design of senior managers responsible for leading, planning, and managing enterprise comprehensive information system security.

Cism manages information risks in business applications and solves related problems, rather than an entry-level professional certification. Cism is designed for information security managers and information security management professionals to improve the overall information system security management level of enterprises and ensure to the senior management, persons with cism professional qualification have the knowledge and ability to provide effective security management and consulting, business-oriented, in the application of business management, design and technical security issues emphasize the concept of Information Risk Management. Cism is not applicable to information system auditors, but is helpful to information system auditors with information system management experience and responsibilities.

Cism is unique in international information security certification and is specially designed for people with rich practical experience in information security project group management. Since its launch in 2002, cism has become a globally recognized symbol of excellence in information security. Currently, over 25,000 professionals worldwide have received cism certification, and over 200 professionals in mainland China have received certification.

Cism certification has been awarded the iso17024 certification by the American National Standards Association (ANSI) for many years, and one of the five major information security certifications on the govinfosecurity.com website in 2012, 2011 received the Hong Kong Information and Communication Technology award for the best professional development (information and communication technology industry) in the year.

Cism international registered information security manager mainly involves: "Information Security Governance (24%), information risk management and compliance (33%), information security project development and management (25%) information Security Event Management (18%. The content and knowledge fields are detailed as follows:

Chapter 1: Information Security Governance: establishes an information security governance structure to ensure that information security policies are consistent with business objectives and comply with laws, regulations and regulatory requirements;

Overview of information security governance

Effective information security governance

Information Security Concepts and technologies

Governance and third-party relationships

Measure of Information Security Governance

Information security strategy overview

Develop information security strategies

Strategic goals of information security

Identify risk status

Information Security Strategic Development

Strategic Resources

Strategic limits

Strategic Action Plan

Implementation of Security Governance-Example

Interim objectives of the Action Plan

Objectives of the Information Security Project Group

Case

Chapter 2 Information Risk management and compliance: establishes an information security risk management system to comply with the regulatory requirements of laws and regulations;

Risk management overview

Risk management strategy

Effective information security risk management

Information security risk concept

Implement risk management

Risk assessment and analysis methods

Risk Assessment

Information Resource pricing

Recovery Time Objective (RTO)

Integration Lifecycle Process

Security Control baseline

Risk monitoring and communication

Training and awareness

Document

Chapter 3: Information Security Project Group Development and Management: design, development, implementation and management of information security processes, and establishment of an information security management framework;

Overview

Effective information security project group development

Concept of Information Security Project Group

Scope and regulations of Information Security Project Groups

Information security management framework

Information security framework component

Define the Information Security Project Group Roadmap

Information security infrastructure and architecture

Architecture implementation

Security Project Group management and administrative activities

Security Project Group services and operations

Control and response measures

Measure and monitor security project groups

Common Information Security Project Group challenges

Chapter 4: Information Security Incident Management: establishes Information Security Incident Management processes to respond to emergencies and recover them;

Event Management Overview

Event Response steps

Event Management Organization

Event Management Resources

Event Management Objectives

Event Management metrics and metrics

Define event management steps

Status Quo of Event Response Capability

Develop Event Response plans

Business continuity and disaster recovery steps

Test Event Response and business continuity/disaster recovery plans

Execute response and recovery plans

Post-event activities and surveys

Shanghai huizhe Information Technology Co., Ltd. ("huizhe" or "spisec") is headquartered in Shanghai and Beijing. Has been committed to training and practical research in IT governance, information security, IT audit, IT risk management, business continuity, IT service management, and project management for many years, we are always aiming to cultivate Chinese Information Security talents and organize Chinese information security professionals to learn and exchange information. As a leading professional training service organization, huizhe has been committed to promoting information security theories and practices, providing trainees with the service of "learning international knowledge, broadening their career paths, integrating into professional communities, and continuously improving their abilities.

Since 2014, huizhe has offered many internal and public cism training courses in the industry based on the needs of many cism candidates in mainland China and years of high-end training experience. Participants are from finance, operator, manufacturing, energy, power, and other industries, during the 4-day cism training, many CIOs, enterprise IT managers, enterprise risk management personnel, and Enterprise Security Management Personnel combine the problems faced by enterprise information security and the difficulties faced by information security managers, the skills and knowledge required by information security managers should be discussed and jointly improved. At the same time, the cism International Registration Information Security Manager Chinese training handouts and cism International Registration Information Security Manager Chinese teaching materials in are exclusively released in the industry to fully cooperate with the training, to help students learn more and guide their careers: "Information Security Manager" provides escort services!

Service Hotline: 021-31042017-801213162489835qq: 1102507231

 

 

 

 

 

 

This article is from the "spisechr" blog. For more information, contact the author!

Starting in the industry, cism international registered information security manager