back

Certified Information Security Manager (CISM)

13 H 49 M

Just you? Training a whole team? There's an ITProTV plan that fits.

Start Training Today
Episodes
Episodes
  • Information Security Governance
    • Course Overview
    • Enterprise Governance
    • Organizational Culture
    • Legal Regulatory & Contractual Requirements
    • Organizational Structures Roles & Responsibilities
    • Information Security Strategy Development
    • Information Governance Frameworks & Standards
    • Strategic Planning
    • Information Security Governance - Key Points
  • Information Security Risk Management
    • Information Security Risk Assessment
    • Emerging Risk & Threat Landscape
    • Vulnerability & Control Deficiency Analysis
    • Risk Assessment & Analysis - Background
    • Risk Assessment & Analysis - Scenarios
    • Risk Assessment & Analysis - Process
    • Risk Assessment & Analysis - Methodologies
    • Risk Assessment & Analysis - Analysis
    • Risk Treatment & Risk Response Options
    • Risk & Control Ownership
    • Risk Monitoring & Reporting
    • Information Security Risk Management - Key Points
  • Information Security Program
    • Information Security Program Overview
    • Information Security Program Resources
    • Information Asset Identification & Classification
    • Standards & Frameworks for Information Security
    • Information Security Policies Procedures & Guidelines
    • Information Security Program Metrics
    • Information Security Control Design & Selection
    • Control Implementation Integration Testing & Evaluation
    • Information Security Awareness & Training
    • Integration with IT Operations - SDLC & DevOps
    • Integration with IT Operations - ITSM
    • Integration with IT Operations - Cloud
    • Management of External Services
    • Information Security Program Communications & Reporting
    • Information Security Program - Key Points
  • Incident Management
    • Incident Management Readiness
    • Incident Response Plan
    • Business Impact Analysis (BIA)
    • Spotlight on BIA Derived Objectives
    • Business Continuity Plan (BCP)
    • Disaster Recovery Plan (DRP)
    • Incident Classification & Categorization
    • Incident Management Training Testing & Evaluation
    • Incident Management Tools & Techniques
    • Evaluation Containment Communication & Recovery
    • Post-incident Review Practices
    • Incident Management - Key Points

Course Overview

5 M

itprotv course thumbnailitprotv course thumbnailitprotv course thumbnail
  • Episode Description
  • Transcript

line:-1 <v.Male.spk1 Speaker1>>> You're watching it. line:-1 <v.Male.spk2 Speaker2>>> Hello, everybody. My name is Adam Gordon entertainer here at line:-1 <v.Male.spk2 Speaker2>ITProTV Inc. And I'm going to be a success guide for your line:-1 <v.Male.spk2 Speaker2>sock, a C I S M certified information security manager line:-1 <v.Male.spk2 Speaker2>journey of 30 spending time with you in artsakh the Sea Ice line:-1 <v.Male.spk2 Speaker2>course. Let's take a look at what's going to be involved line:-1 <v.Male.spk2 Speaker2>with actually taking csm exam as you get ready to go through line:-1 <v.Male.spk2 Speaker2>the course. Hopefully the end goal for you. So we're going to line:-1 <v.Male.spk2 Speaker2>take and pass the sea ice and examination. It is offered by line:-1 <v.Male.spk2 Speaker2>U.S., aka, this is the website and capture from it. Show you line:-1 <v.Male.spk2 Speaker2>the credential, but also encouraging you to check out line:-1 <v.Male.spk2 Speaker2>the website to get the most up-to-date information on the line:-1 <v.Male.spk2 Speaker2>requirements to become a sea ice or indeed any sock a line:-1 <v.Male.spk2 Speaker2>certified professional and reminding you that if you're line:-1 <v.Male.spk2 Speaker2>already a member of the U.S. AKA, Certified Professional line:-1 <v.Male.spk2 Speaker2>community, perhaps you hold the different certification, line:-1 <v.Male.spk2 Speaker2>see, I say, see, receive the PSC whatever it may be. You're line:-1 <v.Male.spk2 Speaker2>adding on. Remember, you have to focus on not only your line:-1 <v.Male.spk2 Speaker2>membership requirements for your dues are up to date. line:-1 <v.Male.spk2 Speaker2>And of course, make sure you're focusing on your CP ease. line:-1 <v.Male.spk2 Speaker2>But in addition, the code of ethics in the requirements line:-1 <v.Male.spk2 Speaker2>around that still apply for any and all additional exemption line:-1 <v.Male.spk2 Speaker2>take. We'll talk about that as part of our conversations in line:-1 <v.Male.spk2 Speaker2>the course. Speaking of the course, let's take a look at line:-1 <v.Male.spk2 Speaker2>what the 4 domains and make up the CIA. Some knowledge base line:-1 <v.Male.spk2 Speaker2>aren't will be exploring each one in depth as we continue and line:-1 <v.Male.spk2 Speaker2>go out through our journey across the knowledge base. line:-1 <v.Male.spk2 Speaker2>We're going to begin by talking about information. Security line:-1 <v.Male.spk2 Speaker2>governance is take a look at right down here. Information, line:-1 <v.Male.spk2 Speaker2>security governance in domain. One will be focusing on things line:-1 <v.Male.spk2 Speaker2>like the role of enterprise governance. Why it is line:-1 <v.Male.spk2 Speaker2>important. What is and what our the role of grc governance risk line:-1 <v.Male.spk2 Speaker2>management and compliance all up. We'll focus on the G see line:-1 <v.Male.spk2 Speaker2>government compliance and main one risk management is going to line:-1 <v.Male.spk2 Speaker2>come into play as we take a look at information, security line:-1 <v.Male.spk2 Speaker2>risk management in don't mean to. But we focused on concepts line:-1 <v.Male.spk2 Speaker2>like that, the role of culture and of course, the role of line:-1 <v.Male.spk2 Speaker2>ethics and why those things are important as well. So a lot of line:-1 <v.Male.spk2 Speaker2>interest in concepts in discussions will have domain to line:-1 <v.Male.spk2 Speaker2>information security risk management. That's going to be line:-1 <v.Male.spk2 Speaker2>a focus in-depth on taking apart risk, understanding it line:-1 <v.Male.spk2 Speaker2>what its risk management, one of the components that make up line:-1 <v.Male.spk2 Speaker2>with with then a fire escape to analyze and assess risk. line:-1 <v.Male.spk2 Speaker2>We have to document risk and then we have to understand how line:-1 <v.Male.spk2 Speaker2>to treat wrist typically through some sort of control or line:-1 <v.Male.spk2 Speaker2>countermeasure that may be applied, perhaps proactively line:-1 <v.Male.spk2 Speaker2>applying safeguards as opposed to reactive Leah planning line:-1 <v.Male.spk2 Speaker2>countermeasures. Whatever the case, maybe we'll take a look line:-1 <v.Male.spk2 Speaker2>at him to find all the component parts that go into line:-1 <v.Male.spk2 Speaker2>that conversation, including an extended discussion about every line:-1 <v.Male.spk2 Speaker2>aspect of how we address risk and how we can standardize that line:-1 <v.Male.spk2 Speaker2>operational thought process in the organization aligning it line:-1 <v.Male.spk2 Speaker2>with our information security governance as part of a broader line:-1 <v.Male.spk2 Speaker2>discussion leads a sports enterprise security line:-1 <v.Male.spk2 Speaker2>architecture and emergence in domain 3 with our information line:-1 <v.Male.spk2 Speaker2>security program in Domain. 3 will focus on the ISP the line:-1 <v.Male.spk2 Speaker2>information security program. What it is, line:-1 <v.Male.spk2 Speaker2>why it's important. What are the component parts? What role line:-1 <v.Male.spk2 Speaker2>does audit play? What kind of reporting do we need to line:-1 <v.Male.spk2 Speaker2>differentiate and define success for says failure? line:-1 <v.Male.spk2 Speaker2>What is and why our metrics important? What is the role line:-1 <v.Male.spk2 Speaker2>they play? One of the metrics we chase life and the mattress line:-1 <v.Male.spk2 Speaker2>conversation ongoing throughout all the domains focusing on line:-1 <v.Male.spk2 Speaker2>areas like measuring through KP eyes. Key performance line:-1 <v.Male.spk2 Speaker2>indicators KR High's key risk indicators and KG eyes. Key line:-1 <v.Male.spk2 Speaker2>goal indicators will define different. She all of those. line:-1 <v.Male.spk2 Speaker2>And then finally will wrap up an incident management in line:-1 <v.Male.spk2 Speaker2>domain for him. We'll be taking a look at what are the roles. line:-1 <v.Male.spk2 Speaker2>What are the process ease? And one of the important line:-1 <v.Male.spk2 Speaker2>aspects of incident management that an information security line:-1 <v.Male.spk2 Speaker2>manager, a C I S certified information security manager line:-1 <v.Male.spk2 Speaker2>needs to be aware of, needs to play a part in through line:-1 <v.Male.spk2 Speaker2>facilitation and partnering and needs to make sure is line:-1 <v.Male.spk2 Speaker2>happening. Will also wrap all of this conversation with line:-1 <v.Male.spk2 Speaker2>overarching concepts, things like the role of a RAF Sea or line:-1 <v.Male.spk2 Speaker2>receive depending on how you choose pronounce it short, line:-1 <v.Male.spk2 Speaker2>be a deal of responsibility, accountability, consulting and line:-1 <v.Male.spk2 Speaker2>informed in terms of roles. How distinguished between what line:-1 <v.Male.spk2 Speaker2>is that fine line and the differentiator between line:-1 <v.Male.spk2 Speaker2>responsibility and accountability? It will be an line:-1 <v.Male.spk2 Speaker2>ongoing theme, one, which we're going to spend a lot of time line:-1 <v.Male.spk2 Speaker2>developing and used to drive many of our conversations all line:-1 <v.Male.spk2 Speaker2>up a very interesting opportunity for you, especially line:-1 <v.Male.spk2 Speaker2>if you're not currently thinking along the lines of the line:-1 <v.Male.spk2 Speaker2>C I a son and the notion represents in your line:-1 <v.Male.spk2 Speaker2>organization, you're looking to move up professionally in your line:-1 <v.Male.spk2 Speaker2>career or perhaps you've heard a lot about a sock and the csm line:-1 <v.Male.spk2 Speaker2>exams. line:-1 <v.Male.spk2 Speaker2>But you know what? The Sevier really good next step for me in line:-1 <v.Male.spk2 Speaker2>my career. There's a lot for us to do. Very excited to be your line:-1 <v.Male.spk2 Speaker2>success. Coach and success guide on that journey of for line:-1 <v.Male.spk2 Speaker2>spending the time with you. We have to do 2 things to get line:-1 <v.Male.spk2 Speaker2>you ready. We've to wrap up our conversations here and get you line:-1 <v.Male.spk2 Speaker2>into and begin your journey in domain. One with us as we start line:-1 <v.Male.spk2 Speaker2>to look at information, security, governance and all line:-1 <v.Male.spk2 Speaker2>the things that go into that you will see one of the other line:-1 <v.Male.spk2 Speaker2>entertainers here from ITProTV pop in for a few of our line:-1 <v.Male.spk2 Speaker2>conversations, Chris Ward will be joining me in case you're line:-1 <v.Male.spk2 Speaker2>familiar with him. You'll see him sporadically beginning of line:-1 <v.Male.spk2 Speaker2>the course. But the majority, of course, will be UN. I line:-1 <v.Male.spk2 Speaker2>spending time together crafting all the information necessary line:-1 <v.Male.spk2 Speaker2>and building the path to create success for you. As you take a line:-1 <v.Male.spk2 Speaker2>Pastor, Sea ICE exam up, Warren ready for the challenge. line:-1 <v.Male.spk2 Speaker2>I hope you are as well and wish you good luck as we wrap up our line:-1 <v.Male.spk2 Speaker2>conversation through the overview and look forward to line:-1 <v.Male.spk2 Speaker2>seeing you as you make your journey through the course line:-1 <v.Male.spk2 Speaker2>until then take care and I'll see you soon. line:-1 <v.Male.spk1 Speaker1>>> Thank you for watching ITProTV.