Certified Information Security Manager (CISM)

Skip to Scheduled Dates

Course Overview

According to recent industry reports, cybercrime is expected to cost the world $10.5 trillion annually by 2025. The Certified Information Security Manager (CISM) certification equips professionals with the knowledge and skills to manage and govern an enterprise’s information security program effectively. This course provides expert-led training to help you prepare for the CISM certification exam, covering key domains like risk management, governance, and incident response.

Who Should Attend

The intended audience for this course is information security and IT professionals, such as network administrators and engineers, IT managers, and IT auditors, and other individuals who want to learn more about information security, who are interested in learning in-depth information about information security management, who are looking for career advancement in IT security, or who are interested in earning the CISM certification.

Course Objectives

    By the end of this course, participants will be able to:

    • Develop, implement, and manage an enterprise information security program.

    • Establish governance frameworks for information security policies and procedures.

    • Conduct risk assessments and implement risk mitigation strategies.

    • Ensure compliance with industry regulations and legal requirements.

    • Oversee security incident management and response strategies.

    • Align information security with business objectives and IT governance.

Course Outline

Domain 1: Information Security Governance

  • Enterprise Governance Overview
  • Organizational Culture, Structures, Roles and Responsibilities
  • Legal, Regulatory and Contractual Requirements
  • Information Security Strategy
  • Information Governance Frameworks and Standards
  • Strategic Planning

Domain 2: Information Security Risk Management

  • Risk and Threat Landscape
  • Vulnerability and Control Deficiency Analysis
  • Risk Assessment, Evaluation and Analysis
  • Information Risk Response
  • Risk Monitoring, Reporting and Communication

Domain 3: Information Security Program

  • IS Program Development and Resources
  • IS Standards and Frameworks
  • Defining an IS Program Road Map
  • IS Program Metrics
  • IS Program Management
  • IS Awareness and Training
  • Integrating the Security Program with IT Operations
  • Program Communications, Reporting and Performance Management

Domain 4: Incident Management

  • Incident Management and Incident Response Overview
  • Incident Management and Response Plans
  • Incident Classification/Categorization
  • Incident Management Operations, Tools and Technologies
  • Incident Investigation, Evaluation, Containment and Communication
  • Incident Eradication, Recovery and Review
  • Business Impact and Continuity
  • Disaster Recovery Planning
  • Training, Testing and Evaluation

< Back to Course Search

Class Dates & Times

Class times are listed Eastern time

This is a 3-day class

Register for Class

Register When Time Where How
Register 05/28/2025 9:00AM - 5:00PM Online VILT
Register 07/01/2025 9:00AM - 5:00PM Online VILT
Register 08/06/2025 9:00AM - 5:00PM Online VILT
Register 09/08/2025 9:00AM - 5:00PM Online VILT
Register 10/15/2025 9:00AM - 5:00PM Online VILT
Register 11/17/2025 9:00AM - 5:00PM Online VILT

The classes listed are available to all United Training customers and does not reflect, in any way,
the availability or support of technology within the University of Maine System.