CISM Domain-1

This domain will help you understand:

Understanding importance of security alignment with Business

Identify Security Requirements and preparing the Information Security Charter

Preparing strategy based on current and Desired Security Status and common pitfalls. 

Importance of Security Evaluations, Direction and Oversight and how to setup.

CISM Domain-2

Understanding emerging risk and threat landscape, Vulnerability and Control Deficiency Analysis.

Considerations while setting up the Risk Management Function

Risk Based approach to control implementation 

Continuous evaluation of the Security Risk posture. 

CISM Domain-3

Understand how to develop an Information Security Program by utilizing industry standards and frameworks, Information Security policies, Standards, procedures and guidelines while creating an Information Security Program Road Map.

Ongoing Management of an information security program by focusing on design, control, implementation, integration, testing, evaluation and training, communications and reporting.

CISM Domain-4

Considerations while setting up the Incident Response and Business Continuity programs for Detection, Response and Recovery 

Setting up and continued assessment of the incident management readiness based on Business Impact Analysis, Business Continuity, Disaster Recovery, Incident Management Training, Testing and ongoing Evaluation.

Understand and apply Concepts and practices during Incident Management Operations, Common Tools and Technologies, Incident Containment Methods, Incident Eradication and Recovery and Post-Incident Review Practices.