Skip Ribbon Commands
Skip to main content

CISSM - Certified Information Systems Security Manager


Duration: 4 Days




Delivery Method:

Software Assurance Value:

Microsoft CPE:

Course Information

Course Description

​Obtaining an ISACA CISM certification provides executive management with assurance that those earning the certification have the required experience and knowledge to provide effective security management and consulting services. Individuals earning the CISM certification become part of an elite peer network, attaining a unique and respected credential.  GSAtrain’s CISM training program will assist you in becoming part of that elite network, as we’ll teach you all the knowledge and skills needed to earn the certification.

Course Objectives

​Upon CompletionStudents will:

Have an in-depth understanding of the four domains required to pass the CISM exam:

    Information Security Governance

    Information Risk Management and Compliance

    Information Security Program Development and Management

    Information Security Incident Management

Course Audience

​Experienced information security managers and those who have information security management responsibilities, including IT consultants, auditors, managers, security policy writers, privacy officers, information security officers, network administrators, security device administrators, and security engineers

Course Outline

​Testing-Taking Tips and Study Techniques

    Preparation for the CISM exam

    Submitting Required Paperwork

    Resources and Study Aids

    Passing the Exam the First Time

Information Security Governance

    Asset Identification

    Risk Assessment

    Vulnerability Assessments

    Asset Management

Information Risk Management

    Asset Classification and Ownership

    Structured Information Risk Assessment Process

    Business Impact Assessments

    Change Management

Information Security Program Development

    Information Security Strategy

    Program Alignment of Other Assurance Functions

    Development of Information Security Architectures

    Security Awareness, Training, and Education

    Communication and Maintenance of Standards, Procedures, and Other Documentation

    Change Control

    Lifecycle Activities

    Security Metrics

Information Security Program Management

    Security Program Management Overview


    Security Baselines

    Business Processes

    Security Program Infrastructure

    Lifecycle Methodologies

    Security Impact on Users


    Security Metrics

    Managing Resources

Incident Management and Response

    Response Management Overview

    Importance of Response Management

    Performing a Business Impact Analysis

    Developing Response and Recovery Plans

    The Incident Response Process

    Implementing Response and Recovery Plans

    Response Documentation

    Post-Event Reviews

Review and Q&A Session

    Final Review and Test Prep

Course Prerequisites

​Five years of experience with audit, IT systems, and security of information systems; systems administration experience; familiarity with TCP/IP; and an understanding of UNIX, Linux, and Windows. This advanced course also requires intermediate-level knowledge of the security concepts covered in the Security+ Prep Course.

Course Schedule
This course is not scheduled yet.