SC221: ISACA™ CISM Human Factors Edition

Agenda:

• Domain 1 - Information Security Governance
  • Enterprise Governance Overview
  • Corporate Culture, Structures, Roles and Responsibilities
  • Legal, Regulatory and Contractual Requirements
  • Information Security Strategy
  • Information Governance Frameworks and Standards
  • Strategic Planning

• Domain 2 — Information Security Risk Management
  • Risk and Threat Landscape
  • Vulnerability and Control Gap Analysis
  • Risk Assessment, Evaluation and Analysis
  • Information Risk Response
  • Risk Monitoring, Reporting and Communication

• Domain 3 — Information Security Program Development and Management
  • IS Program Development and Resources
  • Information Security Standards and Frameworks
  • IS Program Roadmap Definition
  • IS Program Metrics
  • IS Program Management
  • IS Awareness and Training
  • Security Program Integration into IT Operations
  • Program Communication, Reporting and Performance Management

• Domain 4 — Information Security Incident Management
  • Incident Management and Incident Response Overview
  • Incident Management and Incident Response Plans
  • Incident Classification/Categorization
  • Incident Management Operations, Tools and Technologies
  • Incident Investigation, Assessment, Containment and Communication
  • Incident Eradication, Recovery and Review
  • Business Impact and Continuity
  • Disaster Recovery Planning (DRP)
  • Training, Testing and Assessment

• Human Factors
  • Human Factors Fundamentals
  • Cognitive Bias & Decision Traps
  • Communication & Leadership Role in Exception Situations
  • Culture & Personal

Objectives:

• Intensive preparation for ISACA™ CISM certification
• as well as beyond:
  • Understanding of human behavior in exception situations
  • Insight into psychological aspects, recognize social dynamics as part of the solution portfolio
  • Sovereignty in exception state: Clear decision models to enable leadership also under pressure
  • Reduce complexity: identify and counter typical behavior patterns, stress factors & role conflicts
  • Influence over communication streams, decision cascades and operational climate

Beyond that, the course forms an excellent foundation for further advanced courses, e.g.:

• SC510 Cyber Security Emergency Training for CISOs and Security Professionals
• SC520 Human Factors in Cyber Security

Target audience:

The workshop is targeted at information security experts who have acquired solid professional experience through comprehensive activity in the field of information security and must confidently master particularly challenging scenarios. Professionals with five or more years of professional experience in the active implementation of enterprise information security will feel addressed by the opportunity for this certification.

The job titles include:

• CISO
• CSO
• IR/SOC-Leads
• Project Manager
• BCM Manager
• IS Risk Manager

Prerequisites:

To obtain CISM certification, the following requirements must be met:

• Successful completion of the CISM exam
• Adherence to the ISACA™ Code of Professional Ethics
• Proof of at least five years of professional experience in the field of information security
• Evidence of ongoing professional education (Continuing Professional Education (CPE) Policy)

Description:

The workshop SC221 ISACA™ CISM Human Factors Edition targets IT professionals with technical expertise and experience in IS/IT security and control areas, who must confidently master particularly challenging scenarios. The CISM certification validates your qualification regarding planning, implementation as well as management and monitoring of information security frameworks and enjoys high global recognition.

This workshop intensively prepares you for the content and process of the ISACA™ CISM (Certified Information Security Manager) examination. The fee-based examination consists of 150 questions that must be completed within four hours. The examination can be conducted online or at one of the authorized PSI test centers.

Beyond the formal certification content, methods and tools are provided that strengthen personal capabilities for daily operations and particularly for exception situations. Competencies such as structured communication, common operational picture, decision-making are conveyed.

Course language: Optional German or English
Course materials: English
Examination language: English

Ralf Kleinfeld (Board member of CISO Alliance e.V.):

"From the experiences of our members we know that the soft skills such as communication, personal resilience and leadership strength in crisis situations are success factors for modern CISOs and adjacent professions. qSkills™ adopts our impulse and the professional profile of the CISO Alliance and offers practical training for this."

Other Info:

The official ISACA™ course materials are provided in digital format. Please bring either a laptop or a tablet to the training.

Internet access for your device is provided free of charge at our training center.