CISM 2013: Information Security Program Development and Management (Part 2)

Overview/Description
An information security framework represents the entire IS management structure. This course examines governance frameworks such as COBIT and industry standards like ISO/IEC 27001. This course also examines the components of a security framework: operational components, management components, administrative components, and education and informational components. The course then explains how an IS program road map is defined, and the elements that make up the road map. Finally, the course describes the security architectures and how they are implemented. This course prepares you for the Certified Information Security Manager (CISM) exam.

Target Audience
Experienced IT security professionals seeking to pass the Certified Information Security Manager (CISM) exam, or otherwise gain knowledge in managing, designing, and overseeing an enterprise's information security

Expected Duration (hours)
1.5

Lesson Objectives

CISM 2013: Information Security Program Development and Management (Part 2)

describe the function of COBIT in the information security management framework

identify the objectives of the information security management framework

describe the function of ISO/IEC 27001 in the information security management framework

recognize the components of the information security management framework

create an information security program road map

recognize what the information security architecture involves

recognize the questions an information security manager should ask when building an IS architecture

develop an information security management framework