ISACA CISM

Course Introduction

In today’s enterprise environments, information security requires more than technical defenses—it demands strong governance, risk management, and alignment with business strategy. This course prepares you for the Certified Information Security Manager (CISM) certification from ISACA, validating your ability to design, manage, and oversee enterprise information security programs that support organizational objectives.

You’ll begin with Information Security Governance, where you’ll learn how to establish and maintain an effective security governance framework. This includes aligning security strategies with business goals, defining roles and responsibilities, developing policies, and ensuring that information security initiatives support overall organizational direction.

Next, in Information Risk Management, you’ll focus on identifying, assessing, and managing information security risks across the enterprise. You’ll learn how to conduct risk assessments, prioritize mitigation strategies, and integrate risk management practices into broader organizational processes to ensure informed decision-making.

The Information Security Program Development and Management module explores how to design, implement, and manage a comprehensive information security program. You’ll learn how to allocate resources, implement security controls, measure program effectiveness, and continuously improve security operations while maintaining alignment with business needs.

Finally, in Incident Management, you’ll develop the skills needed to plan for, detect, respond to, and recover from security incidents. This includes building incident response capabilities, coordinating response efforts, minimizing business impact, and ensuring lessons learned are incorporated into future security improvements.

By the end of this course, you’ll be prepared to lead and manage enterprise information security initiatives—demonstrating the strategic, governance, and risk management expertise required to confidently earn your CISM certification and operate as a senior information security manager.

Course Pricing

$999.99 USD

LIFETIME ACCESS

WHATS INCLUDED

6+ Hours Premium On-Demand Video

Premium On-Demand Video Lessons

Lab Summaries with Guided Steps

Purchase ($999.99)

Course Curriculum

Example Curriculum

  Domain 1

Available in days

days after you enroll

• Information Security Governance Intro (21:15) Start
• Information Security Governance Overview (19:31) Start
• Effective Information Security Governance (30:12) Start
• Governance and Third-party Relationships (1:44) Start
• Information Security Governance Metrics (41:21) Start
• Information Security Strategy Overview (6:23) Start
• Common Pitfalls (2:54) Start
• Information Security Strategy Objectives (37:50) Start
• Determining Current State of Security (8:17) Start
• Information Security Strategy Development (16:06) Start
• Strategy Resources (40:17) Start
• Strategy Constraints (28:08) Start
• Action Plan to Implement Strategy (30:25) Start
• Implementing Security Governance Example (6:38) Start
• Action Plan Intermediate Goals (3:30) Start
• Information Security Program Objectives (3:42) Start
• Domain 1 Practice Questions (14:52) Start

  Domain 2

Available in days

days after you enroll

• Domain 2 Exam Relevance (9:48) Start
• Risk Management Overview (16:30) Start
• Risk Management Strategy (0:49) Start
• Effective Information Security Risk Management (4:31) Start
• Information Security Risk Management Concepts (20:11) Start
• Implementing Risk Management (15:14) Start
• Recovery Time Objectives (15:14) Start
• Risk Assessment (44:53) Start
• Information Resource Valuation Methodologies (8:00) Start
• Integration with Life Cycle Processes (3:14) Start
• Security Control Baselines (1:58) Start
• Reporting Significant Changes in Risk (2:11) Start
• Training and Awareness (1:25) Start
• Documentation (5:44) Start
• Domain 2 Practice Questions (12:59) Start

  Domain 3

Available in days

days after you enroll

• Domain 3 Exam Relevance (6:04) Start
• Information Security Program Management Overview (6:04) Start
• Information Security Program Objectives (2:09) Start
• Information Security Program Concepts (17:35) Start
• Scope and Charter of an Information Security Program (2:28) Start
• The Information Security Management Framework (6:34) Start
• Defining an Information Security Program Road Map (8:18) Start
• Operational Components (6:13) Start
• Information Infrastructure and Architecturre (5:23) Start
• Architecture Implementation (2:21) Start
• Personnel, Roles and Responsibilities and Skills (37:57) Start
• Information Security Liaison Responsibilities (5:50) Start
• Controls and Countermeasures (18:20) Start
• Security Program Metrics and Monitoring (4:19) Start
• Common Information Security Program Challenges (2:58) Start
• Domain 3 Practice Questions (15:16) Start

  Domain 4

Available in days

days after you enroll

• Domain 4 Exam Relevance (15:11) Start
• Incident Management Overview (4:02) Start
• Incident Response Procedures (15:41) Start
• Incident Management Organization (9:56) Start
• Incident Management Resources (23:04) Start
• Defining Objectives (6:57) Start
• Performance Measurement (3:08) Start
• Defining Incident Management Procedures (8:42) Start
• Current State of Incident Response Capability (3:32) Start
• Developing an Incident Response Plan (18:28) Start
• Business Continuity and Disaster Recovery Plans (33:05) Start
• Ensuring Execution as required (2:39) Start
• Postincident Activities and Investigation (5:35) Start
• Domain 4 Practice Questions (12:58) Start

Show All Lectures