The CCISO Certification is an industry-leading program that recognizes the real-world experience necessary to succeed at the highest executive levels of information security. Bringing together all the components required for a C-Level position, the CCISO program combines audit management, governance, IS controls, human capital management, strategic program development, and the financial expertise vital to leading a highly successful IS program. Material in the CCISO Program assumes a high-level understanding of technical topics and doesn’t spend much time on strictly technical information, but rather on the application of technical knowledge to an information security executive’s day-to-day work.
The CCISO aims to bridge the gap between the executive management knowledge that CISOs need and the technical knowledge that many aspiring CISOs have. This can be a crucial gap as a practitioner endeavours to move from mid-management to upper, executive management roles. Much of this is traditionally learned as on the job training, but the CCISO Training Program can be the key to a successful transition to the highest ranks of information security management.
This course is best suited for professionals who aspire to attain the highest regarded title within the information security profession – Certified Chief Information Security Officer.
Prerequisites
There are no formal prerequisites to sit on the course however there are prerequisites to be met when taking the CCISO exam.
Topics
Session 1: Definitions
Session 2: Information Security Management Program
Session 3: Information Security Laws, Regulations & Guidelines
Session 4: Privacy Laws
Domain 2 –IS Management Controls and Auditing
Session 5: Design, Deploy, and Manage Security Controls in Alignment with Business Goals, Risk Tolerance, and Policies and Standards
Session 6: Information Security Risk Assessment
Session 7: Risk Treatment
Session 8: Residual Risk
Session 9:Â Risk Acceptance
Session 10: Risk Management Feedback Loops
Session 11: Business Goals
Session 12: Â Risk Tolerance
Session 13: Policies and Standards
Session 14: Understanding Security Controls Types and Objectives:
Session 15: Implement Control Assurance Framework to: Define Key Performance Metrics (KPIs), Measure and Monitor Control Effectiveness, and Automate Controls
Session 16: COBITÂ (Control Objectives for Information and Related Technology)
Session 17: BAI06 Manage Changes
Session 18: COBIT 4.1 vs. COBIT 5
Session 19: ISO 27001/27002
Session 20: Automate Controls
Session 21 : Wrap-up
Session 22 : Understanding the Audit Management Process
Session : 23 Conclusion
Domain 3: Management – Projects & Operations
Session 24: The Role of the CISO
Session 25: Information Security Projects
Session 26: Security Operations Management
Domain 4: Information Security Core Competencies
Session 27: Access Control
Session 28: Physical Security
Session 29: Disaster Recovery
Session 30: Network Security
Session 31: Threat and Vulnerability Management
Session 32:Â Application Security Â
Session 33: Systems Security
Session 34: Encryption
Session 35: Computer Forensics and Incident Response
Domain 5: Strategic Planning & Finance
Session 36: Alignment with Business Goals and Risk Tolerance
Session 37: Relationship between Security, Compliance, & Privacy
Session 38: Leadership
Session 39: Enterprise Information Security Architecture (EISA) Models, Frameworks and Standards
Session 40: Emerging Trends in Security
Session 41: It’s all about the Data (Stradley 2009)
Session 42: Systems Certification and Accreditation Process
Session 43: Resource Planning
Session 44: Financial Planning
Reviews
There are no reviews yet.