Brainmatics

CISM (Certified Information Security Manager) Exam Preparation

DESCRIPTION

Training CISM (Certified Information Security Management) Exam Preparation dikembangkan secara khusus untuk seaorang manajer keamanan informasi yang berpengalaman atau mereka yang memiliki tanggung jawab manajemen keamanan informasi.

Trainer yang mengajar pada training ini sudah pasti tersertifikasi CISM yang akan memberikan pengetahuan dan kemampuan kepada para peserta untuk mempersiapkan ujian sertifikasi CISM yang diakui secara global. Sertifikasi CISM menggabungkan pencapaian melewati ujian komprehensif dengan pengakuan kerja, manajemen dan pengalaman pendidikan. Training ini juga mengajarkan informasi yang mencakup empat domain yaitu :
Domain 1 – Information Security Governance
Domain 2 – Information Risk Management and Compliance
Domain 3 – Information Security Program Development and Management
Domain 4 – Information Security Incident Management

Empat domain tersebut akan membentuk “Body Of Knowledge” untuk perdiapan ujian  dan juga memberikan pengetahuan peserta untuk membangun keterampilan teknis untuk mengelola, mendesain, mengawasi dan menilai keamanan informasi suatu perusahaan.

CONTENT

1. Information Security Governance

    1.1. Information Security Governance Overview
    1.2. Effective Information Security Governance
    1.3. Governance and Third-party Relationship
    1.4. Information Security Governance Metrics
    1.5. Information Security Strategy Overview
    1.6. Developing an Information Security Strategy
    1.7. Information Security Strategy Objectives
    1.8. Determining Current State of Security
    1.9. Information Security Strategy Development
    1.10. Strategy Resources
    1.11. Strategy Constraints
    1.12. Action Plan to Implement Strategy
    1.13. Implementing Security Governance-Example
    1.14. Action Plan Intermediate Goals
    1.15. Information Security Program Objectives
    1.16. Case Study

2. Information Risk Management and Compliance

    2.1. Risk Management Overview
    2.2. Risk management Strategy
    2.3. Effective Information Risk Management
    2.4. Information Risk Management Concepts
    2.5. Implementing Risk Management
    2.6. Risk Assessment and Analysis Methodologies
    2.7. Risk Assessment
    2.8. Information Resource Valuation
    2.9. Recovery Time Objectives
    2.10. Integration With Life Cycle Processes
    2.11. Security Control Baselines
    2.12. Risk Monitoring and Communication
    2.13. Training and Awareness
    2.14. Documentation

3. Information Security Program Development and Management

    3.1. Information Security Program Management Overview
    3.2. Information Security Program Objective
    3.3. Information Security Program Concepts
    3.4. Scope and Character of an Information Security Program
    3.5. The Information Security Management Framework
    3.6. Information Security Framework Components
    3.7. Defining an Information Security Program Road Map
    3.8. Information Security Infrastructure and Architecture
    3.9. Architecture Implementation
    3.10. Security Program Management and Administration activities
    3.11. Security Program Services and Operational Activities
    3.12. Controls and Countermeasures
    3.13. Security Program Metrics and Monitoring
    3.14. Common Information Security Program Challenges

4. Information Security Incident Management

    4.1. Incident Management Overview
    4.2. Incident Response Procedures
    4.3. Incident Management Organization
    4.4. Incident Management Resources
    4.5. Incident Management Objectives
    4.6. Incident Management Metrics and Indicators
    4.7. Defining Incident Management Procedures
    4.8. Current State of Incident Response Capability
    4.9. Developing and Incident Response Plan
    4.10. Business Continuity and Disaster Recovery Procedures
    4.11. Testing Incident Response and Business Continuity/Disaster Recovery Plans
    4.12. Executing Response and Recovery Plans
    4.13. Post Incident Activities and Investigation

TARGET AUDIENCE

  1. Profesional IT
  2. Profesional Keuangan
  3. Auditor Internal/ Eksternal

 

INSTRUCTOR

Ahmad Reza Aminy. Menyelesaikan S2 Jurusan Ilmu Komputer di Universitas Indonesia pada tahun 2001. Telah tersertifikasi CISA, CISM, CRISC, CGEIT, ITILF, ISFS dan CCE. Berpengalaman kurang lebih 10 tahun sebagai Information Systems Auditor, dan IS Consultant. Memiliki keahlian dan tertarik dalam bidang IT Audit, IT Risk Management, IT Governance, IT Strategy, IT Infrastructure Library dan Risk Management.