ISACA CERTIFIED INFORMATION SECURITY MANAGER (CISM) (SF)

Course Overview

The 5 days course is a comprehensive program designed to equip information security professionals with the skills and knowledge required to excel in managing, designing, and assessing an enterprise's information security. The course begins with an in-depth exploration of information security governance, covering the establishment and maintenance of an information security strategy aligned with organizational goals and objectives. Participants will delve into the management of information risk, understanding how to identify, assess, and respond to risks effectively.

The course also addresses information security management and governance frameworks, ensuring participants are well-versed in industry-recognized standards and practices. In addition to theoretical knowledge, practical skills in the design and management of information security will be emphasized, preparing participants for real-world challenges.

This course will prepare participants to sit for CISM Examination and they can apply within 5 years of having passed the exam to get certified. (Full details of CISM Certification Requirements can be found at https://www.isaca.org/credentialing/cism/get-cism-certified)

Course Objectives

Upon completing this course, participants will gain a comprehensive, up-to-date and in-depth knowledge of the following:

• Able to understand the Information Security Governance and create value
• Able to understand the enterprise risk management and the counter measures
• Able to understand the Information Security Program Management and evaluation
• Able to understand the Incident Management process and operation review

Pre-requisites

Below are the certification requirements, if you are taking the course just for knowledge it is not mandatory to possess the below requirements:

• 5+ years of experience in technical IT security or Cybersecurity
• Experience in information security management is mandatory
• Experience in general information security optional
• Appropriate managerial skills with knowledge of relevant tools and techniques
• Proficiency in English language equivalent to the GCE O Level is expected

*To find out more about certification, go to: https://www.isaca.org/credentialing/cism/get-cism-certified

• Hardware & Software
  • This course will be conducted as a Virtual Live Class (VLC) via Zoom platform.
  • Participants must own a Zoom account and have a laptop or a desktop with “Zoom Client for Meetings” installed. Download from zoom.us/download. 

System Requirement

Must-have: Please ensure that your computer or laptop meets the following requirements.  Operating system: Windows 10 or MacOS (64 bit or above)  Processor/CPU: 1.8 GHz, 2-core Intel Core i3 or higher  Minimum 20 GB hard disk space  Minimum 8 GB RAM  Webcam (camera must be turned on for the duration of the class)  Microphone  Internet Connection: Wired or Wireless broadband  Latest version of Zoom software to be installed on computer or laptop prior to the class.  Good-to-have:  Wired internet connection Wired internet will provide you with stable and reliable connection.  Dual monitors Using a dual monitor setup will undoubtedly improve your training experience, enabling you to simultaneously participate in hands-on exercises and maintain engagement with your instructor.  Not recommended:  Using tablets are not recommended due to their smaller screen size, which could cause eye strain and discomfort over the course of the program's duration.

Course Outline

Chapter 1 Information Security Governance

• Introduction to Information Security Governance
• Effective Information Security Governance
• Risk Management Roles and Responsibilities
• Governance of Third-Party Relationships
• Information Security Governance Metrics
• Information Security Strategy Overview
• Information Security Strategy Objectives
• Determining the Current State of Security
• Information Security Strategy Development
• Strategy Resources & Constraints
• Action Plan to Implement Strategy
• Information Security Program Objectives
• Case Study

Chapter 2 Information Risk Management

• Risk Management Overview
• Risk Management Strategy
• Effective Information Risk Management
• Information Risk Management Concepts
• Implementing Risk Management
• Risk Management and Analysis Methodologies
• Risk Assessment
• Information Asset Classification
• Operational Risk Management
• Third-party Service Providers
• Risk Management Integration with Life Cycle Processes
• Security Control Baselines
• Risk Monitoring and Communication
• Training and Awareness
• Documentation
• Case Study

Chapter 3 Information Security Program Development and Management

• Overview, Objectives and Concepts
• Scope and Charter of an Information Security Program
• The Information Security Management Framework
• Information Security Framework Components
• Defining an Information Security Program Roadmap
• Information Security Infrastructure and Architecture
• Architecture Implementation
• Security Program Management and Administrative Activities
• Security Program Services and Operational Activities
• Controls and Countermeasures
• Security Program Metrics and Monitoring
• Common Information Security Program Challenges
• Case Study

Chapter 4 Information Security Incident Management

• Incident Management Overview
• Incident Response Procedures
• Incident Management Organisation
• Incident Management Resources
• Incident Management Objectives
• Incident Management Metrics and Indicators
• Defining Incident Management Procedures
• Current State of Incident Response Capability
• Developing an Incident Response Plan
• Business Continuity and Disaster Recovery Procedures
• Testing Incident Response and Business Continuity/Disaster Recovery Plan
• Executing Response and Recovery Plans
• Post Incident Activities and Investigation
• Case Study

Certificate Obtained and Conferred by

• Upon meeting the attendance and assessment(s) criteria, participants will be awarded with a digital Statement of Attainment (SOA), accredited by SkillsFuture Singapore. SOA will be reflected as [code name, Audit and Compliance (ICT-SNA-4001-1.1) and Cyber Risk Management (ICT-SNA-5007-1.1 )].

• Upon meeting the attendance and assessment(s) criteria, participants will be awarded with a digital Certificate of Completion from NTUC LearningHub.

Additional Details

Medium of Instruction: English
Trainer to trainee ratio: 1:20
Mode of Delivery: <Virtual Live Class (VLC) via Zoom> or <Physical class>

Price

Course Fee and Government Subsidies
	Individual Sponsored		Company Sponsored
			Non-SME		SME
	Before GST	With GST	Before GST	With GST	Before GST	With GST
Full Course Fee (For Foreigners and those not eligible for subsidies)	$2,500.00	$2,725.00	$2,500.00	$2,725.00	$2,500.00	$2,725.00
For Singapore Citizens aged 39 years and below and For all Singapore Permanent Residents (The minimum age for individual sponsored trainees is 21 years)	$750.00	$817.50	$750.00	$817.50	$250.00	$317.50
For Singapore Citizens aged 40 years and above	$250.00	$317.50	$250.00	$317.50	$250.00	$317.50

Funding Eligibility Criteria

Individual Sponsored Trainee

Company Sponsored Trainee

Singapore Citizens or Singapore Permanent Residents From 1 October 2023, attendance-taking for SkillsFuture Singapore's (SSG) funded courses must be done digitally via the Singpass App. This applies to both physical and synchronous e-learning courses From 1 October 2023, attendance-taking for SkillsFuture Singapore's (SSG) funded courses must be done digitally via the Singpass App. This applies to both physical and synchronous e-learning courses.​ Trainee must achieve at least 75% attendance. Trainee must pass all prescribed tests / assessments and attain 100% competency. NTUC LearningHub reserves the right to claw back the funded amount from trainee if he/she did not meet the eligibility criteria.

Singapore Citizens or Singapore Permanent Residents From 1 October 2023, attendance-taking for SkillsFuture Singapore's (SSG) funded courses must be done digitally via the Singpass App. This applies to both physical and synchronous e-learning courses From 1 October 2023, attendance-taking for SkillsFuture Singapore's (SSG) funded courses must be done digitally via the Singpass App. This applies to both physical and synchronous e-learning courses.​ Trainee must achieve at least 75% attendance. Trainee must pass all prescribed tests / assessments and attain 100% competency. NTUC LearningHub reserves the right to claw back the funded amount from the employer if trainee did not meet the eligibility criteria.

Remarks

Individual Sponsored Trainee

Company Sponsored Trainee

SkillsFuture Credit:  Eligible Singapore Citizens can use their SkillsFuture Credit to offset course fee payable after funding. UTAP:  This course is eligible for Union Training Assistance Programme (UTAP). NTUC members can enjoy up to 50% funding (capped at $250 per year) under UTAP. PSEA:  To check for Post-Secondary Education Account (PSEA) eligibility for this course, visit: (a) SkillsFuture (TGS-2023035612) for Virtual Learning Class (VLC) (b) SkillsFuture (TGS-2023035611) for Face-to-Face class Scroll down to “Keyword Tags” to verify for PSEA eligibility.  If there is “PSEA” under keyword tags, the course is eligible for PSEA.   And if there is no “PSEA” under keyword tags, the course is ineligible for PSEA.  Not all courses are eligible for PSEA funding.

Absentee Payroll (AP) Funding:  $4.50 per hour, capped at $100,000 per enterprise per calendar year. AP funding will be computed based on the actual number of training hours attended by the trainee. Note: Courses / Modules under Professional Conversion Programme (PCP) will not be eligible for AP funding claim.

Terms & Conditions apply. NTUC LearningHub reserves the right to make changes or improvements to any of the products described in this document without prior notice.

Prices are subject to other LHUB miscellaneous fees.