CISMP Fee: Contact us for current prices

CISMP Training Methodology

The  CISMP training programme is a five -day ,instructor led CISMP training course. On this in-depth CISMP training course, all CISMP students are given reading material in the form a CISMP e-book to help them prepare for the CISMP training course. This CISMP eBook forms part of the CISMP training course and is vital for home work and as well as CISMP practice exams.

The  CISMP Training Description:

Our five-day  CISMP course is accredited by ISEB/BCS to provide CISMP training for their examination. The CISMP training course will provide you with the knowledge and understanding of the main principals required to be an effective member of an information security team with security responsibilities as part of your day to day role. The CISMP course  will also prepare individuals who are thinking of moving into information security or related functions.

At the end of the CISMP course, all CISMP students will be thoroughly prepared to undertake the BCS examination. This BCS examination is part of the CISMP course training package. The achieved qualification will prove that the holder has a good knowledge and basic understanding of the wide range of subject areas that make up information security management.

CISMP Course Prerequisites:

1 A minimum of 12 months experience within any IT job.

2 No technical skill or Security background is required.

The  CISMP training course Objective:

Our  five-day CISMP training course aims to provide students with the skills and knowledge required to pass the “The Certificate in Information Security Management Principles” examination by demonstrating the following:

Knowledge of the concepts relating to information security management (confidentiality, availability, vulnerability, threats, risks and countermeasures etc.)

Understanding of current legislation and regulations which impact upon information security management in the UK; Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security;

Understanding of the current business and technical environments in which information security management has to operate;

Knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics.

Your CISMP Training Course Synopsis:

A.1. Concepts and Definitions

Information security (confidentiality, integrity, availability)

Asset and asset types (information, physical, software); asset value

Threat, vulnerability, risk, impact

Information security policy concepts

The purpose of controls

A.2. The need for, and benefits of, Information Security

Importance of information security as part of the general issue of protection of business assets and of the creation of new business models.

Different business models and their impact on security (e.g. on-line business vs. traditional manufacturing vs. financial services vs. retail).

Effect of ly changing information and business environment.

B.1. Threats to, and Vulnerabilities of information systems

Threat categorisation (accidental vs. deliberate, internal vs. external, etc)

Types of accidental threats (e.g. human error, malfunctions, fire, flood, etc)

Types of deliberate threats (e.g. hacking, malicious software, sabotage, cyber terrorism, hi-tech crime, etc)

Sources of accidental threat (e.g. internal employee, trusted partner, poor

B.2. Risk Management

Risk management process (identification, analysis, mitigation, monitoring of risks)

Options for dealing with risks (e.g. eliminate, reduce, transfer, accept)

The purpose of risk assessment/analysis – strategic and tactical options

Approaches to risk analysis/assessment – qualitative, quantitative, software tools, questionnaires.

Identifying and accounting for the value of information assets

C.1. Information Security Management

C.1.1 Organisation & responsibilities

Information security roles in an enterprise
Placement in the organisation structure
Board/Director responsibility
Responsibilities across the organisation

Need to take account of statutory (e.g. data protection, health & safety)

C.1.2 Policy, standards & procedures

C.1.3 Information Security Governance

C.1.4 Security Incident Management including Investigations and Forensics

C.1.5 Information Security Implementation

C.2. Legal Framework

C.3. Security Standards and Procedures

D.1. Protection from Malicious Software

Types of malicious software – trojans, viruses, worms, active content (e.g. Java, Active-X), etc.

Different ways systems can get infected

Methods of control – common approaches, need for regular updates, etc.

D.2.People Organisational culture of security

Employee, contractor and business partner awareness of the need for security

Role of contracts of employment

Need for and topics within service contracts and security undertakings

Rights, responsibilities and duties of individuals – codes of conduct

D.3. User Access Controls

D.4. Networks and Communications

D.5. External Services

D.6. IT Infrastructure

D.7. Testing, Audit & Review

D.8. Systems Development and Support

D.9. Role of Cryptography

D.10. Training

D.11. Physical & Environmental Security

D.12. Business Continuity Management

Get in touch now and you could be on your way to get that CISMP qualification by our next CISMP training date!

To inquire about the current prices for our   CISMP training programmes, Contact Us and we’d be in touch to provide the information you need.

Booking Your  CISMP Training

Booking your  CISMP training course is easy.

Simply Click Here to Download Our  CISMP Booking Form and fill it. Once you complete the CISMP training booking form we would be in touch immediately to discuss your specific CISMP training needs.

The CISMP exam is taken on the last day of your CISMP training course. The  CISMP qualification will prove that the holder has a good knowledge and basic understanding of the wide range of subject areas that make up information security management.