Course description
The goal of this domain is to give an overview of what it takes in planning, development, implementation and management to meet objectives in alignment with business goals. Topics covered include: Information Security concepts, metrics, resources, constraints and a plan to implement them. This course is part of a series covering the ISACA Certified Information Security Manager (CISM).
Each LearnNowOnline training course is made up of Modules (typically an hour in length). Within each module there are Topics (typically 15-30 minutes each) and Subtopics (typically 2-5 minutes each). There is a Post Exam for each Module that must be passed with a score of 70% or higher to successfully and fully complete the course.
Prerequisites
none
Meet the expert
Kenneth Mayer
As a certified Microsoft Instructor, Ken has focused his career on various security aspects of computer and network technology since the early 1980s. He has offered a wide variety of IT training and high level consulting projects for Fortune 500 companies globally. Through the course of his extensive career, he has taught a full line of Microsoft, CompTIA, Cisco, and other high level IT Security curricula.
Video Runtime
228 Minutes
Time to complete
288 Minutes
Course Outline
Overview and Concepts
Overview (24:07)
- Introduction (01:18)
- Overview (02:00)
- Security Governance Overview (02:54)
- Topdown Support (00:30)
- Importance of Security Governance (01:18)
- Benefits of Good Management (06:54)
- Strategic Alignment (01:26)
- Risk Management (02:45)
- Value Delivery (01:27)
- Outcomes of Governance (01:54)
- Security Integration (01:28)
- Summary (00:08)
Information Security Governance (23:42)
- Introduction (00:32)
- Information Security Governance (01:31)
- Goals and Objectives Continued (03:02)
- Roles of Senior Management (05:21)
- Business Model for Info Sec (00:46)
- Business Model for Info Sec Continued (06:04)
- Dyanmic Interconnections (03:29)
- Dynamic Interconnections Continued (02:46)
- Summary (00:08)
Information Security Concepts (19:44)
- Introduction (03:28)
- Information Security Concepts (02:58)
- More Concepts (03:25)
- Concepts and Tech Continued (03:31)
- Variety of Technologies (06:12)
- Summary (00:08)
Information Security Manager (09:28)
- Introduction (00:36)
- Information Security Manager (01:48)
- Senior Management Commitment (03:40)
- Management Alignment (00:53)
- Establish Reporting and Communication (02:20)
- Summary (00:08)
Scope and Strategy
Scope of Governance (09:39)
- Introduction (01:56)
- Scope of Governance (02:24)
- Assurance Process Integration (02:32)
- Governance and Third Parties (02:38)
- Summary (00:08)
Governance Metrics (23:13)
- Introduction (00:58)
- Governance Metrics (01:38)
- Metrics (01:44)
- Effective Security Metrics (02:53)
- Effective Metrics Continued (00:42)
- Security Implementation Metrics (05:22)
- Risk Management (03:44)
- Performance Management (06:00)
- Summary (00:08)
Information Security Strategy (36:36)
- Introduction (00:08)
- Information Security Strategy (06:41)
- Common Pitfalls (02:17)
- Objectives of Info Sec Strategy (01:36)
- What Is the Goal (06:37)
- Business Case Development (03:22)
- Business Case Objectives (05:50)
- Capability Maturity Model (03:01)
- Architecural Approaches (02:02)
- Risk Objectives (04:50)
- Summary (00:08)
State of Security (05:55)
- Introduction (00:47)
- State of Security (03:48)
- Business Impact Analysis (01:11)
- Summary (00:08)
Development, Constraints and Plan
Information Security Development (09:46)
- Introduction (00:31)
- Information Security Development (01:51)
- The Roadmap (04:29)
- Strategy Resources and Constraints (02:45)
- Summary (00:08)
Strategy Resources (40:17)
- Introduction (00:33)
- Strategy Resources (06:48)
- Enterprise Information Security Architecture (07:16)
- Personnel (07:27)
- Audits (04:04)
- Threat Assessment (04:03)
- Risk Assessment (02:21)
- Insurance (07:33)
- Summary (00:08)
Strategy Constraints (06:47)
- Introduction (00:24)
- Strategy Constraints (04:39)
- The Security Strategy (01:35)
- Summary (00:08)
Plan to Implement (19:12)
- Introduction (01:15)
- Plan to Implement (05:29)
- Policy Development (06:03)
- Action Plan Metrics (03:04)
- General Metrics (02:25)
- Objectives for CMM4 (00:46)
- Summary (00:08)