Passing; CISM Study Guide

Passing; CISM Study Guide

job descriptions

Information security governance

·          Information Security Governance: Guidance for Information Security Managers

·          Accountability for Information Security Roles and Responsibilities

·          Info Security Chiefs: Communications Is Key to Mitigate Risk)

·          Code of Professional Ethics

·          The Business Model for Information Security

·          Return on Security Investment

·          Differentiating Key Terms in the Information Security Hierarchy

·          How to Measure Security From a Governance Perspective

Information security operations

·          Information Security Architecture: Gap Assessment and Prioritization)

·          Nonsense Compliance

·          Enterprise Security Architecture—A Top-down Approach

·          The Benefits of Information Security and Privacy Awareness Training Programs

·          Checking the Maturity of Security Policies for Information and Communication

·          Framework for Protecting Your Valuable IT Assets

Risk Management

·          Developing an Information Security and Risk Management Strategy

·          Risk Management Process

·          Vulnerability Assessment

·          Enterprise Risk Monitoring Methodology

·          A Risk-Based Management Approach to Third-Party Data Security, Risk and Compliance

Information Security Incident Management

·          An Introduction to Information Security Incident Management)

·          Internal Control – Key to Delivering Stakeholder Value)

·          A Business-integrated Approach to Incident Response

·          Incident Management and Response

·          Evaluating Security Incident Management Programs)

Audit and monitoring

·          Strengthening Internal Audits Influence and Impact

·          Security Monitoring as Part of the InfoSec Playbook

·          Information Security Management Audit Program)

·          Integrating KRIs and KPIs for Effective Technology Risk Management

Other ISACA Resources:

·          CISM Certification Guide

·          CISM Certification | Certified Information Security Manager | ISACA

·          CISM Planning Guide (