Learn your way! Get started

Certified Information Security Manager CISM, Part 1 of 4: Governance

with expert Kenneth Mayer


Watch trailer


Course at a glance

Included in these subscriptions:

  • Dev & IT Pro Video
  • Dev & IT Pro Power Pack

Release date 3/12/2018
Level Intermediate
Runtime 3h 48m
Closed captioning N/A
Transcript N/A
eBooks / courseware N/A
Hands-on labs N/A
Sample code N/A
Exams Included


Enterprise Solutions

Need reporting, custom learning tracks, or SCORM? Learn More



Course description

The goal of this domain is to give an overview of what it takes in planning, development, implementation and management to meet objectives in alignment with business goals. Topics covered include: Information Security concepts, metrics, resources, constraints and a plan to implement them. This course is part of a series covering the ISACA Certified Information Security Manager (CISM).

Prerequisites

none

Learning Paths

This course will help you prepare for the following certification and exam:
Certified Information Security Manager

Meet the expert

As a certified Microsoft Instructor, Ken has focused his career on various security aspects of computer and network technology since the early 1980s. He has offered a wide variety of IT training and high level consulting projects for Fortune 500 companies globally. Through the course of his extensive career, he has taught a full line of Microsoft, CompTIA, Cisco, and other high level IT Security curricula.

Course outline



Overview and Concepts

Overview (24:07)
  • Introduction (01:18)
  • Overview (02:00)
  • Security Governance Overview (02:54)
  • Topdown Support (00:30)
  • Importance of Security Governance (01:18)
  • Benefits of Good Management (06:54)
  • Strategic Alignment (01:26)
  • Risk Management (02:45)
  • Value Delivery (01:27)
  • Outcomes of Governance (01:54)
  • Security Integration (01:28)
  • Summary (00:08)
Information Security Governance (23:42)
  • Introduction (00:32)
  • Information Security Governance (01:31)
  • Goals and Objectives Continued (03:02)
  • Roles of Senior Management (05:21)
  • Business Model for Info Sec (00:46)
  • Business Model for Info Sec Continued (06:04)
  • Dyanmic Interconnections (03:29)
  • Dynamic Interconnections Continued (02:46)
  • Summary (00:08)
Information Security Concepts (19:44)
  • Introduction (03:28)
  • Information Security Concepts (02:58)
  • More Concepts (03:25)
  • Concepts and Tech Continued (03:31)
  • Variety of Technologies (06:12)
  • Summary (00:08)
Information Security Manager (09:28)
  • Introduction (00:36)
  • Information Security Manager (01:48)
  • Senior Management Commitment (03:40)
  • Management Alignment (00:53)
  • Establish Reporting and Communication (02:20)
  • Summary (00:08)

Scope and Strategy

Scope of Governance (09:39)
  • Introduction (01:56)
  • Scope of Governance (02:24)
  • Assurance Process Integration (02:32)
  • Governance and Third Parties (02:38)
  • Summary (00:08)
Governance Metrics (23:13)
  • Introduction (00:58)
  • Governance Metrics (01:38)
  • Metrics (01:44)
  • Effective Security Metrics (02:53)
  • Effective Metrics Continued (00:42)
  • Security Implementation Metrics (05:22)
  • Risk Management (03:44)
  • Performance Management (06:00)
  • Summary (00:08)
Information Security Strategy (36:36)
  • Introduction (00:08)
  • Information Security Strategy (06:41)
  • Common Pitfalls (02:17)
  • Objectives of Info Sec Strategy (01:36)
  • What Is the Goal (06:37)
  • Business Case Development (03:22)
  • Business Case Objectives (05:50)
  • Capability Maturity Model (03:01)
  • Architecural Approaches (02:02)
  • Risk Objectives (04:50)
  • Summary (00:08)
State of Security (05:55)
  • Introduction (00:47)
  • State of Security (03:48)
  • Business Impact Analysis (01:11)
  • Summary (00:08)

Development, Constraints and Plan

Information Security Development (09:46)
  • Introduction (00:31)
  • Information Security Development (01:51)
  • The Roadmap (04:29)
  • Strategy Resources and Constraints (02:45)
  • Summary (00:08)
Strategy Resources (40:17)
  • Introduction (00:33)
  • Strategy Resources (06:48)
  • Enterprise Information Security Architecture (07:16)
  • Personnel (07:27)
  • Audits (04:04)
  • Threat Assessment (04:03)
  • Risk Assessment (02:21)
  • Insurance (07:33)
  • Summary (00:08)
Strategy Constraints (06:47)
  • Introduction (00:24)
  • Strategy Constraints (04:39)
  • The Security Strategy (01:35)
  • Summary (00:08)
Plan to Implement (19:12)
  • Introduction (01:15)
  • Plan to Implement (05:29)
  • Policy Development (06:03)
  • Action Plan Metrics (03:04)
  • General Metrics (02:25)
  • Objectives for CMM4 (00:46)
  • Summary (00:08)