Certified Information Systems Security Management Professional (CISSP-ISSMP)

Security Management Professional

Course Code : 2518

Overview

The Information System Security Management Professional (ISSMP) is a CISSP who specializes in establishing, presenting and governing information security programs and demonstrates management and leadership skills. ISSMPs direct the alignment of security programs with the organization’s mission, goals and strategies in order to meet enterprise financial and operational requirements in support of its desired risk position.

The course covers the broad spectrum of topics that are included in the ISSMP Common Body of Knowledge (CBK), and also focusses on the key concepts of the six domains evaluated in the certification examination for the CISSP-ISSMP certification.

Schedule Classes

Looking for more sessions of this class?
isc2

Course Delivery

This course is available in the following formats:

Live Classroom
Duration: 4 days

Live Virtual Classroom
Duration: 4 days

What You'll learn

  • Establish security’s role in organizational culture, vision and mission
  • Define and implement information security strategies
  • Define, measure and report security metrics
  • Manage security programs
  • Manage security aspects of change control
  • Develop and manage a risk management program
  • Conduct risk assessments
  • Establish and maintain threat intelligence program
  • Oversee development of contingency plans
  • Guide development of recovery strategies
  • Maintain BCP, COOP and DRP
  • Document and manage compliance exceptions

Outline

  • Establish security’s role in organizational culture, vision and mission
  • Align security program with organizational governance
  • Define and implement information security strategies
  • Define and maintain security policy framework
  • Manage security requirements in contracts and agreements
  • Oversee security awareness and training programs
  • Define, measure and report security metrics
  • Prepare, obtain and administer security budget
  • Manage security programs
  • Apply product development and project management principles
  • Manage integration of security into System Development Life Cycle (SDLC)
  • Integrate new business initiatives and emerging technologies into the security architecture
  • Define and oversee comprehensive vulnerability management programs
  • Manage security aspects of change control
  • Develop and manage a risk management program
  • Conduct Risk Assessments (RA)
  • Establish and maintain threat intelligence program
  • Establish and maintain incident handling and investigation program
  • Oversee development of Contingency Plans (CP)
  • Guide development of recovery strategies
  • Maintain Business Continuity Plan (BCP), Continuity of Operations Plan (COOP) and Disaster Recovery Plan (DRP)
  • Manage recovery process
  • Understand the impact of laws that relate to information security
  • Understand management issues as related to the (ISC)2 Code of Ethics
  • Validate compliance in accordance with applicable laws, regulations and industry best practices
  • Coordinate with auditors and assist with the internal and external audit process
  • Document and manage compliance exceptions
View More

Prerequisites

Participants must be CISSP in good standing and have two years paid full-time work experience in one or more of the six domains of the CISSP-ISSMP CBK.

Who Should Attend

The course is highly recommended for –

  • System managers
  • Software managers
  • Chief technical officers
  • Chief security officers
  • Security managers

Interested in this course? Let’s connect!

Certification

This course prepares the participants for the certification examination for the CISSP-ISSMP certification. The details of the examination are as below –

Duration of the examination3 hours
Number of questions125
Format of the examinationMultiple choice questions
Passing grade700 out of 1000
Exam availability1000

 

The course covers key concepts of all the six domains of the CISSP-ISSMP CBK. The weightage of these domains in the examination is –

Leadership and business management22%
Systems lifecycle management19%
Risk management18%
Threat intelligence and incident management17%
Contingency management10%
Law, ethics and security compliance14%

Customer Reviews

Name
Email
Rating
Comments

No reviews yet