ISSMP Certification Training | Information System Security Management Professional Training Course Hands-on
Learn how to establish, present, and govern information security programs demonstrating management and leadership skills in this official (ISC)2 ISSMP Certification Training or Information System Security Management Professional Training course
This ISSMP Certification Training or Information System Security Management Professional Training course is designed for CISSPs who specialize in deep managerial elements, such as project management, risk management, setting up and delivering a security awareness program, and managing a business continuity planning program.
Gain security leadership and management skills in order to manage an organizations information security program. Ensure your company meets security compliance regulations by establishing, managing, and overseeing a process to help monitor, assess and enforce compliance with security policies and procedures. Learn vital contingency and incident management practices for reducing the impact of adverse events, such as natural and man-made disasters, virus outbreak, or equipment failure.
Duration: 5 days
• We can adapt this ISSMP Certification Training or Information System Security Management Professional Training course to your group’s background and work requirements at little to no added cost.
• If you are familiar with some aspects of this ISSMP Certification Training course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the ISSMP Certification Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the ISSMP Certification Training course in manner understandable to lay audiences.
Audience / Target Group
The target audience for this ISSMP Certification Training course is defined here:
• Leaders of the organization's information security program who typically hold a job title such as chief information security officer, information security director, or enterprise security manager
• Individuals pursuing CISSP-ISSMP® certification
ISSMP Certification Training - Objectives:
After completing this ISSMP Certification Training | Information System Security Management Professional Training course, attendees will be able to:
In-depth coverage of the five domains required to pass the CISSP-ISSMP exam:
• Security Leadership and Management
• Security Lifecycle Management
• Security Compliance Management
• Contingency Management
• Law, Ethics, and Incident Management
ISSMP Certification Training - Course Content:
Domain 1: Security Leadership and Management
The first domain reviewed in this official CISSP-ISSMP course is called Security Leadership and Management. It focuses on managing an organization’s information security program. Domain 1 is built upon the concepts of information security from an organizational perspective and emphasizes information security’s role in supporting the overall goal of the organization. Emphasis is placed on application and management of appropriate processes and technologies to achieve organizational goals and objectives for information security.
CISSP-ISSMP Domain 1 Lessons:
• Security’s Role in the Organization’s Culture, Vision, and Mission
• Organizational Governance
• Information Security Strategies
• Data Classification
• Security Policy Framework
• Security Requirements in Contracts and Agreements
• Risk Management Program
• Security Aspects of Change Control
• Security Awareness and Training Programs
• Security Metrics (Define, Measure, and Report)
• Security Budget (Prepare, Obtain, and Administer)
• Security Organization (ex. Roles and Responsibilities, Determine FTE’s, Performance Evaluation)
• Project Management Principles (ex. Time, Scope and Cost Relationship, Work Breakdown Structure)
Domain 2: Security Lifecycle Management
The Security Lifecycle Management domain assesses the candidate’s knowledge and skill in integrating information security principles and processes into new business initiatives, as well as the System Development Life Cycle (SDLC), including the operations and maintenance and disposal phases.
CISSP-ISSMP Domain 2 Lessons:
• Integration of Security into the System Development Lifecycle (SDLC)
• New Business Initiatives and Security Architecture
• Vulnerability Management Programs (ex. Vulnerability Scanning, Penetration Testing, Threat Analysis)
Domain 3: Security Compliance Management
Domain 3 is about establishing, managing, and overseeing a process to help monitor, assess and enforce compliance with security policies and procedures.
CISSP-ISSMP Domain 3 Lessons:
• Organizational Security Policies and Procedures
• Compliance Framework Exceptions
• Internal and External Audit Process
Domain 4: Contingency Management
The Contingency Management domain covers the planning and implementing processes for reducing the impact of adverse events, such as natural or man-made disasters, virus outbreak, or equipment failure.
CISSP-ISSMP Domain 4 Lessons
• Contingency Plans
• Recovery Strategies
• BCP and DRP plans (ex. Lessons Learned, Architecture Changes)
Domain 5: Law, Ethics and Incident Management
The last domain in this CISSP-ISSMP course is Law, Ethics and Incident Management. It covers the laws and regulations that apply to the organization, as well as the implications of non-compliance. This domain also assesses the core knowledge and skill that is widely accepted across most jurisdictions.
CISSP-ISSMP Domain 5 Lessons:
• Laws that Relate to Information Security
• Incident Handling and Investigation Processes
• Management Issues Related to the (ISC)² Code of Ethics
NOTE: While this training program does not have any prerequisites, the CISSP-ISSMP certification does. Additional information on these prerequisites can be found below:
To qualify for the CISSP-ISSMP certification you must be possess a CISSP certification in good standing and have a minimum of two (2) years of cumulative paid full-time work experience in one or more of the domains in the respective concentration: (1) Security Leadership and Management, (2) Security Compliance Management, (3) Law, Ethics, and Incident, Management, (4) Security Lifecycle Management, and (5) Contingency Management