Certified Chief Information Security Officer (CISO) Course Outline
Special Note to New Hampshire ResidentsThis course has not yet been approved by the New Hampshire Department of Education. Please contact us for an update on when the class will be available in New Hampshire.
Overview
In this course, students will learn in-depth content in each of the 5 CCISO Domains
Course Objectives
This course is designed for the aspiring or sitting upper-level manager striving to advance his or her career by learning to apply their existing deep technical knowledge to business problems.
Course Outline
1 - DOMAIN 1 – GOVERNANCE (POLICY, LEGAL, AND COMPLIANCE)
Information Security Management Program
Defining an Information Security Governance Program
Regulatory and Legal Compliance
Risk Management
2 - IS MANAGEMENT CONTROLS AND AUDITING MANAGEMENT
Designing, deploying, and managing security controls
Understanding security controls types and objectives
Implementing control assurance frameworks
Understanding the audit management process
3 - DOMAIN 3 OF THE C|CISO PROGRAM COVERS THE DAY-TO-DAY RESPONSIBILITIES OF A CISO, INCLUDING
The role of the CISO
Information Security Projects
Integration of security requirements into other operational processes (change management, version control, disaster recovery, etc.)
4 - DOMAIN 4 OF THE CCISO PROGRAM COVERS, FROM AN EXECUTIVE PERSPECTIVE, THE TECHNICAL ASPECTS OF THE CISO JOB INCLUDING:
Access Controls
Physical Security
Disaster Recovery and Business Continuity Planning
Network Security
Threat and Vulnerability Management
Application Security
System Security
Encryption
Vulnerability Assessments and Penetration Testing
Computer Forensics and Incident Response
5 - DOMAIN 5 OF THE CCISO PROGRAM IS CONCERNED WITH THE AREA WITH WHICH MANY MORE TECHNICALLY INCLINED PROFESSIONALS MAY HAVE THE LEAST EXPERIENCE, INCLUDING:
Security Strategic Planning
Alignment with business goals and risk tolerance
Security emerging trends
Key Performance Indicators (KPI)
Financial Planning
Development of business cases for security
Analyzing, forecasting, and developing a capital expense budget
Analyzing, forecasting, and developing an operating expense budget
Return on Investment (ROI) and cost-benefit analysis
Vendor management
Integrating security requirements into the contractual agreement and procurement process
Taken together, these five Domains of the C|CISO program translate to a thoroughly knowledgeable, competent executive information security practitioner.
View outline in Word
SCCISO