1 - Domain 01 - Governance
Define, Implement, Manage, and Maintain an Information Security Governance ProgramInformation Security DriversEstablishing an information security management structureLaws/Regulations/Standards as drivers of Organizational Policy/Standards/ProceduresManaging an enterprise information security compliance programRisk ManagementRisk mitigation, risk treatment, and acceptable riskRisk management frameworksNISTOther Frameworks and Guidance (ISO 31000, TARA, OCTAVE, FAIR, COBIT, and ITIL)Risk management plan implementationOngoing third-party risk managementRisk management policies and processesConclusion
2 - Domain 2 - Security Risk Management, Controls, & Audit Management
INFORMATION SECURITY CONTROLSCOMPLIANCE MANAGEMENTGUIDELINES, GOOD AND BEST PRACTICESAUDIT MANAGEMENTSUMMARY
3 - Domain 03 - Security Program Management and Operations
PROGRAM MANAGEMENTOPERATIONS MANAGEMENTSummary
4 - Domain 04 - Information Security Core Concepts
ACCESS CONTROLPHYSICAL SECURITYNETWORK SECURITYENDPOINT PROTECTIONAPPLICATION SECURITYENCRYPTION TECHNOLOGIESVIRTUALIZATION SECURITYCLOUD COMPUTING SECURITYTRANSFORMATIVE TECHNOLOGIESSummary
5 - Domain 05 - Strategic Planning, Finance, Procurement and Vendor Management
STRATEGIC PLANNINGDesigning, Developing, and Maintaining an Enterprise Information Security ProgramUnderstanding the Enterprise Architecture (EA)FINANCEPROCUREMENTVENDOR MANAGEMENTSummary
Actual course outline may vary depending on offering center. Contact your sales representative for more information.
Who is it For?
This course is designed for the aspiring or sitting upper-level manager striving to advance his or her career by learning to apply their existing deep technical knowledge to business problems.
Candidates interested in earning the C|CISO Certification must qualify via EC-Council’s Exam Eligibility application before sitting for the C|CISO Exam. Only students with at least five years of experience in three of the five domains are permitted to sit for the C|CISO Exam. Any student who does not qualify to sit for the exam or who does not fill out the application will be permitted to take the EC-Council Information Security Manager (EISM) exam and earn that certification. EISMs may then apply for the CCISO Exam once they have achieved the required years of experience.