Pass the Certified Information Security Manager (CISM) exam and implement your organization's security strategy with ease

Key Features

• Pass the CISM exam confidently with this step-by-step guide
• Explore practical solutions that validate your knowledge and expertise in managing enterprise information security teams
• Enhance your cybersecurity skills with practice questions and mock tests

Book Description

With cyber threats on the rise, IT professionals are now choosing cybersecurity as the next step to boost their career, and holding the relevant certification can prove to be a game-changer in this competitive market. CISM is one of the top-paying and most sought-after certifications by employers.

This CISM Certification Guide comprises comprehensive self-study exam content for those who want to achieve CISM certification on the first attempt. This book is a great resource for information security leaders with a pragmatic approach to challenges related to real-world case scenarios. You'll learn about the practical aspects of information security governance and information security risk management. As you advance through the chapters, you'll get to grips with information security program development and management. The book will also help you to gain a clear understanding of the procedural aspects of information security incident management.

By the end of this CISM exam book, you'll have covered everything needed to pass the CISM certification exam and have a handy, on-the-job desktop reference guide.

What you will learn

• Understand core exam objectives to pass the CISM exam with confidence
• Create and manage your organization's information security policies and procedures with ease
• Broaden your knowledge of the organization's security strategy designing
• Manage information risk to an acceptable level based on risk appetite in order to meet organizational goals and objectives
• Find out how to monitor and control incident management procedures
• Discover how to monitor activity relating to data classification and data access

Who this book is for

If you are an aspiring information security manager, IT auditor, chief information security officer (CISO), or risk management professional who wants to achieve certification in information security, then this book is for you. A minimum of two years' experience in the field of information technology is needed to make the most of this book. Experience in IT audit, information security, or related fields will be helpful.

Table of Contents

1. Information Security Governance
2. Practical Aspects of Information Security Governance
3. Overview of Information Risk Management
4. Practical Aspects of Information Risk Management
5. Procedural Aspects of Information Risk Management
6. Overview of Information Security Program Development Management
7. Information Security Infrastructure and Architecture
8. Practical Aspects of Information Security Program Development Management
9. Information Security Monitoring Tools and Techniques
10. Overview of Information Security Incident Manager
11. Practical Aspects of Information Security Incident Management

About the Author

Hemang Doshi is a chartered accountant and a Certified Information System Auditor with more than 15 years' experience in the field of information system auditing/risk-based auditing/compliance auditing/vendor risk management/due diligence/system risk and control. He is the founder of CISA Exam Study and CRISC Exam Study, dedicated platforms for those studying for the CISA and CRISC certifications, respectively. He has also authored a few books on information security.