CCISO

Certified Chief Information Security Officer.

audience-icon.png

Target audience.

  • Network Engineers with security specialization

  • Experienced IT Professionals engaged in information security management

  • Those who perform CISO functions, but don’t have an official title

  • All the professionals who aspire to reach top-level position in information security profession

target-yellow.png

Purpose of the course.

This course aims to instruct students on all of the components required for C-level positions. Class participants will analyze a combination of topics such as audit management, governance, IS controls, human capital management, strategic program development, and more from EC-Council's five (5) identified information security management domains, all of which are created by established Chief Information Security Officer's (CISO). 

clock-icon.png

Details.

Duration of studies: 5 days / 40 hours
Language of instruction (students may choose): Russian, English

Language of materials and test: English

This course package includes:

  • Certified trainer

  • Access to e-library with learning resources

  • Exam voucher 

  • The exam can be challenged post the completion of attending the complete official course. Candidates that successfully passes the exam will receive their CCISO certificate.

program-yellow.png

Course outline.

Domain 1: Governance

Domain 2: Security Risk Management, Controls, and Audit Management

Domain 3: Security Program Management and Operations

Domain 4: Information Security Core Concepts

Domain 5: Strategic Planning, Finance, and Vendor Management

01

Domain.

Governance (Policy, Legal & Compliance)

  • Information Security Management Program

  •  Defining an Information Security Governance Program

  •  Regulatory and Legal Compliance

  •  Risk Management

02

Domain.

IS Management Controls and Auditing Management

  • Designing, deploying, and managing security controls

  • Understanding security controls types and objectives

  • Implementing control assurance frameworks

  • Understanding the audit management process

03

Domain.

Security Program Management and Operations

  • The role of the CISO

  • Information Security Projects

  • Integration of security requirements into other operational processes (change management, version control, disaster recovery, etc.)

04

Domain.

Information Security Core Concepts 

  • Access Controls

  •  Physical Security

  •  Disaster Recovery and Business Continuity Planning

  •  Network Security

  •  Threat and Vulnerability Management

  •  Application Security

  •  System Security

  •  Encryption

  •  Vulnerability Assessments and Penetration Testing

  •  Computer Forensics and Incident Response

05

Domain.

Strategic Planning and finances

  • Security Strategic Planning

  • Alignment with business goals and risk tolerance

  • Security emerging trends

  • Key Performance Indicators (KPI)

  • Financial Planning

  • Development of business cases for security

  • Analyzing, forecasting, and developing a capital expense budget

  • Analyzing, forecasting, and developing an operating expense budget

  • Return on Investment (ROI) and cost-benefit analysis

  • Vendor management

  • Integrating security requirements into the contractual agreement and procurement process