CISM: Information Security Incident Management (Part 2)

Experienced IT security professionals seeking to pass the Certified Information Security Manager (CISM) exam, or otherwise gain knowledge in managing, designing, and overseeing an enterprise’s information security

Please contact us for information about prerequisites.

Expected Duration
120 minutes

Preparing incident response and recovery plans is a very important part of a CISM’s role. This course examines how to identify the current state of incident response capability, identifies the elements of incident response and recovery plans, and discusses principles for effectively managing the plans. This course also examines the importance of testing, documentation, and how to physically prepare recovery sites and related offsite resources. This course prepares you for the Certified Information Security Manager (CISM) exam and follows the 2015 ISACA Candidate Information Guide.


Response and Recovery Planning

  • determine the appropriate method for identifying the current state of response capability for a given company
  • identify the factors that determine incident response capability
  • match phases of an incident response plan with their corresponding descriptions
  • match members of response and recovery teams with their corresponding responsibilities
  • recognize examples of individuals who may require notification in case of a serious security incident
  • recognize the types of insurance coverage that an organization may have
  • label descriptions of different types of recovery sites
  • determine the appropriate type of recovery site given examples of requirements
  • recognize methods for recovering communication and computing systems
  • distinguish between the characteristics of an incident response plan and a recovery plan

Testing Plans and Managing Incidents

  • recognize the method being used to test incident response and recovery plans
  • recognize examples of metrics used for testing incident response and recovery plans
  • identify important aspects of executing incident response and recovery plans
  • recognize key concepts related to testing and incident management





Multi-license discounts available for Annual and Monthly subscriptions.