CISM: Information Security Program Development and Management (Part 5)

Experienced IT security professionals seeking to pass the Certified Information Security Manager (CISM) exam, or otherwise gain knowledge in managing, designing, and overseeing an enterprise’s information security

Please contact us for information about prerequisites.

Expected Duration
120 minutes

Security programs require strong controls and countermeasures to ensure that security activities are carried out and measures exist to deal with issues that may arise while a security program is being implemented. This course examines control categories, control design considerations, and the control methods and recommendations that a security manager should implement. This course will also discuss the metrics and monitoring practices that should be used put in place as part of a security program. Finally, this course will examine common information security program challenges. This course prepares you for the Certified Information Security Manager (CISM) exam and follows the 2015 ISACA Candidate Information Guide.


IS Controls and Countermeasures

  • distinguish between two types of information security controls
  • recognize principles of effective security control
  • recognize examples of physical, environmental, and technical controls
  • distinguish between examples of controls and countermeasures
  • identify factors to consider when recommending improvements to information security controls
  • describe types of controls and how they are used in information security management
  • explain the use of controls and countermeasures to manage risk

IS Program Metrics, Monitoring, and Challenges

  • categorize examples of information security metrics
  • determine whether a given metric would be effective
  • recognize examples of measures used to assess the effectiveness of an information security program
  • recognize examples of monitoring activities
  • recognize the relationship between information security metrics, measurement, and monitoring
  • recognize effective approaches to measuring and monitoring an information security program
  • recognize strategies for overcoming common challenges to information security management





Multi-license discounts available for Annual and Monthly subscriptions.