CISO, or Chief Information Security Officer, is an established top-level executive position in the industry, similar to CEO or CTO. CISO is the highest-level executive in an organization charged with information security. With the increasing awareness of digital information as an asset in the industry at large, the demand for CISOs across organizations is on a rise. The CISOs focus on the core areas pertaining to information security in an enterprise and lead the IS program.
The CCISO certification training is aimed at providing the learners with comprehensive knowledge and skills regarding the information security domain. The Chief Information Security Officer Certification Training covers vital areas such as policy setting, project management, audit management, executive strategy, contract management, and financial expertise. These areas of knowledge are essential for leading a successful IS program. The CCISO certification validates the competence of a professional in handling the top-level executive tasks and in effectively leading an information security program.
CCISO Course Content
Domain 1: Governance (Policy, Legal, and Compliance)
- Information Security Management Program
- Defining an Information Security Governance Program
- Regulatory and Legal Compliance
- Risk Management
Domain 2: IS Management Controls and Auditing Management
- Designing, deploying, and managing security controls
- Understanding security controls types and objectives
- Implementing control assurance frameworks
- Understanding the audit management process
Domain 3: Security Program Management & Operations
- The role of the CISO
- Information Security Projects
- Integration of security requirements into other operational processes (change management, version control, disaster recovery, etc.)
Domain 4: Information Security Core Concepts
- Access Controls
- Physical Security
- Disaster Recovery and Business Continuity Planning
- Network Security
- Threat and Vulnerability Management
- Application Security
- System Security
- Encryption
- Vulnerability Assessments and Penetration Testing
- Computer Forensics and Incident Response
Domain 5: Strategic Planning, Finance, & Vendor Management
- Security Strategic Planning
- Alignment with business goals and risk tolerance
- Security emerging trends
- Key Performance Indicators (KPI)
- Financial Planning
- Development of business cases for security
- Analyzing, forecasting, and developing a capital expense budget
- Analyzing, forecasting, and developing an operating expense budget
- Return on Investment (ROI) and cost-benefit analysis
- Vendor management
- Integrating security requirements into the contractual agreement and procurement process
