Esquema del curso
1 - DOMAIN 1 – GOVERNANCE (POLICY, LEGAL, AND COMPLIANCE)
Information Security Management Program
Defining an Information Security Governance Program
Regulatory and Legal Compliance
Risk Management
2 - IS MANAGEMENT CONTROLS AND AUDITING MANAGEMENT
Designing, deploying, and managing security controls
Understanding security controls types and objectives
Implementing control assurance frameworks
Understanding the audit management process
3 - DOMAIN 3 OF THE C|CISO PROGRAM COVERS THE DAY-TO-DAY RESPONSIBILITIES OF A CISO, INCLUDING
The role of the CISO
Information Security Projects
Integration of security requirements into other operational processes (change management, version control, disaster recovery, etc.)
4 - DOMAIN 4 OF THE CCISO PROGRAM COVERS, FROM AN EXECUTIVE PERSPECTIVE, THE TECHNICAL ASPECTS OF THE CISO JOB INCLUDING:
Access Control
Physical Security
Disaster Recovery and Business Continuity Planning
Network Security
Threat and Vulnerability Management
Application Security
System Security
Encryption
Vulnerability Assessments and Penetration Testing
Computer Forensics and Incident Response
5 - DOMAIN 5 OF THE CCISO PROGRAM IS CONCERNED WITH THE AREA WITH WHICH MANY MORE TECHNICALLY INCLINED PROFESSIONALS MAY HAVE THE LEAST EXPERIENCE, INCLUDING:
Security Strategic Planning
Alignment with business goals and risk tolerance
Security emerging trends
Key Performance Indicators (KPI)
Financial Planning
Development of business cases for security
Analyzing, forecasting, and developing a capital expense budget
Analyzing, forecasting, and developing an operating expense budget
Return on Investment (ROI) and cost-benefit analysis
Vendor management
Integrating security requirements into the contractual agreement and procurement process