CISSP-ISSMP Training Course Outline

Concentration In Security Management

The Official CISSP-ISSMP training provides a comprehensive review of managerial concepts such as project management, risk management, creating and delivering security awareness programs, and managing a business continuity planning program. This training course will help students review and refresh their knowledge and identify areas they need to study for the ISSMP exam. Taught by an (ISC)² - authorized instructor, the course features:

• 134 days of access to Official (ISC)² ISSAP course content
• Interactive flash cards
• Post-course assessment
• Independent reading learning activities
• Case studies
• Videos
• End of domain quizzes

Who Should Attend

The training seminar is ideal for certified CISSPs working in positions such as but not limited to:

• Chief Information Officer
• Chief Information Security Officer
• Chief Technology Officer
• Senior Security Executive

Course Agenda

• Domain 1: Leadership and Business Management
• Domain 2: Systems Lifecycle Management
• Domain 3: Risk Management
• Domain 4: Threat Intelligence and Incident Management
• Domain 5: Contingency Management
• Domain 6: Law, Ethics and Security Compliance Management

Please Note: Effective November 15, 2022, the CISSP-ISSMP exam will be based on a new exam outline. Please refer to the CISSP-ISSMP Exam Outline and FAQs for details.

Course Delivery Methods

Course Objectives

After completing this course, the student will be able to:

• Evaluate the role of security, connect the security program with organizational governance, and prioritize security requirements in support of business initiatives to obtain support for the security program.
• Recommend a documented security program that includes security awareness and training and a process for analyzing, managing and enforcing security requirements for contracts and agreements.
• Apply metrics, budgeting, project management and management of security team and cross-functional and stakeholder associations to achieve a security program.
• Understand the management of security into organizational security architecture throughout the system lifecycle.
• Understand the organizational requirements necessary to establish an effective Risk Management Program.
• Understand the general processes employed in the identification of system assets, potential system threats, in-place safeguards, and vulnerabilities in the conduct and analysis of system risk assessments. 
• Understand the principles and practices necessary to establish and maintain a successful incident handling and investigation program.
• Understand the processes and collaboration requirements necessary to establish, maintain, and benefit from a successful threat intelligence program. 
• Understand the various benefits that the proper conduct of a Business Impact Analysis provides to the organization.
• Understand the thorough development, testing, and training necessary to effectively respond to consequences of disastrous events through effective organizational continuity of operations and system-level contingency planning.
• Recognize the laws, regulations, and supporting policies that must be maintained to ensure the appropriate protective controls and ethics are employed, audited, and validated to safeguard sensitive information and systems.