EC-Council Certified Chief Information Security Officer (CCISO)
In this course, students will learn in-depth content in each of the 5 CCISO Domains.
Course Objectives
This course is designed for the aspiring or sitting upper-level manager striving to advance his or her career by learning to apply their existing deep technical knowledge to business problems.
Agenda
- DOMAIN 1 – Governance (Policy, Legal, and Compliance)
- Information Security Management Program
- Defining an Information Security Governance Program
- Regulatory and Legal Compliance
- Risk Management
- DOMAIN 2 is Management Controls and Auditing Management
- Designing, deploying, and managing security controls
- Understanding security controls types and objectives
- Implementing control assurance frameworks
- Understanding the audit management process
- DOMAIN 3 of the C|CISO Program Covers The Day-to-Day Responsibilities of a CISO, Including
- The role of the CISO
- Information Security Projects
- Integration of security requirements into other operational processes (change management, version control, disaster recovery, etc.)
- DOMAIN 4 of the CCISO Program Covers, from an Executive Perspective, the Technical Aspects of the CISO Job Including:
- Access Controls
- Physical Security
- Disaster Recovery and Business Continuity Planning
- Network Security
- Threat and Vulnerability Management
- Application Security
- System Security
- Encryption
- Vulnerability Assessments and Penetration Testing
- Computer Forensics and Incident Response
- DOMAIN 5 of the CCISO Program is Concerned with the Area with which Many More Technically Inclined Professionals May Have the Least Experience, Including:
- Security Strategic Planning
- Alignment with business goals and risk tolerance
- Security emerging trends
- Key Performance Indicators (KPI)
- Financial Planning
- Development of business cases for security
- Analyzing, forecasting, and developing a capital expense budget
- Analyzing, forecasting, and developing an operating expense budget
- Return on Investment (ROI) and cost-benefit analysis
- Vendor management
- Integrating security requirements into the contractual agreement and procurement process
- Taken together, these five Domains of the C|CISO program translate to a thoroughly knowledgeable, competent executive information security practitioner.