WEEK 4

EC-COUNCIL INFORMATION SECURITy MANAGEMENT (EISM)

The final course in the PCA program is the EC-Council Information Security Management (EISM) certification. The EISM is designed for students who do not yet have five years of information security experience in at least three of the five EC-Council Certified Chief Information Security Officer (CCISO) domains. This management certification can help propel their careers and put them on fast track toward obtaining the CCISO. EISM students must attend training—the same CCISO training that upper level executives attend—before attempting the EISM exam. There are no experience requirements for this exam. The courseware and training programs are exactly the same as those of the CCISO program. Imagine being able to push your new information security career forward using the same resources as seasoned professionals. That’s what the EISM program does. The EISM exam is a light version of the CCISO exam and tests the fundamentals of information security management.

COURSE OUTLINE

GOVERNANCE AND RISK MANAGEMENT

  • Define, Implement, Manage, and Maintain an Information Security Governance Program
  • Information Security Drivers
  • Establishing an information security management structure
  • Laws/Regulations/Standards as drivers of Organizational Policy/Standards/Procedures
  • Managing an enterprise information security compliance program
  • Introduction to Risk Management
INFORMATION SECURITY CONTROLS, COMPLIANCE, AND AUDIT MANAGEMENT
  • Information Security Controls
  • Compliance Management
  • Guidelines, Good and Best Practices
  • Audit Management
SECURITY PROGRAM MANAGEMENT AND OPERATIONS
  • Program Management
  • Operations Management
INFORMATION SECURITY CORE COMPETENCIES
  • Access Control
  • Physical Security
  • Network Security
  • Wireless Secuirty
  • Endpoint Protection
  • Application Security
  • Encryption Technologies
  • Virtualization Security
  • Cloud Computing Security
  • Transformative Technologies
STRATEGIC PLANNING, FINANCE, PROCUREMENT, AND VENDOR MANAGEMENT
  • Strategic Planning
  • Designing, Developing, and Maintaining an Enterprise Information Security Program
  • Understanding the Enterprise Architecture (EA)
  • Finance
  • Procurement
  • Vendor Management

EXAM INFORMATION

  • The EISM Exam is based on the same bank of questions as the CCISO exam – questions written by CISOs for current and aspiring CISOs. The difference is, there are scenario-based questions that require years of on the job experience to answer on the CCISO exam. These are omitted from the EISM exam and only the basic information security management questions remain.
  • 150 questions
  • 2 hour time limit
  • Multiple choice
  • 70% minimum passing score
  • Test Delivery: EC-Council Exam Portal