Curriculums

• Domain 1: Governance (Policy, Legal, and Compliance)

  Information Security Management Program
  Defining an Information Security Governance Program
  Regulatory and Legal Compliance
  Risk Management

• Domain 2: IS Management Controls and Auditing Management

  Designing, deploying, and managing security controls
  Understanding security controls types and objectives
  Implementing control assurance frameworks
  Understanding the audit management process

• Domain 3: Security Program Management & Operations

  The role of the CISO
  Information Security Projects
  Integration of security requirements into other operational processes (change management, version control, disaster recovery, etc.)

• Domain 4: Information Security Core Concepts

  Access Controls
  Physical Security
  Disaster Recovery and Business Continuity Planning
  Network Security
  Threat and Vulnerability Management
  Application Security
  System Security
  Encryption
  Vulnerability Assessments and Penetration Testing
  Computer Forensics and Incident Response

• Domain 5: Strategic Planning, Finance, & Vendor Management

  Security Strategic Planning
  Alignment with business goals and risk tolerance
  Security emerging trends
  Key Performance Indicators (KPI)
  Financial Planning
  Development of business cases for security
  Analyzing, forecasting, and developing a capital expense budget
  Analyzing, forecasting, and developing an operating expense budget
  Return on Investment (ROI) and cost-benefit analysis
  Vendor management
  Integrating security requirements into the contractual agreement and procurement process