Essential CISM

  • Section 1: The Basics
  •     Chapter 1: Security Concepts
  •     Chapter 2: Governance, Goals, Strategies, Policies, Standards And Procedures
  •     Chapter 3: Strategy
  •     Chapter 4: Risk Appetite, Tolerance And Capacity
  •     Chapter 5: Analysis Of Risk
  •     Chapter 6: Controlling Threats And Risk
  •     Chapter 7: Controls And Countermeasures
  •     Chapter 8: ALE, RTO, RPO, SDO, MTO, MTD and AIW
  •     Chapter 9: BCP, DRP and BIA
  •     Chapter 10: Business Continuity And Disaster Recovery
  •     Chapter 11: Testing Incident Response, Business Continuity Plans And Disaster Recovery Plans
  •     Chapter 12: Roles, Responsibilities, Raci And Skills
  •     Chapter 13: Due Diligence And Due Care
  •     Chapter 14: Security Principles
  •     Chapter 15: KGIS, KPIS, KRIS and CSFS
  •     Chapter 16: Technologies
  •     Chapter 17: Standards And Frameworks
  •     Chapter 18: Culture
  •     Chapter 19: Metrics
  •     Chapter 20: Current State, Desired State And The Gap In-Between
  •     Chapter 21: Information Security Infrastructure And Architecture
  •     Chapter 22: Cloud Computing
  •     Chapter 23: Metrics Development
  • Section 2: The Four Domains
  •     Chapter 24: Information Security Governance – Overview
  •     Chapter 25: Information Security Governance – The Goal
  •     Chapter 26: Information Security Governance – The Strategy
  •     Chapter 27: Information Security Governance – Who Does What
  •     Chapter 28: Information Security Governance – Resources That Help
  •     Chapter 29: Information Security Governance – Constraints That Hurt
  •     Chapter 30: Information Security Governance – The Action Plan
  •     Chapter 31: Information Security Governance – Metrics And Monitoring
  •     Chapter 32: Information Security Governance – What Success Looks Like
  •     Chapter 33: Information Risk Management – Overview
  •     Chapter 34: Information Risk Management – The Goal
  •     Chapter 35: Information Risk Management – The Strategy
  •     Chapter 36: Information Risk Management – Who Does What
  •     Chapter 37: Information Risk Management – Resources That Help
  •     Chapter 38: Information Risk Management – Constraints That Hurt
  •     Chapter 39: Information Risk Management – The Action Plan
  •     Chapter 40: Information Risk Management – Metrics, Monitoring And Reporting
  •     Chapter 41: Information Risk Management – What Success Looks Like
  •     Chapter 42: Information Security Program Development And Management – Overview
  •     Chapter 43: Information Security Program Development And Management – The Goal
  •     Chapter 44: Information Security Program Development And Management – The Strategy
  •     Chapter 45: Information Security Program Development And Management – Who Does What
  •     Chapter 46: Information Security Program Development And Management – Resources That Help
  •     Chapter 47: Information Security Program Development And Management – Constraints That Hurt
  •     Chapter 48: Information Security Program Development And Management – The Action Plan
  •     Chapter 49: Information Security Program Development And Management – Metrics And Monitoring
  •     Chapter 50: Information Security Program Development And Management – What Success Looks Like
  •     Chapter 51: Information Security Incident Management – Overview
  •     Chapter 52: Information Security Incident Management – The Goal
  •     Chapter 53: Information Security Incident Management – The Strategy
  •     Chapter 54: Information Security Incident Management – Who Does What
  •     Chapter 55: Information Security Incident Management – Resources That Help
  •     Chapter 56: Information Security Incident Management – Constraints That Hurt
  •     Chapter 57: Information Security Incident Management – The Action Plan
  •     Chapter 58: Information Security Incident Management – Metrics And Monitoring
  •     Chapter 59: Information Security Incident Management – What Success Looks Like
Created with