EC-Council Certified Chief Information Security Officer (C-CISO)

Duration:

5 Days

Audience:

Employees of federal, state and local governments; and businesses working with the government.

This course is designed for the aspiring or sitting upper-level manager striving to advance his or her career by learning to apply their existing deep technical knowledge to business problems.

Prerequisites:

Candidates interested in earning the C|CISO Certification must qualify via EC-Council’s Exam Eligibility application before sitting for the C|CISO Exam. Only students with at least five years of experience in three of the five domains are permitted to sit for the C|CISO Exam. Any student who does not qualify to sit for the exam or who does not fill out the application will be permitted to take the EC-Council Information Security Manager (EISM) exam and earn that certification. EISMs may then apply for the CCISO Exam once they have achieved the required years of experience.

IT Dojo is not an authorized EC Council partner, but our EC Council courses are delivered by various partners that we have that are.

Course Overview:

In this course, students will learn in-depth content in each of the 5 CCISO Domains

DOMAIN 1 – GOVERNANCE (POLICY, LEGAL, AND COMPLIANCE)

  • Information Security Management Program
  • Defining an Information Security Governance Program
  • Regulatory and Legal Compliance
  • Risk Management

DOMAIN 2 – IS MANAGEMENT CONTROLS AND AUDITING MANAGEMENT

  • Designing, deploying, and managing security controls
  • Understanding security controls types and objectives
  • Implementing control assurance frameworks
  • Understanding the audit management process

DOMAIN 3 – DAY-TO-DAY RESPONSIBILITIES OF A CISO, INCLUDING

  • The role of the CISO
  • Information Security Projects
  • Integration of security requirements into other operational processes (change management, version control, disaster recovery, etc.)

DOMAIN 4 – THE TECHNICAL ASPECTS OF THE CISO JOB INCLUDING:

  • Access Controls
  • Physical Security
  • Disaster Recovery and Business Continuity Planning
  • Network Security
  • Threat and Vulnerability Management
  • Application Security
  • System Security
  • Encryption
  • Vulnerability Assessments and Penetration Testing
  • Computer Forensics and Incident Response

DOMAIN 5  THE AREA WITH WHICH MANY MORE TECHNICALLY INCLINED PROFESSIONALS MAY HAVE THE LEAST EXPERIENCE, INCLUDING:

  • Security Strategic Planning Alignment with business goals and risk tolerance Security emerging trends
  • Key Performance Indicators (KPI)
  • Financial Planning Development of business cases for security Analyzing, forecasting, and developing a capital expense budget Analyzing, forecasting, and developing an operating expense budget
  • Return on Investment (ROI) and cost-benefit analysis
  • Vendor management
  • Integrating security requirements into the contractual agreement and procurement process

Taken together, these five Domains of the C|CISO program translate to a thoroughly knowledgeable, competent executive information security practitioner.