Certified Chief Information Security Officer Certification Overview

Certified Chief Information Security Officer Certification Course Outline

Domain 1: Governance and Risk Management

Module 1: Define, Implement, Manage, and Maintain an Information Security Governance Program

  • 1.1. Form of Business Organisation
  • 1.2. Industry
  • 1.3. Organisational Maturity

Module 2: Information Security Drivers

Module 3: Establishing an information security management structure

  • 3.1. Organisational Structure
  • 3.2. Where does the CISO fit within the organisational structure
  • 3.3. The Executive CISO
  • 3.4. Nonexecutive CISO

Module 4: Laws/Regulations/Standards as drivers of Organisational Policy/Standards/Procedures

Module 5: Managing an enterprise information security compliance program

  • 5.1. Security Policy
  • 5.1.1. Necessity of a Security Policy
  • 5.1.2. Security Policy Challenges
  • 5.2. Policy Content
    • 5.2.1. Types of Policies
    • 5.2.2. Policy Implementation
  • 5.3. Reporting Structure
  • 5.4. Standards and best practices
  • 5.5. Leadership and Ethics
  • 5.6. EC-Council Code of Ethics

Module 6: Introduction to Risk Management

  • 3.1. Organisational Structure
  • 3.2. Where does the CISO fit within the organisational structure
  • 3.3. The Executive CISO
  • 3.4. Nonexecutive CISO

Domain 2: Information Security Controls, Compliance, and Audit Management

Module 1. Information Security Controls

  • 1.1. Identifying the Organisation’s Information Security Needs
    • 1.1.1. Identifying the Optimum Information Security Framework
    • 1.1.2. Designing Security Controls
    • 1.1.3. Control Lifecycle Management
    • 1.1.4. Control Classification
    • 1.1.5. Control Selection and Implementation
    • 1.1.6. Control Catalog
    • 1.1.7. Control Maturity
    • 1.1.8. Monitoring Security Controls
    • 1.1.9. Remediating Control Deficiencies
    • 1.1.10. Maintaining Security Controls
    • 1.1.11. Reporting Controls
    • 1.1.12. Information Security Service Catalog

Module: 2. Compliance Management

  • 2.1. Acts, Laws, and Statutes
    • 2.1.1. FISMA
  • 2.2. Regulations
    • 2.2.1. GDPR
  • 2.3. Standards
    • 2.3.1. ASD—Information Security Manual
    • 2.3.2. Basel III
    • 2.3.3. FFIEC
    • 2.3.4. ISO 00 Family of Standards
    • 2.3.5. NERC-CIP
    • 2.3.6. PCI DSS
    • 2.3.7. NIST Special Publications
    • 2.3.8. Statement on Standards for Attestation Engagements No. 16 (SSAE 16)

Module: 3. Guidelines, Good and Best Practices

  • 3.1. CIS
    • 3.1.1. OWASP

Module 4: Audit Management

  • 4.1. Audit Expectations and Outcomes
  • 4.2. IS Audit Practices
    • 4.2.1. ISO/IEC Audit Guidance
    • 4.2.2. Internal versus External Audits
    • 4.2.3. Partnering with the Audit Organisation
    • 4.2.4. Audit Process
    • 4.2.5. General Audit Standards
    • 4.2.6. Compliance-Based Audits
    • 4.2.7. Risk-Based Audits
    • 4.2.8. Managing and Protecting Audit Documentation
    • 4.2.9. Performing an Audit
    • 4.2.10. Evaluating Audit Results and Report
    • 4.2.11. Remediating Audit Findings
    • 4.2.12. Leverage GRC Software to Support Audits

Module 5: Summary

Domain 3: Security Program Management & Operations

Module 1: Program Management

  • 1.1. Defining a Security Charter, Objectives, Requirements, Stakeholders, and Strategies
    • 1.1.1. Security Program Charter
    • 1.1.2. Security Program Objectives
    • 1.1.3. Security Program Requirements
    • 1.1.4. Security Program Stakeholders
    • 1.1.5. Security Program Strategy Development
  • 1.2. Executing an Information Security Program
  • 1.3. Defining and Developing, Managing and Monitoring the Information Security Program
    • 1.3.1. Defining an Information Security Program Budget
    • 1.3.2. Developing an Information Security Program Budget
    • 1.3.3. Managing an Information Security Program Budget
    • 1.3.4. Monitoring an Information Security Program Budget
  • 1.4. Defining and Developing Information Security Program Staffing Requirements
  • 1.5. Managing the People of a Security Program
    • 1.5.1. Resolving Personnel and Teamwork Issues
    • 1.5.2. Managing Training and Certification of Security Team Members
    • 1.5.3. Clearly Defined Career Path
    • 1.5.4. Designing and Implementing a User Awareness Program
  • 1.6. Managing the Architecture and Roadmap of the Security Program
    • 1.6.1. Information Security Program Architecture
    • 1.6.2. Information Security Program Roadmap
  • 1.7. Program Management and Governance
    • 1.7.1. Understanding Project Management Practices
    • 1.7.2. Identifying and Managing Project Stakeholders
    • 1.7.3. Measuring the Effectives of Projects
  • 1.8. Business Continuity Management (BCM) and Disaster Recovery Planning (DRP)
  • 1.9. Data Backup and Recovery
  • 1.10. Backup Strategy
  • 1.11. ISO BCM Standards
    • 1.11.1. Business Continuity Management (BCM)
    • 1.11.2. Disaster Recovery Planning (DRP)
  • 1.12. Continuity of Security Operations
    • 1.12.1. Integrating the Confidentiality, Integrity and Availability (CIA) Model
  • 1.13. BCM Plan Testing
  • 1.14. DRP Testing
  • 1.15. Contingency Planning, Operations, and Testing Programs to Mitigate Risk and Meet Service Level Agreements (SLAs)
  • 1.16. Computer Incident Response
    • 1.16.1. Incident Response Tools
    • 1.16.2. Incident Response Management
    • 1.16.3. Incident Response Communications
    • 1.16.4. Post-Incident Analysis
    • 1.16.5. Testing Incident Response Procedures
  • 1.17. Digital Forensics
    • 1.17.1. Crisis Management
    • 1.17.2. Digital Forensics Life Cycle

Module 2: Operations Management

  • 2.1. Establishing and Operating a Security Operations (SecOps) Capability
  • 2.2. Security Monitoring and Security Information and Event Management (SIEM)
  • 2.3. Event Management
  • 2.4. Incident Response Model
    • 2.4.1. Developing Specific Incident Response Scenarios
  • 2.5. Threat Management
  • 2.6. Threat Intelligence
    • 2.6.1. Information Sharing and Analysis Centers (ISAC)
  • 2.7. Vulnerability Management
    • 2.7.1. Vulnerability Assessments
    • 2.7.2. Vulnerability Management in Practice
    • 2.7.3. Penetration Testing
    • 2.7.4. Security Testing Teams
    • 2.7.5. Remediation
  • 2.8. Threat Hunting

Module 3: Summary

Domain 4: Information Security Core Competencies

Module 1: Access Control

  • 1.1. Authentication, Authorisation, and Auditing
  • 1.2. Authentication
  • 1.3. Authorisation
  • 1.4. Auditing
  • 1.5. User Access Control Restrictions
  • 1.6. User Access Behavior Management
  • 1.7. Types of Access Control Models
  • 1.8. Designing an Access Control Plan
  • 1.9. Access Administration

Module 2: Physical Security

  • 2.1. Designing, Implementing, and Managing Physical Security Program
    • 2.1.1. Physical Risk Assessment
  • 2.2. Physical Location Considerations
  • 2.3. Obstacles and Prevention
  • 2.4. Secure Facility Design
    • 2.4.1. Security Operations Center
    • 2.4.2. Sensitive Compartmented Information Facility
    • 2.4.3. Digital Forensics Lab
    • 2.4.4. Datacenter
  • 2.5. Preparing for Physical Security Audits

Module 3: Network Security

  • 3.1. Network Security Assessments and Planning
  • 3.2. Network Security Architecture Challenges
  • 3.3. Network Security Design
  • 3.4. Network Standards, Protocols, and Controls
    • 3.4.1. Network Security Standards
    • 3.4.2. Protocols

Module 4: Certified Chief

  • 4.1.1. Network Security Controls
  • 4.2. Wireless (Wi-Fi) Security
    • 4.2.1. Wireless Risks
    • 4.2.2. Wireless Controls
  • 4.3. Voice over IP Security

Module 5: Endpoint Protection

  • 5.1. Endpoint Threats
  • 5.2. Endpoint Vulnerabilities
  • 5.3. End User Security Awareness
  • 5.4. Endpoint Device Hardening
  • 5.5. Endpoint Device Logging
  • 5.6. Mobile Device Security
    • 5.6.1. Mobile Device Risks
    • 5.6.2. Mobile Device Security Controls
  • 5.7. Internet of Things Security (IoT)
    • 5.7.1. Protecting IoT Devices

Module 6: Application Security

  • 6.1. Secure SDLC Model
  • 6.2. Separation of Development, Test, and Production Environments
  • 6.3. Application Security Testing Approaches
  • 6.4. DevSecOps
  • 6.5. Waterfall Methodology and Security
  • 6.6. Agile Methodology and Security
  • 6.7. Other Application Development Approaches
  • 6.8. Application Hardening
  • 6.9. Application Security Technologies
  • 6.10. Version Control and Patch Management
  • 6.11. Database Security
  • 6.12. Database Hardening
  • 6.13. Secure Coding Practices

Module 7: Encryption Technologies

  • 7.1. Encryption and Decryption
  • 7.2. Cryptosystems
    • 7.2.1. Blockchain
    • 7.2.2. Digital Signatures and Certificates
    • 7.2.3. PKI
    • 7.2.4. Key Management
  • 7.3. Hashing
  • 7.4. Encryption Algorithms
  • 7.5. Encryption Strategy Development
    • 7.5.1. Determining Critical Data Location and Type
    • 7.5.2. Deciding What to Encrypt
    • 7.5.3. Determining Encryption Requirements
    • 7.5.4. Selecting, Integrating, and Managing Encryption Technologies

Module 8: Virtualisation Security

  • 8.1. Virtualisation Overview
  • 8.2. Virtualisation Risks
  • 8.3. Virtualisation Security Concerns
  • 8.4. Virtualisation Security Controls
  • 8.5. Virtualisation Security Reference Model

Module 9: Cloud Computing Security

  • 9.1. Overview of Cloud Computing
  • 9.2. Security and Resiliency Cloud Services
  • 9.3. Cloud Security Concerns
  • 9.4. Cloud Security Controls
  • 9.5. Cloud Computing Protection Considerations

Module 10: Transformative Technologies

  • 10.1. Artificial Intelligence
  • 10.2. Augmented Reality
  • 10.3. Autonomous SOC
  • 10.4. Dynamic Deception
  • 10.5. Software-Defined Cybersecurity

Domain 5: Strategic Planning, Finance, Procurement and Vendor Management

Module 1: Strategic Planning

  • 1.1. Understanding the Organisation
    • 1.1.1. Understanding the Business Structure
    • 1.1.2. Determining and Aligning Business and Information Security Goals
    • 1.1.3. Identifying Key Sponsors, Stakeholders, and Influencers
    • 1.1.4. Understanding Organisational Financials
  • 1.2. Creating an Information Security Strategic Plan
    • 1.2.1. Strategic Planning Basics
    • 1.2.2. Alignment to Organisational Strategy and Goals
    • 1.2.3. Defining Tactical Short, Medium, and Long-Term Information Security Goals
    • 1.2.4. Information Security Strategy Communication
    • 1.2.5. Creating a Culture of Security

Module 2: Designing, Developing, and Maintaining an Enterprise Information Security Program

  • 2.1. Ensuring a Sound Program Foundation
  • 2.2. Architectural Views
  • 2.3. Creating Measurements and Metrics
  • 2.4. Balanced Scorecard
  • 2.5. Continuous Monitoring and Reporting Outcomes
  • 2.6. Continuous Improvement
  • 2.7. Information Technology Infrastructure Library (ITIL) Continual Service Improvement (CSI)

Module 3: Understanding the Enterprise Architecture (EA)

  • 3.1. EA Types
    • 3.1.1. The Zachman Framework
    • 3.1.2. The Open Group Architecture Framework (TOGAF)
    • 3.1.3. Sherwood Applied Business Security Architecture (SABSA)
    • 3.1.4. Federal Enterprise Architecture Framework (FEAF)

Module 4: Finance

  • 4.1. Understanding Security Program Funding
  • 4.2. Analysing, Forecasting, and Developing a Security Budget
    • 4.2.1. Resource Requirements
    • 4.2.2. Define Financial Metrics
    • 4.2.3. Technology Refresh
    • 4.2.4. New Project Funding
    • 4.2.5. Contingency Funding
  • 4.3. Managing the information Security Budget
    • 4.3.1. Obtain Financial Resources
    • 4.3.2. Allocate Financial Resources
    • 4.3.3. Monitor and Oversight of Information Security Budget
    • 4.3.4. Report Metrics to Sponsors and Stakeholders
    • 4.3.5. Balancing the Information Security Budget

Module 5: Procurement

  • 5.1. Procurement Program Terms and Concepts
    • 5.1.1. Statement of Objectives (SOO)
    • 5.1.2. Statement of Work (SOW)
    • 5.1.3. Total Cost of Ownership (TCO)
    • 5.1.4. Request for Information (RFI)
    • 5.1.5. Request for Proposal (RFP)
    • 5.1.6. Master Service Agreement (MSA)
    • 5.1.7. Service Level Agreement (SLA)
    • 5.1.8. Terms and Conditions (T&C)
  • 5.2. Understanding the Organisation’s Procurement Program
    • 5.2.1. Internal Policies, Processes, and Requirements
    • 5.2.2. External or Regulatory Requirements
    • 5.2.3. Local Versus Global Requirements
  • 5.3. Procurement Risk Management
    • 5.3.1. Standard Contract Language

Module 6: Vendor Management

  • 6.1. Understanding the Organisation’s Acquisition Policies and Procedures
    • 6.1.1. Procurement Life cycle
  • 6.2. Applying Cost-Benefit Analysis (CBA) During the Procurement Process5
  • 6.3. Vendor Management Policies
  • 6.4. Contract Administration Policies
    • 6.4.1. Service and Contract Delivery Metrics
    • 6.4.2. Contract Delivery Reporting
    • 6.4.3. Change Requests
    • 6.4.4. Contract Renewal
    • 6.4.5. Contract Closure
  • 6.5. Delivery Assurance
    • 6.5.1. Validation of Meeting Contractual Requirements
    • 6.5.2. Formal Delivery Audits
    • 6.5.3. Periodic Random Delivery Audits
    • 6.5.4. Third-Party Attestation Services (TPRM)

 

Show moredowndown
Enquire now

Who should attend this Certified Chief Information Security Officer Certification?

This CCISO Training is tailored for experienced professionals aiming to elevate their careers by leading cybersecurity strategies at an organisational level. It's ideal for those looking to gain a comprehensive understanding of the complexities of information security management and governance. It is particularly beneficial for:

  • Chief Information Security Officers
  • IT Directors
  • Security Analysts
  • Network Architects
  • Security Architects
  • Senior IT Managers
  • Compliance Officers

Prerequisites of the Certified Chief Information Security Officer Certification

To attend the CCISO Training, delegates should meet the following prerequisites:

  • Professional Experience: Delegates must have five years of experience in three of the five CCISO Domains:
  1. Governance, Risk, Compliance
  2. Information Security Controls and Audit Management
  3. Security Program Management & Operations
  4. Information Security Core Competencies
  5. Strategic Planning, Finance, Procurement, and Third-Party Management

 

  • Educational Background: A bachelor's degree or higher in Information Technology, Computer Science, or a related field is highly recommended, though extensive relevant experience may substitute for formal education in some cases.

Certified Chief Information Security Officer Certification Course Overview

The role of a Chief Information Security Officer (CISO) is pivotal in shaping the cybersecurity landscape of modern enterprises. As cyber threats evolve in complexity and scale, the need for strategic and knowledgeable leadership in the field of information security has never been more critical. The CCISO Training equips professionals with the necessary skills to assume top-tier security roles within organisations.

Understanding the full scope of information security management is essential for those who protect organisations from cyber threats. The CCISO Course is designed for senior-level professionals committed to advancing their expertise in cybersecurity management, strategy, and governance. It's particularly crucial for those aspiring to leadership roles where they will dictate security policies and frameworks.

This 5-day CCISO Training provided by The Knowledge Academy offers intensive, focused instruction that prepares delegates for high-stakes roles in cybersecurity leadership. Delegates will gain insights into the latest security challenges and best practices, enhancing their strategic decision-making and leadership capabilities in information security, all condensed into an efficient one-day format.

Course Objectives

  • To deepen understanding of strategic cybersecurity leadership
  • To master governance, risk management, and compliance
  • To develop skills for managing robust security programs
  • To apply strategies in real-world scenarios
  • To prepare for senior roles and certification success

Upon completion of the CCISO Training, delegates will have acquired the strategic insights and practical tools necessary for leading complex security initiatives. They will be better positioned to influence their organisations' security strategies and contribute effectively at the highest levels of leadership.

Show moredowndown

What’s included in this Certified Chief Information Security Officer Certification?

  • Certified Chief Information Security Officer Exam
  • World-Class Training Sessions from Experienced Instructors
  • CCISO Certification
  • Digital Delegate Pack

Show moredowndown

Why choose us

Ways to take this course

Experience live, interactive learning from home with The Knowledge Academy's Online Instructor-led Certified Chief Information Security Officer Certification. Engage directly with expert instructors, mirroring the classroom schedule for a comprehensive learning journey. Enjoy the convenience of virtual learning without compromising on the quality of interaction.

Virtual_Works_on_all_devices-min
Virtual_Recording_&_transcripts-min
Virtual_whiteboard-min
Virtual_See_trainers_screen-min
Virtual_Share_documents-min
Enquire now
Learn more in our FAQs image image

Unlock your potential with The Knowledge Academy's Certified Chief Information Security Officer Certification, accessible anytime, anywhere on any device. Enjoy 90 days of online course access, extendable upon request, and benefit from the support of our expert trainers. Elevate your skills at your own pace with our Online Self-paced sessions.

online_certificates
online_immediate access
online_work_all
online_exams_included
image
Enquire now
Learn more in our FAQs image image

Experience the most sought-after learning style with The Knowledge Academy's Certified Chief Information Security Officer Certification. Available in 490+ locations across 190+ countries, our hand-picked Classroom venues offer an invaluable human touch. Immerse yourself in a comprehensive, interactive experience with our expert-led Certified Chief Information Security Officer Certification sessions.

best_trainers

Highly experienced trainers

Boost your skills with our expert trainers, boasting 10+ years of real-world experience, ensuring an engaging and informative training experience

venues

State of the art training venues

We only use the highest standard of learning facilities to make sure your experience is as comfortable and distraction-free as possible

small_classes

Small class sizes

Our Classroom courses with limited class sizes foster discussions and provide a personalised, interactive learning environment

value_for_money

Great value for money

Achieve certification without breaking the bank. Find a lower price elsewhere? We'll match it to guarantee you the best value

Enquire now
Learn more in our FAQs image image

Streamline large-scale training requirements with The Knowledge Academy’s In-house/Onsite Certified Chief Information Security Officer Certification at your business premises. Experience expert-led classroom learning from the comfort of your workplace and engage professional development.

tailored_learning_experience

Tailored learning experience

Leverage benefits offered from a certification that fits your unique business or project needs

budget

Maximise your training budget

Cut unnecessary costs and focus your entire budget on what really matters, the training.

team_building

Team building opportunity

Our Certified Chief Information Security Officer Certification offers a unique chance for your team to bond and engage in discussions, enriching the learning experience beyond traditional classroom settings

monitor_progress

Monitor employees progress

The course know-how will help you track and evaluate your employees' progression and performance with relative ease

Enquire now
Learn more in our FAQs image image

What our customers are saying

Certified Chief Information Security Officer Certification FAQs

Please arrive at the venue at 8:45am.

We are able to provide support via phone & email prior to attending, during and after the course.

Delegate pack consisting of course notes and exercises, Manual, Experienced Instructor, and Refreshments

This course is [5] day(s)

Once your booking has been placed and confirmed, you will receive an email which contains your course location, course overview, pre-course reading material (if required), course agenda and payment receipts

The training fees for Certified Chief Information Security Officer Certification certification in the United Kingdom starts from £4995

The Knowledge Academy is the Leading global training provider for Certified Chief Information Security Officer Certification.

Please see our EC – Council Certification Training courses available in the United Kingdom
Show more down
Enquire now

Why choose us

icon

Best price in the industry

You won't find better value in the marketplace. If you do find a lower price, we will beat it.

icon

Many delivery methods

Flexible delivery methods are available depending on your learning style.

icon

High quality resources

Resources are included for a comprehensive learning experience.

barclays Logo
deloitte Logo
Thames Water Logo

"Really good course and well organised. Trainer was great with a sense of humour - his experience allowed a free flowing course, structured to help you gain as much information & relevant experience whilst helping prepare you for the exam"

Joshua Davies, Thames Water

santander logo
bmw Logo
Google Logo

Related courses

Certified EU General Data Protection Regulation (EU GDPR) Foundation and Practitionernext CISSP Certificationnext CISA Certified Information Systems Auditornext CISM Certified Information Security Managernext CCSP Certified Cloud Security Professionalnext

Looking for more information on EC – Council Certification Training?

Certified Chief Information Security Officer Certification in United Kingdom

LeedsimageLondonimageBirminghamimageBristolimageMilton KeynesimageManchesterimageReadingimageGlasgowimageEdinburghimageSouthamptonimageVirtualimageBathimageLiverpoolimageNottinghamimageBedfordimageBoltonimageNewcastleimageBrightonimageBournemouthimageBracknellimageCardiffimageBromleyimageCambridgeimageBurton Upon TrentimageNorwichimageBuxtonimageSheffieldimageBelfastimageDublinimageCanterburyimageAberdeenimageMaidstoneimageCarlisleimageChathamimageChelmsfordimageChesterimageChichesterimageChorleyimageCirencesterimageColchesterimageCorbyimageCoventryimageCreweimageDarlingtonimageDerbyimageDoncasterimageDundeeimageDunfermlineimageExeterimageFleetimageGatwickimageGloucesterimageGuildfordimageHarrogateimageHeathrowimageHigh WycombeimageHinckleyimageInvernessimageIpswichimageKingston upon HullimageLincolnimageLeicesterimageLutonimageMiddlesbroughimageNorthamptonimageOxfordimagePeterboroughimagePlymouthimagePooleimagePortsmouthimagePrestonimageSloughimageSolihullimageStoke-on-TrentimageSunderlandimageSwanseaimageSwindonimageTeessideimageTonbridgeimageWakefieldimageWarringtonimageWarwickimageWatfordimageWindsor TownimageWokinghamimageWolverhamptonimageWorcesterimageWrexhamimageYorkimage
backBack to course information

DELIVERY METHOD

Online Instructor-led Online Self-paced Classroom Onsite

Get a custom course package

We may not have any package deals available including this course. If you enquire or give us a call on 01344203999 and speak to our training experts, we should be able to help you with your requirements.

Enquire now
Enquire now Book now

Limited budget?

To help and support our clients we are providing a limited number of 250 daily discount codes. Hurry, first come, first served!
warning If you miss out, enquire to get yourself on the waiting list for the next day!
Enquire now for code(78 left)
cross

OUR BIGGEST SPRING SALE!

Special Discounts

red-starWHO WILL BE FUNDING THE COURSE?

We cannot process your enquiry without contacting you, please tick to confirm your consent to us for contacting you about your enquiry.

By submitting your details you agree to be contacted in order to respond to your enquiry.

What are you looking for?
close

close

Or select from our popular topics

Press esc to close

close

close

Talk to a learning expert

Fill out your contact details below and our training experts will be in touch.

alertIf you wish to make any changes to your course, please log a ticket and choose the category ‘booking change’

Fill out your  contact details  below

WHO WILL BE FUNDING THE COURSE?

+44

By submitting your details you agree to be contacted in order to respond to your enquiry

close

close

Press esc to close

close

close

Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.

Close
close

close

Press esc to close

close close

Back to course information

Thank you for your enquiry!

One of our training experts will be in touch shortly to go overy your training requirements.

Close
close close

Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.

Close

We use cookies that are essential for our site to work. Please visit our cookie policy for more information. To accept all cookies click 'Accept & close'.

Accept & close