Duration: 5 Days
Course Overview
The Certified CISO (CCISO) EC-Council program is the first of its kind training and certification program aimed at producing top-level information security executives. The CCISO does not focus solely on technical knowledge but on applying information security management principles from an executive management point of view. Each segment of the program has been developed with the aspiring CISO in mind and looks to transfer the knowledge of seasoned professionals to the next generation in the most critical areas in developing and maintaining a successful information security program.
U.S. DoDM 8140.03
APPROVED BY DEPARTMENT OF DEFENSE
COURSE OBJECTIVES
In this CISO training, you will learn how to:
• Prepare for the CCISO exam.
• Navigate the day-to-day responsibilities of a CISO.
• Consider the technical aspects of the CISO role from an executive perspective.
• Plan security and financial strategies.
• Align CISO tasks with business goals and risk tolerance.
Course Content
EC-Council Certified CISO Training CCISO v3:
Domain 1: Governance (Policy, Legal, and Compliance)
• Information Security Management Program
• Defining an Information Security Governance Program
• Regulatory and Legal Compliance
• Risk Management
Domain 2: IS Management Controls and Auditing Management
• Designing, deploying, and managing security controls
• Understanding security controls types and objectives
• Implementing control assurance frameworks
• Understanding the audit management process
Domain 3: Security Program Management & Operations
• The role of the CISO
• Information Security Projects
• Integration of security requirements into other operational processes (change management, version control, disaster recovery, etc.)
Domain 4: Information Security Core Concepts
• Access Controls
• Physical Security
• Disaster Recovery and Business Continuity Planning
• Network Security
• Threat and Vulnerability Management
• Application Security
• System Security
• Encryption
• Vulnerability Assessments and Penetration Testing
• Computer Forensics and Incident Response
Domain 5: Strategic Planning, Finance, & Vendor Management
• Security Strategic Planning
• Alignment with business goals and risk tolerance
• Security emerging trends
• Key Performance Indicators (KPI)
• Financial Planning
• Development of business cases for security
• Analyzing, forecasting, and developing a capital expense budget
• Analyzing, forecasting, and developing an operating expense budget
• Return on Investment (ROI) and cost-benefit analysis
• Vendor management
• Integrating security requirements into the contractual agreement and procurement process
COURSE PREREQUISITES
Five years of IS management experience in each of the 5 CCISO domains verified via the Exam Eligibility Application: https://ciso.eccouncil.org/contact/
TEST CERTIFICATION
In order to sit the exam, you must have five years of IS management experience in each of the 5 CCISO domains.
Once the application has been approved, instructions for purchasing a Pearson VUE voucher will be issued. Applicants who do not meet these requirements can sit for the EC-Council Information Security Manager (E|ISM) exam as part of the Associate CCISO Program.
This is an EC-Council certification prep course.