Certified Chief Information Security Officer CCISO

In this course, you will learn in-depth content in each of the 5 CCISO Domains:
Domain 1: Governance (Policy, Legal & Compliance)

• The first Domain of the C|CISO program is concerned with the following:
• Information Security Management Program
•  Defining an Information Security Governance Program
•  Regulatory and Legal Compliance
•  Risk Management

Domain 2 -­‐ IS Management Controls and Auditing Management

•  Designing, deploying, and managing security controls
•  Understanding security controls types and objectives
•  Implementing control assurance frameworks
•  Understanding the audit management process

Domain 3 of the C|CISO program covers the day-­‐to-­‐day responsibilities of a CISO, including:

•  The role of the CISO
•  Information Security Projects
•  Integration of security requirements into other operational processes (change management, version
  control, disaster recovery, etc.)

Domain 4 of the CCISO program covers, from an executive perspective, the technical aspects  of the CISO job including:

•  Access Controls
•  Physical Security
•  Disaster Recovery and Business Continuity Planning
•  Network Security
•  Threat and Vulnerability Management
•  Application Security
•  System Security
•  Encryption
•  Vulnerability Assessments and Penetration Testing
•  Computer Forensics and Incident Response

Domain 5 of the CCISO program is concerned with the area with which many more  technically inclined professionals may have the least experience, including:

• Security Strategic Planning
• Alignment with business goals and risk tolerance
• Security emerging trends
• Key Performance Indicators (KPI)
•  Financial Planning
• Development of business cases for security
• Analyzing, forecasting, and developing a capital expense budget
• Analyzing, forecasting, and developing an operating expense budget
• Return on Investment (ROI) and cost-benefit analysis
• Vendor management
•  Integrating security requirements into the contractual agreement and procurement process

Taken together, these five Domains of the C|CISO program translate to a thoroughly  knowledgeable, competent executive information security practitioner.

This CCISO Certification Training course reviews all 5 of the comprehensive domains that were created by EC-Council for CCISO, ensuring our students successfully prepare for the CCISO certification exam while also enhancing their overall competencies in information security management.

• Domain 1: Governance
• Domain 2: Security Risk Management, Controls, and Audit Management
• Domain 3: Security Program Management and Operations
• Domain 4: Information Security Core Concepts
• Domain 5: Strategic Planning, Finance, and Vendor Management

To sit for the exam after taking training, candidates must have five years of experience in three of the five CCISO Domains verified via the Exam Eligibility Application.

1. Governance and Risk Management (Policy, Legal, and Compliance) CGEIT, CRISC 2 – years
2. Information Security Controls, Compliance, and Audit Management CISA, CISM – 2 years
3. Security Program Management & Operations PMP, ITIL, PM in IT Security – 2 years
4. Information Security Core Competencies CISSP, LPT, E|DRP – 2 years
5. Strategic Planning, Finance, Procurement, and Vendor Management