Cism Certification: Domain 1 & 2 | Platinum Video Series

Develop strategic expertise in cybersecurity governance and risk management with CISM Domains 1 & 2.

What you'll learn

Prepare for the CISM certification exam by mastering Domain 1 & 2

Define and establish information security strategies in alignment with business objectives.

Develop and maintain a security governance framework and supporting processes.

Ensure that information security roles and responsibilities are clearly defined and communicated.

Integrate governance into the enterprise architecture and culture to ensure consistent enforcement.

Identify and evaluate information security risks based on business impact.

Establish and maintain a risk management program that supports business continuity and compliance.

Implement risk mitigation strategies and monitor their effectiveness over time.

Requirements

A basic understanding of Information Systems, including IT infrastructure and cybersecurity principles, is desirable. This foundation helps grasp the strategic and managerial aspects of the CISM training.

Description

Welcome!This course is carefully designed to guide you through Domain 1: Information Security Governance and Domain 2: Information Security Risk Management of the CISM Certification [ Certified Information Security Manager ]. These two foundational domains provide the strategic insight and risk-focused mindset essential for leading in today’s complex cybersecurity landscape.What You Will LearnHow to establish and align security governance with business objectivesKey frameworks, policies, and roles in information security governanceBuilding and maintaining a risk management programIn this course, we’ll explore the foundations of Domain 1 - Information Security Governance and how it aligns with organizational goals. In Domain 1 we cover:Key governance concepts, frameworks, and strategic alignmentThe role of executive leadership, steering committees, and security stakeholdersHow to build and manage a security strategy and governance structureIntegration of GRC (Governance, Risk, Compliance) into security programsThe responsibilities of security roles and effective reporting practicesHow to create a culture of security and ensure leadership oversightIn Domain 2, we focus on building a deep understanding of Information Security Risk Management and its role in protecting organizational assets. In Domain 2 we cover:Core risk management concepts, including threats, vulnerabilities, and controlsHow to identify, assess, evaluate, and treat information security risksThe risk management lifecycle and integration with enterprise risk frameworksRisk analysis techniques (qualitative and quantitative) and key metricsSecurity strategies such as defense in depth, zero trust, and ROSIRoles of stakeholders, governance structures, and senior leadership involvementManaging compliance, audits, incident response, and business continuityKey human, organizational, and cloud-related risk considerationsEnroll now and move closer to becoming a certified security leader!

Overview

Section 1: CISM - Domain 1 - Information Security Governance

Lecture 1 GOVERNANCE CONCEPT

Lecture 2 PURPOSE OF GOVERNANCE

Lecture 3 CORE GOVERNANCE PRACTICES

Lecture 4 GOVERNANCE FRAMEWORK

Lecture 5 BOARD OF DIRECTORS’ ROLE

Lecture 6 LEADERSHIP AND STRUCTURE

Lecture 7 STRATEGIC OBJECTIVES AND ALIGNMENT

Lecture 8 ALIGNMENT EXAMPLES

Lecture 9 BENEFITS OF EFFECTIVE GOVERNANCE

Lecture 10 IMPACT OF POOR GOVERNANCE

Lecture 11 GOVERNANCE COMMITTEES: ROLE AND VALUE

Lecture 12 IT STRATEGY COMMITTEE

Lecture 13 IT STEERING COMMITTEE

Lecture 14 PROJECT STEERING COMMITTEE

Lecture 15 SECURITY STEERING COMMITTEE

Lecture 16 COMMITTEE SUMMARY

Lecture 17 ORGANIZATIONAL STRUCTURE AND GOVERNANCE

Lecture 18 REPORTING BEST PRACTICES

Lecture 19 INFORMATION SECURITY GOVERNANCE

Lecture 20 ALIGNING SECURITY WITH BUSINESS STRATEGY

Lecture 21 CRITICAL ROLE OF SENIOR MANAGEMENT

Lecture 22 INFORMATION SECURITY VS. CYBERSECURITY

Lecture 23 CORE SECURITY RESPONSIBILITIES

Lecture 24 SECURITY INTEGRATION INTO PROJECTS

Lecture 25 BUILDING A SECURITY STRATEGY

Lecture 26 SECURITY ARCHITECTURE

Lecture 27 GRC (GOVERNANCE, RISK, COMPLIANCE)

Lecture 28 INFORMATION SECURITY’S ROLE IN GRC

Lecture 29 KEY GRC ACTIVITIES

Lecture 30 MAJOR SECURITY ROLES

Lecture 31 ROLE SEPARATION AND CONFLICT OF INTEREST

Lecture 32 SECURITY MANAGER: ROLES AND RESPONSIBILITIES

Lecture 33 SECURITY ORGANIZATIONAL STRUCTURES

Lecture 34 STEERING COMMITTEES AND DECISION-MAKING PROCESS

Lecture 35 RACI MATRIX

Lecture 36 RACI BENEFITS

Lecture 37 SECURITY PROGRAM OBJECTIVES

Lecture 38 BUILDING A SECURITY PROGRAM

Lecture 39 SENIOR MANAGEMENT: APPROVAL & OVERSIGHT

Lecture 40 ROLE OF BUSINESS FUNCTIONS

Lecture 41 GAP ANALYSIS

Lecture 42 GAP ANALYSIS PROCESS

Lecture 43 COMMON GAPS IDENTIFIED

Lecture 44 STRATEGY CONSIDERATIONS

Lecture 45 GOVERNANCE RISKS AND SECURITY CULTURE

Section 2: CISM - Domain 2 - Information Security Risk Management

Lecture 46 FUNDAMENTAL CONCEPTS RECAP

Lecture 47 VULNERABILITIES: DEFINITION AND TYPES

Lecture 48 CIA TRIAD: IMPORTANCE AND THREATS

Lecture 49 VULNERABILITY MANAGEMENT

Lecture 50 COMMON ATTACK EXAMPLES

Lecture 51 DENIAL OF SERVICE (DDoS)

Lecture 52 MALWARE

Lecture 53 ADVANCED MALWARE AND INFECTION TECHNIQUES

Lecture 54 ANTI-MALWARE PROTECTION MEASURES

Lecture 55 GLOBAL SECURITY BEST PRACTICES

Lecture 56 WEB APPLICATION SECURITY: OWASP FOCUS

Lecture 57 ENTERPRISE RISK MANAGEMENT

Lecture 58 RISK MANAGEMENT CYCLE

Lecture 59 RISK TYPES

Lecture 60 RISK CAPACITY, TOLERANCE, AND APPETITE

Lecture 61 RISK IDENTIFICATION TECHNIQUES

Lecture 62 ROLES OF DATA OWNERS AND RISK OWNERS

Lecture 63 RISK ANALYSIS: KEY STEPS

Lecture 64 RISK METRICS AND INDICATORS

Lecture 65 RISK ANALYSIS: TOOLS AND TECHNIQUES

Lecture 66 RISK EVALUATION

Lecture 67 RISK TREATMENT STRATEGIES

Lecture 68 RISK REPORTING AND MONITORING

Lecture 69 REFERENCE FRAMEWORKS: NIST, ISO ..

Lecture 70 RETURN ON SECURITY INVESTMENT (ROSI)

Lecture 71 DEFENSE IN DEPTH

Lecture 72 ZERO TRUST STRATEGY

Lecture 73 INCIDENT CASE STUDIES (LESSONS LEARNED)

Lecture 74 INCIDENT RESPONSE PLAN

Lecture 75 BUSINESS CONTINUITY AND CRISIS MANAGEMENT

Lecture 76 IT GENERAL CONTROLS

Lecture 77 SENIOR MANAGEMENT INVOLVEMENT

Lecture 78 SECURITY KPI & KRI

Lecture 79 SECURITY AUDITS AND REVIEWS

Lecture 80 BUSINESS ALIGNMENT

Lecture 81 HUMAN FACTORS

Lecture 82 TRAINING RETURN ON INVESTMENT

Lecture 83 LEADERSHIP BY EXAMPLE

Lecture 84 EXTERNAL AUDIT REQUIREMENTS

Lecture 85 IMPROVEMENT PLANS

Information Security Managers,Aspiring Information Security Managers,IT Security Consultants,Security Auditors,Risk Management Professionals,IT Managers / Project Managers,Chief Information Security Officers (CISOs),Compliance Officers,IT Governance Professionals,Business Continuity and Disaster Recovery Professionnals