Price: $3499.00

You are not yet enrolled in this course.

Date: TBD
Location: TBD
Sessions: 5 Sessions
Class time: 8:30AM-4:30PM
Instructional Method: Instructor Led Classroom or Live Virtual

Course Description:

The CCISO Certification is an industry-leading program that recognizes the real-world experience necessary to succeed at the highest executive levels of information security. Bringing together all the components required for a C-Level positions, the CCISO program combines audit management, governance, IS controls, human capital management, strategic program development, and the financial expertise vital to leading a highly successful IS program.

Material in the CCISO Program assumes a high-level understanding of technical topics and doesn’t spend much time on strictly technical information, but rather on the application of technical knowledge to an information security executive’s day-to-day work. The CCISO aims to bridge the gap between the executive management knowledge that CISOs need and the technical knowledge that many aspiring CISOs have. This can be a crucial gap as a practitioner endeavors to move from mid-management to upper, executive management roles. Much of this is traditionally learned as on the job training, but the CCISO Training Program can be the key to a successful transition to the highest ranks of information security management.

Certification Exam

  • In order to qualify to sit for the CCISO Exam without taking any training, candidates must have five years of experience in each of the 5 CCISO domains verified via the Exam Eligibility Application
  • To sit for the exam after taking training, candidates must have five years of experience in three of the five CCISO Domains verified via the Exam Eligibility Application

Course Outline: 

CCISO Domains 

Domain 1 Governance (Policy, Legal, and Compliance) 
Domain 2 IS Management Controls and Auditing Management 
(Projects, Technology, and Operations) 
Domain 3 Management – Projects and Operations 
Domain 4 Information Security Core Concepts 
Domain 5 Strategic Planning and Finance 

Domain 1 – Governance (Policy, Legal, and Compliance) 

The first Domain of the C|CISO program is concerned with the following: 

  • Information Security Management Program 
  • Defining an Information Security Governance Program 
  • Regulatory and Legal Compliance 
  • Risk Management 

Domain 2 – IS Management Controls and Auditing Management (Projects, Technology, and Operations) 

Domain 2 of the CCISO program, one of the cornerstones of any information security program, is concerned with the following: 

  • Designing, deploying, and managing security controls 
  • Understanding security controls types and objectives 
  • Implementing control assurance frameworks 
  • Understanding the audit management process 

Domain 3 – Management – Projects and Operations 

Domain 3 of the C|CISO program covers the day-to-day responsibilities of a CISO, including: 

  • The role of the CISO 
  • Information Security Projects 
  • Integration of security requirements into other operational processes (change management, version control, disaster recovery, etc.) 

Domain 4 – Information Security Core Competencies 

Domain 4 of the CCISO program covers, from an executive perspective, the technical aspects of the CISO job including: 

  • Access Controls 
  • Physical Security 
  • Disaster Recovery and Business Continuity Planning 
  • Network Security 
  • Threat and Vulnerability Management 
  • Application Security 
  • System Security 
  • Encryption 
  • Vulnerability Assessments and Penetration Testing 
  • Computer Forensics and Incident Response 

Domain 5 – Strategic Planning and Finance 

Domain 5 of the CCISO program is concerned with the area with which many more technically inclined professionals may have the least experience, including: 

  • Security Strategic Planning 
  • Alignment with business goals and risk tolerance 
  • Security emerging trends 
  • Key Performance Indicators (KPI) 
  • Financial Planning 
  • Development of business cases for security 
  • Analyzing, forecasting, and developing a capital expense budget 
  • Analyzing, forecasting, and developing an operating expense budget 
  • Return on Investment (ROI) and cost-benefit analysis 
  • Vendor management 
  • Integrating security requirements into the contractual agreement and procurement process 

Taken together, these five Domains of the C|CISO program translate to a thoroughly knowledgeable, competent executive information security practitioner. 

Waivers for the CCISO are available to Self Study Candidates 

Domain Professional Certification Waivers Education Waivers 
1. Governance (Policy, Legal & Compliance) CGEIT, CRISC 2 – years Ph.D. Information Security – 3 years, MS Information Security Management, MS Information Security Engineering – 2 years, BS Information Security – 2 years 
2. IS Management Controls and Auditing Management (Projects, Technology & Operations) CISA, CISM – 2 years Ph.D. Information Security – 3 years, MS Information Security Management, MS Information Security Engineering – 2 years, BS Information Security – 2 years 
3. Leadership – Projects & Operations PMP, ITIL, PM in IT Security – 2 years Ph.D. Information Security – 3 years, MS Information Security or MS Project Management – 2 years, BS Information Security – 2 years 
4. Information Security Core Competencies CISSP, LPT, E|DRP, CIPP, MBCP – 2 years Ph.D. Information Security – 3 years, MS Information Security – 2 years, BS Information Security – 2 years 
5. Strategic Planning & Finance None CPA, MBA, M. Fin. – 3 years 

Prerequisites:

None to take the course but to sit the exam there are experience requirements.  See exam criteria above.