top of page
Training Course Page.webp

Certified Information Security Manager

CISM

Prepare for the globally recognized ISACA CISM certification. This course covers security governance, risk, program management, and incident response — all from a leadership lens.

Fees:

RM 9,000.00

Course duration:

4 days

HRDC Claimable Course.webp

Step up from security technician to strategic security leader.

Learn how to govern, build, and manage enterprise-grade security programs.

Become the trusted CISM-certified professional who speaks the language of business and security.

Course Overview

Information security management is more than just firewalls — it’s about aligning IT risk with business strategy, building effective security programs, and managing incidents across the enterprise.


This 4-day instructor-led course is designed for IT professionals preparing for the ISACA CISM (Certified Information Security Manager) exam. Covering security governance, risk management, program design, and incident response, the course blends strategy with compliance, real-world case studies, and hands-on decision-making.


You’ll gain the leadership mindset required to manage complex security operations while preparing for one of the most respected credentials in the cybersecurity industry.

Learning Objectives

  • Aligning security strategy with enterprise governance

  • Building and managing security programs

  • Performing risk assessments and treatment

  • Creating and executing incident response plans

  • Managing compliance, audit, and regulatory frameworks

  • Measuring security performance using metrics

  • Leading security teams and reporting to senior leadership

Who Should Attend

  • IT professionals moving into leadership or management roles

  • Security managers, architects, and engineers seeking certification

  • CISSP, CISA holders expanding into security program governance

  • Mid-career professionals pursuing ISACA’s CISM credential

Prerequisites

  • Minimum 5 years in information security, with at least 3 years in a management role

  • Experience waivers may apply for up to 2 years based on qualifications (per ISACA guidelines)

Course Modules

Module 1: Information Security Governance

  • Governance structures, roles, compliance, strategic planning, frameworks, and legal obligations.


Module 2: Information Security Risk Management

  • Threat landscape, vulnerability analysis, risk assessments, treatment options, and reporting.

Module 3: Security Program Development and Management

  • Program roadmaps, frameworks, integration with IT ops, stakeholder comms, and performance tracking.


Module 4: Incident Management

  • Response plans, classification, containment, forensics, disaster recovery, and continuity planning.

Public Class Details

Professional Outcomes

This certification supports roles such as Information Security Manager, IT Risk Leader, Cybersecurity Program Director, or GRC Consultant — high-impact positions trusted with securing the enterprise.

Certification Details

Overview

As a candidate for this certification, you:

  • Align security practices with organizational strategy and compliance

  • Evaluate, design, and manage security programs and controls

  • Perform risk assessments and implement risk treatment plans

  • Lead incident response efforts including recovery and stakeholder communication

  • Operate within global standards and governance frameworks


You are expected to be proficient in:

  • Security governance, policy development, and leadership

  • Risk analysis, audit alignment, and metrics

  • Regulatory requirements and enterprise security architecture

  • Crisis communication and incident forensics


Skills Measured

  • Information Security Governance

  • Information Security Risk Management

  • Information Security Program Development & Management

  • Incident Management & Response


Certification Logistics

  • Certification Body: ISACA

  • Exam Code: CISM

  • Format: 150 multiple-choice questions

  • Duration: 4 hours

  • Passing Grade: 70%

  • Delivery: Online proctored or at PSI testing centers

Frequently Asked Questions

Is this course aligned with the latest ISACA CISM exam?

Yes. The content covers all four CISM domains as defined in the current ISACA exam outline.

Do I need security technical experience?

Management-level experience is more relevant than hands-on technical work for CISM.

Is this more strategic or hands-on?

Strategic. The course focuses on governance, risk, and leadership — not technical configurations.

Can I claim CPEs for this course?

Yes. You can apply the training hours as CPEs toward ISACA or other certifications.

Is this course HRDC claimable?

Yes. Fully HRD Corp claimable for Malaysian employers.

Can I organize this for my IT/security team?

Yes. GemRain offers private and virtual sessions for corporate training.

Do I get a certificate of attendance?

Yes.


Contact Us

Enquiring as:

Successfully submitted. We will contact you soon.

bottom of page