CCISO Certification Course Overview
Choose Your Preferred Learning Mode
Looking for a customized training?
CCISO Online Training Curriculum
Governance (Policy, Legal, and Compliance)
- Defining Information Security Management and Governance Program
- Regulatory Compliance
- Legal Compliance
- Risk Management
- Program that includes leadership, organizational structures and processes they help program to Define, implement, manage and maintain an information security governance.
- Establish information security management structure.
- Establish a framework
- Understand the enterprise information security and manage compliance program
- Analyze all the external laws, regulations, standards, and best practices applicable to the organization should be analyzed
- Such as Gramm-Leach-Bliley Act, Family Educational Rights and Privacy Act, Health Insurance Portability and Accountability Act [HIPAA], Federal Information Security are Understand by the various provisions of the laws that affect the organizational security
- Understand the federal and organization documents to manage
IS Management Controls and Auditing Management
- Designing, deploying, and managing security controls
- Understanding security controls types and objectives
- Implementing control assurance frameworks
- Understanding the audit management process
- Design information systems controls in alignment with
- The operational needs and goals designs systems that control alignment with
- It controls to mitigate risk by designing and implementing on it.
- Design and implement processes to deficiencies and evaluate problem management practices
- Assess and implement tools
- Techniques to automate information systems
- To ensure that the processes for information systems operations, maintenance and support meet the organization’s strategies produce information systems control status reports
- Auditing Management
Security Program Management & Operations
- Role of the CISO and information Security Projects
- Into other operational processes such as change management, version control, disaster recovery, etc. are Integration of security requirements
- Project develop a clear project scope for each information systems
- Develop, manage and monitor the individual projects.
- Resources needed for successful design you need to
- Program like people, infrastructure, and identify, negotiate, acquire and manage for implementing information.
- Evaluate the project management practices
- Continuously measure the effectiveness by developing plan
- Identify stakeholders, manage stakeholders’
- expectations and communicate effectively
- Ensure necessary changes and improvements to the information systems
Information Security Core Concepts
- Identify the criteria for mandatory control
- Helps in implementation access control, understand the different factors
- Design an access control plan.
- Implement and manage alignment with the basic principles such as ID cards and biometrics
- Develop procedures to ensure systems
- Social Engineering, Phishing Attacks, Identity Theft understand various social engineering concepts and role in insider attacks
- Develop best practices to counter attacks
- The physical security audit and update issues should be managed properly.
- Establish security performance
- The risk mitigation and risk treatment processes should be identified
- Understand the concept of acceptable risk.
Strategic Planning, Finance, & Vendor Management
- Security Strategic Planning
- Arrangement with business goals
- Risk tolerance
- Security emerging trends
- Key Performance Indicators (KPI)
- Financial Planning
- Development of business
- Analyzing, forecasting, developing a capital expense budget and an operating expense budget
CCISO Certification Prerequisites
Assets attained after completion of the courseThis certification includes leadership, organizational structures and other processes like defining, implementing and managing an information security governance program about it: Further, get to know about it in brief--
- A program to monitor firewalls
- Identify firewall configuration issues.
- Identify vulnerability and attacks
- Manage different wireless network security tools
- Understand anti-virus systems.
- Risk factors for compliance.
- Various system-engineering practices.
- Develop and manage digital forensic program.
- To acquire, store and process digital evidence identify best bootcamps and practices.
- Define key performance indicators
- Measure effectiveness continuously
CCISO Exam Format
|Number of Questions||150 questions|
|Question Format||Multiple Choice|
|Passing Score||60% to 85% depending upon exam form|
|Availability||ECC Exam Portal|
|Format||Scenario-based Multiple Choice|
Frequently Asked Questions (FAQ)
EC-Council Authorized applicants who are not attending training for this exam must have five years of experience in each of the five CCISO Domains but overlapping experience is accepted.
Valid for a one year.
Along with the CCISO Exam Eligibility Application, fee of $100 has to be submitted for CCISO certification exam.
To apply for the CCISO Exam, applicants need to fill out the CCISO Exam Eligibility Application and then email it on official website firstname.lastname@example.org.
Candidates must satisfy the Continuing Education requirements and remit a renewal fee of $100.00 (USD) for renewing the certification.
Candidates can take the training even without having the required experience candidates can take training but they will not qualify to take the CCISO Exam. Also, it would not be issued on exam voucher. EC-Council Information Security Manager (EISM) exam after CCISO training is for candidates didn’t gained experience.