EC-Council Certified Chief Information Security Officer (C|CISO)
In this course, students will learn in-depth content in each of the 5 CCISO Domains. The CCISO Certification is an industry-leading program that recognizes the real-world experience necessary to succeed at the highest executive levels of information security. Bringing together all the components required for a C-Level positions, the CCISO program combines audit management, governance, IS controls, human capital management, strategic program development, and the financial expertise vital to leading a highly successful IS program. The job of the CISO is far too important to be learned by trial and error. Executive level management skills are not areas that should be learned on the job. Material in the CCISO Program assumes a high-level understanding of technical topics and doesn’t spend much time on strictly technical information, but rather on the application of technical knowledge to an information security executive’s day-to-day work. The CCISO aims to bridge the gap between the executive management knowledge that CISOs need and the technical knowledge that many sitting and aspiring CISOs have. This can be a crucial gap as a practitioner endeavors to move from mid-management to upper, executive management roles. Much of this is traditionally learned as on the job training, but the CCISO Training Program can be the key to a successful transition to the highest ranks of information security management.
This course is designed for the aspiring or sitting upper-level manager striving to advance his or her career by learning to apply their existing deep technical knowledge to business problems.
The CCISO program is for executives looking to hone their skills & learn to better align their information security programs to the goals of organization as well as aspiring CISOs.
The EC-Council Certified Chief Information Security Officer (CCISO) class does not have any prerequisites to attend the course. However, to take the CCISO exam, you must meet the following requirements.
- Experience: You must have at least five years of experience in three of the five C|CISO domains.
- Application: You must submit the EC-Council's exam eligibility application. You can find the application in your online learning environment.
- Training: If you have experience in three or four of the domains, you must take a training course. If you have experience in all five domains, you do not need to take the training course.
- Define, Implement, Manage, and Maintain an Information Security Governance Program
- Information Security Drivers
- Establishing an information security management structure
- Laws/Regulations/Standards as drivers of Organizational Policy/ Standards/ Procedures
- Managing an enterprise information security compliance program
- Risk Management
- Risk mitigation, risk treatment, and acceptable risk
- Risk management frameworks
- NIST
- Other Frameworks and Guidance (ISO 31000, TARA, OCTAVE, FAIR, COBIT, and ITIL)
- Risk management plan implementation
- Ongoing third-party risk management
- Risk management policies and processes
- Information Security Controls
- Compliance Management
- Guidelines, Good and Best Practices
- Audit Management
- Program Management
- Operations Management
- Access Controls
- Physical Security
- Network Security
- Endpoint Protection
- Application Security
- Encryption Technologies
- Virtualization Security
- Cloud Computing Security
- Transformative Technologies
- Strategic Planning
- Designing, Developing, and Maintaining an Enterprise Information Security Program
- Understanding the Enterprise Architecture (EA)
- Finance
- Procurement
- Vendor Management