Certified Chief Information Security Officer CCISO

Course Overview

EC-Council’s CCISO Program has certified leading information security professionals around the world. A core group of high-level information security executives, the CCISO Advisory Board, contributed by forming the foundation of the program and outlining the content that would be covered by the exam, body of knowledge, and training. Some members of the Board contributed as authors, others as exam writers, others as quality assurance checks, and still others as trainers. Each segment of the program was developed with the aspiring CISO in mind and looks to transfer the knowledge of seasoned professionals to the next generation in the areas that are most critical in the development and maintenance of a successful information security program.

The Certified CISO (CCISO) program is the first of its kind training and certification program aimed at producing top-level information security executives. The CCISO does not focus solely on technical knowledge but on the application of information security management principles from an executive management point of view. The program was developed by sitting CISOs for current and aspiring CISOs.

Course Duration

5 Days (40 Hours)

Target Audience

The Certified Chief Information Security Officer (CCISO) course is designed for senior-level information security executives.

Current Chief Information Security Officers (CISOs)

Vice Presidents of Information Security / Cybersecurity

Information Security Directors / Managers

Information Technology Directors / Managers responsible for IT security

Chief Information Officers (CIOs) involved in information security governance

Senior IT professionals aspiring to be CISOs

Information Security Consultants and Advisors

Senior Information Security Auditors

Information Security Analysts / Engineers with management aspirations

IT Risk Management Professionals

IT Governance Professionals

Compliance Officers dealing with information security requirements

IT/Information Security Leaders in charge of strategic planning

Information Security Incident Responders with senior management roles

Network Architects and Planners focusing on security infrastructure

Information Security Policy Makers

Senior System and Network Administrators

Information Security Training Professionals

Senior members of IT/Information Security law enforcement agencies

Entrepreneurs looking to gain knowledge in information security management

Learning Objectives

Develop and manage an information security governance program aligning with organizational goals and compliance requirements.

Understand and apply information security management and control frameworks, standards, and best practices including ISO 27000 series and FIPS.

Design and implement a comprehensive risk management program, identifying and mitigating risks while understanding acceptable risk levels.

Establish and maintain a disaster recovery and business continuity strategy that supports organizational resilience.

Develop and oversee a strategic plan for information security, integrated with business objectives and financial planning.

Manage and audit information systems controls to ensure integrity, confidentiality, and availability of information assets.

Lead information security projects effectively, ensuring they meet organizational objectives, budget, and timelines.

Gain proficiency in core information security competencies such as access control, network defense, and encryption technologies.

Conduct vulnerability assessments and penetration testing to identify security weaknesses and oversee the implementation of corrective measures.

Oversee computer forensics and incident response, ensuring proper handling of security incidents and legal compliance.

Course Content

Domain 1: Governance (Policy, Legal & Compliance)

The first Domain of the C|CISO program is concerned with the following:

Information Security Management Program

 Defining an Information Security Governance Program

 Regulatory and Legal Compliance

 Risk Management

Domain 2: IS Management Controls and Auditing Management

 Designing, deploying, and managing security controls

 Understanding security controls types and objectives

 Implementing control assurance frameworks

 Understanding the audit management process

Domain 3: of the C|CISO program covers the day-‐to-‐day responsibilities of a CISO, including:

 The role of the CISO

 Information Security Projects

 Integration of security requirements into other operational processes (change management, version
 control, disaster recovery, etc.)

Domain 4 of the CCISO program covers, from an executive perspective, the technical aspects  of the CISO job including:

 Access Controls

 Physical Security

 Disaster Recovery and Business Continuity Planning

 Network Security

 Threat and Vulnerability Management

 Application Security

 System Security

 Encryption

 Vulnerability Assessments and Penetration Testing

 Computer Forensics and Incident Response

Domain 5 of the CCISO program is concerned with the area with which many more  technically inclined professionals may have the least experience, including:

Security Strategic Planning

Alignment with business goals and risk tolerance

Security emerging trends

Key Performance Indicators (KPI)

 Financial Planning

Development of business cases for security

Analyzing, forecasting, and developing a capital expense budget

Analyzing, forecasting, and developing an operating expense budget

Return on Investment (ROI) and cost-benefit analysis

Vendor management

 Integrating security requirements into the contractual agreement and procurement process

Prerequisites

Attendees should meet the following prerequisites:

Candidates interested in earning the C|CISO Certification must qualify via EC- Council’s Exam Eligibility application before sitting for the C|CISO Exam. 

Only students with at least five years of experience in three of the five domains are permitted to sit for the C|CISO Exam. Any student who does not qualify to sit for the exam or who does not fill out the application will be permitted to take the EC-Council Information Security Manager (EISM) exam and earn that certification. 

EISMs may then apply for the CCISO Exam once they have achieved the required years of experience.

Course Agenda

Technical Requirement

Laptop with minimum 8GB Ram

Connected Monitor for iLabs.

Hi speed Internet Connection as All the labs it will be accessed through EC-Council Cloud

Exam Voucher Validity

It will be valid for 12month starting from the last day of the course.

 Certification Expiry

It will be valid for 3 years.