• Training page

Increase your earning potential and advance your career

This Five-day course provides intensive revision for the challenging CISM exam, moving you closer to achieving the known benefits of CISM certification such as higher earning potential and career advancement. With a growing demand for people with Information Security Management (ISM) skills, CISM has become a leading international IS certification designed for those who manage, design, oversee or assess an organization's information security.

"The CISM certification promotes international practices and provides executive management with assurance that those earning the designation have the required experience and knowledge to provide effective security management and consulting services." (ISACA)

Who should attend this course?

  • Risk managers.
  • Security professionals with front-line experience.
  • Security auditors.
  • Information security staff.
  • Compliance personnel.
  • Information security managers.
  • CSOs, CISOs and CIOs.
  • Information security assurance providers.

What will you learn?

Complete Preparation for the CISM exam This course provides the core CISM competencies required by professionals planning to sit the CISM exam, and prepares you for the exam in a systematic and comprehensive way.

Please note: the CISM exam is not taken during this training course. It needs to be booked directly with ISACA. There are strict booking dates for the exam, with an advance registration deadline approximately two months before each course start date. Pls visit http://www.isaca.org/Certification/ to download the candidate guide and book the exam.

What You will Learn

The training programme covers the four CISM job practice domains:

  • Domain 1 - Information Security Governance
  • Domain 2 - Information Risk Management and Compliance
  • Domain 3 - Information Security Program Development and Management
  • Domain 4 - Information Security Incident Management

(50 questions will be discussed at the end of each domain)


Thilak Pathirage: MBA(Sri j) BCOM(spl) CISSP CISA CISM CGEIT CRISC CBCP ITILV3 ISO27K(LA) FIB- Former AGM-OpRisk & Information Risk Management. Seylan Bank. To read his full profile:

Date Commencement: Request for date Course Duration: 8 Sturdays    Venue: ITGRC Training Center

Course price: Rs 50,000/=

What's included in the course?

  • Lunch and refreshments.
  • Full course materials
  • Certificate of attendance.
  • 1000 questions with online support


CISM Review Manual

A copy of the current CISM Review Manual is essential for any exam candidate. Unless you already have your own copy, you have the option to purchase it from the ISACA book store. https://www.isaca.org/bookstore/

The CISM exam

The CISM examination runs a multiple-choice format and consists of a 4-hour paper. The examination tests the candidate’s knowledge of Information System audit principles and practices, as well as technical content areas. Our experience shows that delegates have the highest chance of success if they sit the exam approximately 2 weeks after completing our training course. Get started today by registering for an exam. Register for the CISM exam >>

Additional information

This course is non-residential, but we can help you to find a hotel close to the training venue. To take advantage of this offer, drop us a email on This email address is being protected from spambots. You need JavaScript enabled to view it.
after you book your course.

Prepare for CISM success: book your training with us!
Register Now- link to enrollment page

Click to expand full contents

Information Security Governance

  • Effective IS governance.
  • Scope and charter of IS governance.
  • IS Governance metrics.
  • Developing an IS strategy.
  • Strategy resources and constraints.

Information Risk Management and Compliance

  • Risk management strategy and management.
  • Implementing risk management.
  • Risk assessment and analysis methodologies.
  • Controls and counter measures.
  • RTO and RPO.
  • Security control baselines.

Information Security Program Development

  • IS manager.
  • IS program development objectives and road map.
  • IS program resources.
  • Implementing an IS program.
  • Physical and environmental controls.
  • IS program integration and metrics.

Information Security Program management

  • IS management framework.
  • Measuring IS management performance.
  • Common IS management challenges.
  • IS management resources and considerations.
  • Implementing management of the IS program.

Incident management and response

  • Incident management concepts.
  • Incident management metrics and indicators.
  • Defining incident management procedures.
  • Incident response capability.
  • Developing an incident response plan.
  • Developing/testing response and recovery plans.
  • Documenting events.


The Swirl logoTMis a trade mark of AXELOS Limited.
ITIL®is a registered trade mark of AXELOS Limited.
PRINCE2®is a Registered Trade Mark of AXELOS Limited.
COBIT®is a trademark of ISACA®registered in the United States and other countries.
CISM CRISC CGEIT CISA® are Registered Trade Marks of the Information Systems Audit and Control Association (ISACA) and the IT Governance Institute
CISSP is a registered mark of The International Information Systems Security Certification Consortium ((ISC)2)