Study material generic cover image

Summary CISM Notes

380 Flashcards & Notes
Scroll down to see the PDF preview!
  • This summary
  • +380.000 other summaries
  • A unique study tool
  • A rehearsal system for this summary
  • Studycoaching with videos
Remember faster, study better. Scientifically proven.
Trustpilot Logo

A snapshot of the summary - CISM Notes

  • 1 GOVERNANCE

  • 1.0.2 Priorities for the CISM p1

  • Difference between accountability and reponsibility
    A: ultimate control/legally liable R: contributions to end result
  • 1.0.6 Evaluating the security environment


  • Difference between auditing and testing

    A: compliance
    T: effficiency
  • SEIM stands for (SEM, SIM)
    Security Event and Incident Monitoring
  • 1.0.7 The information security program


  • ISO 27001 PDCA Cycle entails:
    Plan - Do - Check - Act
  • Which key areas of IS are measured with a balanced scorecard?
    1. Financial metrics
    2. Customer metrics
    3. Internal process measures
    4. Measures of learning and growth
  • 1.0.8 Information security strategy

  • What is the goal of information security?
    To protect the organization's assets, individuals, mission and vision
  • How is the goal of information security achieved (3 areas)?
    1. Asset identification
    2. Classification
    3. Application of controls
  • What does an ISRM strategy provide?
    It provides an organization with a roadmap for information and and information infrastructure protection with goals and objectives that ensure capabilities provided are aligned to business goals and the organization's risk profile.

  • What do long-term objectives describe?
    "Desired state"
  • 1.0.9 Roles and responsibilities

  • Executive management is responsible for:
    • Implementing effective governance
    • Defining strategic security objectives
    • Budget and support
    • Monitoring regulatory compliance
Read the full summary
This summary. +380.000 other summaries. A unique study tool. A rehearsal system for this summary. Studycoaching with videos.