Certified Chief Information Security Officer Training | CCISO
Self-Paced Online Training with an Industry Certification Brought to you by Dynamic Communities Academy in partnership with the EC-Council
EC-Council’s Certified Chief Information Security Officer (CCISO) Program has certified leading information security professionals around the world. A core group of high-level information security executives, the CCISO Advisory Board, formed the foundation of the program and outlined the content covered by the exam, body of knowledge, and training. Some members of the Board contributed as authors, others as exam writers, others as quality assurance checks, and still others as instructors. Each segment of the program was developed with the aspiring and sitting CISO in mind and looks to transfer the knowledge of seasoned executives to the next generation of leaders in the areas that are most critical in the development and maintenance of a successful information security program.
Domain 1: Governance and Risk Management
Define, Implement, Manage, and Maintain an Information Security Governance Program
Information Security Drivers
Establishing an information security management structure
Laws/Regulations/Standards as drivers of Organizational Policy/Standards/Procedures
Managing an enterprise information security compliance program
Domain 2: Information Security Controls, Compliance, and Audit Management
Information Security Controls
Guidelines, Good and Best Practices
Domain 3: Security Program Management & Operations
Domain 4: Information Security Core Competencies
Cloud Computing Security
Domain 5: Strategic Planning, Finance, Procurement and Vendor Management
Designing, Developing, and Maintaining an Enterprise Information Security Program
Understanding the Enterprise Architecture (EA)
The CCISO Certification is an industry-leading program that recognizes the real-world experience necessary to succeed at the highest executive levels of information security. Bringing together all the components required for a C-Level positions, the CCISO program combines audit management, governance, IS controls, human capital management, strategic program development, and the financial expertise vital to leading a highly successful IS program. The job of the CISO is far too important to be learned by trial and error. Executive level management skills are not areas that should be learned on the job.
Material in the CCISO Program assumes a high-level understanding of technical topics and doesn’t spend much time on strictly technical information, but rather on the application of technical knowledge to an information security executive’s day-to-day work. The CCISO aims to bridge the gap between the executive management knowledge that CISOs need and the technical knowledge that many sitting and aspiring CISOs have. This can be a crucial gap as a practitioner endeavors to move from mid-management to upper, executive management roles. Much of this is traditionally learned as on the job training, but the CCISO Training Program can be the key to a successful transition to the highest ranks of information security management.
There are three cognitive levels tested on the CCISO exam but only two tested on the EISM exam:
Level 1 – Knowledge: This cognitive level of questions is used to recall memorized facts. This is the most basic cognitive level rarely accepted on certifications as it merely recognizes the candidate’s ability to memorize information. It can be effectively used when asking for basic definitions, standards or any concrete fact. This level appears on both the CCISO and EISM exam.
Level 2 – Application: This cognitive level of questions is used to identify the candidate’s ability to understand the application of a given concept. It differs from Knowledge based questions in the sense that it requires the understanding and correct applicability of a given concept – not just the concept itself. This type of question often quires additional context before the actual question is provided in the stem. This level appears on both the CCISO and EISM exam.
Level 3 – Analysis: This cognitive level of questions is used to identify the candidate’s ability to identify and resolve a problem given a series of variables and context. Analysis questions differ greatly from Application based questions in the sense that they require not only the applicability of a concept but also how a concept, given certain constrain can be used to solve a problem. This level appears on the CCISO and not on the EISM exam.
Passing Score: In order to maintain the high integrity of our certifications exams, EC-Council Exams are provided in multiple forms (I.e. different question banks). Each form is carefully analyzed through beta testing with an appropriate sample group under the purview of a committee of subject matter experts that ensure that each of our exams not only has academic rigor but also has “real world” applicability. We also have a process to determine the difficulty rating of each question. The individual rating then contributes to an overall “Cut Score” for each exam form. To ensure each form has equal assessment standards, cut scores are set on a “per exam form” basis. Depending on which exam form is challenged, cut scores can range from 60% to 78%.