Overview

Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off

One annual plan covers every course and certificate on Coursera. 40% off for a limited time.

CISM: Security Program Management is the third course of Exam Prep CISM: Certified Information Security Manager Specialization. This course equips learners to explore the fundamental stages of designing, building, and managing a comprehensive security program while aligning technical infrastructure with organizational objectives. The course is structured into comprehensive modules, further segmented by Lessons and Video Lectures that blend management-level theory with practical application. This course facilitates learners with approximately 2:00–2:30 hours of video content. To ensure mastery of the material, Graded and Ungraded Quizzes are provided with every module, testing the ability of learners to utilize Metrics and Monitoring for Security Programmes and deploy effective Countermeasures and Controls in real-world business scenarios. - Module 1: Program Development and Architecture - Module 2: Program Operations and Infrastructure - Module 3: Security Controls and Awareness This course is specifically designed for information security managers and leadership-track professionals who aim to bridge the gap between high-level security strategy and the practical execution of a security program, ensuring that technical frameworks, cloud architectures, and privacy regulations align with the organization's risk appetite and strategic objectives. By the end of this course, a learner will be able to: - Construct a Strategic Program Foundation - Develop and Enforce Governance Documentation. - Cultivate a Risk-Aware Culture and Performance Tracking.

Syllabus

Program Development and Architecture

Welcome to the week 1. In this week, we will begin by exploring the core Information Security Program Development Concepts and defining the specific Information Security Program Objectives that align with your business mission. You will learn to establish authority and boundaries through a clear Scope and Charter of Information Security Program Development, ensuring a solid foundation for governance. We will then transition into the selection and implementation of Information Security Framework Components designed to structure your defenses effectively. A key focus will be placed on technical design, specifically understanding Information Infrastructure and Architecture and its role in building a scalable, secure environment. Finally, we will cover the practical steps for Implementing An Information Security Program, providing a comprehensive roadmap that bridges the gap between high-level strategy and technical execution.

Program Operations and Infrastructure

Welcome to Week 2. This week, we will begin by establishing the administrative foundations, focusing on the day-to-day Administration and Management of Security Programmes to ensure they remain functional and relevant. We will transition into the tactical side of security, exploring how to deliver consistent Security Program Services and Operational Activities that support the business. A key focus will be placed on the governance lifecycle, specifically understanding the development and enforcement of Policy, Standards, and Procedures to create a predictable security environment. Finally, we will cover the strategic planning and financial oversight required for long-term success, including Creating a Road Map for an Information Security Programme and managing the Budget for Security to bridge the gap between technical operations and executive requirements.

Security Controls and Awareness

In this week, we will begin by exploring the complex landscape of Privacy Regulations and the unique security challenges posed by Cloud Computing, ensuring your program remains compliant and secure in the digital age. We will transition into the selection and implementation of Countermeasures and Controls designed to mitigate identified risks effectively across the enterprise. A key focus will be placed on the human element of security, specifically understanding the role of Security Education and Training in building a risk-aware culture. Finally, we will cover Metrics and Monitoring for Security Programmes to ensure that control effectiveness is continuously tracked and reported to stakeholders, providing a comprehensive Information Security Program Development and Management overview that bridges the gap between technical defense and regulatory oversight.