CCISCO – Certified Chief Information Security Officer

The Certified CISO (CCISO) EC-Council program is the first of its kind training and certification program aimed at producing top-level information security executives. The CCISO does not focus solely on technical knowledge but on the application of information security management principles from an executive management point of view. Each segment of the program has been developed with the aspiring CISO in mind and looks to transfer the knowledge of seasoned professionals to the next generation in the areas that are most critical in the development and maintenance of a successful information security program. It is a premier certification course for the professionals aiming to build successful information security program. The certification will give you a “big picture” knowledge required in networking role to build robust networking topologies interacting to form a secure networks. Candidates will understand the best practices required to develop secure IT networking environment and infrastructure.The CCISO certification will entitle him with the most aspiring title of being an information security professional. The certification will validate and upgrade your skills to use the devices used in CISO systems for communication.

The course covers all the exam topics including:

Domain 1: Governance (Policy, Legal & Compliance)

The first Domain of the C|CISO program is concerned with the following:

Information Security Management

Program Defining an Information Security

Governance Program 

Regulatory and Legal Compliance

Risk Management

Domain 2 -­‐ IS Management Controls and Auditing Management 

• Designing, deploying, and managing security controls 
• Understanding security controls types and objectives 
• Implementing control assurance frameworks
•  Understanding the audit management process

Domain 3 of the C|CISO program covers the day-­‐to-­‐day responsibilities of a CISO, including: 

• The role of the CISO 
• Information Security Projects 
• Integration of security requirements into other operational processes (change management, version control, disaster recovery, etc.)

Domain 4 of the CCISO program covers, from an executive perspective, the technical aspects  of the CISO job including: 

• Access Controls
•  Physical Security
•  Disaster Recovery and Business Continuity Planning
•  Network Security 
• Threat and Vulnerability Management
•  Application Security 
• System Security 
• Encryption 
• Vulnerability Assessments and Penetration Testing 
• Computer Forensics and Incident Response

Domain 5 of the CCISO program is concerned with the area with which many more  technically inclined professionals may have the least experience, including:

• Security Strategic Planning
• Alignment with business goals and risk tolerance
• Security emerging trends
• Key Performance Indicators (KPI) Financial Planning
• Development of business cases for security
• Analyzing, forecasting, and developing a capital expense budget
• Analyzing, forecasting, and developing an operating expense budget
• Return on Investment (ROI) and cost-benefit analysis
• Vendor management 
• Integrating security requirements into the contractual agreement and procurement process

Taken together, these five Domains of the C|CISO program translate to a thoroughly  knowledgeable, competent executive information security practitioner.