EC-Council Certified Chief Information Security Officer

Provided by

Enquire about this course

Overview

EC-Council;s CCISO Program has certified leading information security professionals around the world. A core group of high-level information security executives, the CCISO Advisory Board, contributed by forming the foundation of the program and outlining the content that would be covered by the exam, body of knowledge, and training. Some members of the Board contributed as authors, others as exam writers, others as quality assurance checks, and still others as trainers. Each segment of the program was developed with the aspiring CISO in mind and looks to transfer the knowledge of seasoned professionals to the next generation in the areas that are most critical in the development and maintenance of a successful information security program.
Target Audience

This course is designed for the aspiring or sitting upper-level manager striving to advance his or her career by learning to apply their existing deep technical knowledge to business problems.

The C|CISO course is also suitable for those who in security management roles, including those with CISSP, CISM, CISA qualifications. C|CISO provides an opportunity to differentiate yourself in the marketplace with this outstanding security leadership certification.

Certified C|CISO;s are offered the opportunity to attend the EC Council annual C|CISO events.

C|CISO FAQ page can be found here

'I took EC-Council;s Certified CISO course to round out the executive mindset that I now need as a manager of security teams. C|CISO was one of the best courses I have taken and strengthened my views on what good leaders should be doing.'

Don Pecha, Information Security at PayPal

+

Prerequisites

Candidates interested in earning the C|CISO Certification must qualify via ECCouncil;s Exam Eligibility application before booking the C|CISO course. Only students with at least five years of experience in three of the five domains are permitted to sit for the C|CISO Exam. Any student who does not qualify to sit for the exam or who does not fill out the application will be permitted to take the EC-Council Information Security Manager (EISM) exam and earn that certification. EISMs may then apply for the CCISO Exam once they have achieved the required years of experience.

Please note - The exam eligibility form can be accessed via the link above and sent to EC Council - before attending training. The completed form can be sent to - ccisoapp@eccouncil.org .

+

Course Outline

In this course, you will learn in-depth content in each of the 5 CCISO Domains:

Domain 1

Governance (Policy,Legal and Compliance) The first Domain of the CCISO program is concerned with the following:
  • Information Security Management Program
  • Defining an Information Security Governance Program
  • Regulatory and Legal Compliance
  • Risk Management
  • IS Management Controls and Auditing Management
Domain 2

of the CCISO program, one of the cornerstones of any information security program, is concerned with the following:
  • Designing, deploying, and managing security controls
  • Understanding security controls types and objectives
  • Implementing control assurance frameworks
  • Understanding the audit management process
Domain 3

of the CCISO program covers the day-to-day responsibilities of a CISO, including:
  • The role of the CISO
  • Information Security Projects
  • Integration of security requirements into other operational processes (change management, version control, disaster recovery, etc.)
Domain 4

of the CCISO program covers, from an executive perspective, the technical aspects of the CISO job including:
  • Access Controls
  • Physical Security
  • Disaster Recovery and Business Continuity Planning
  • Network Security
  • Threat and Vulnerability Management
  • Application Security
  • System Security
  • Encryption
  • Vulnerability Assessments and Penetration Testing
  • Computer Forensics and Incident Response
Domain 5

of the CCISO program is concerned with the area with which many more technically inclined professionals may have the least experience, including:
  • Security Strategic Planning
  • Alignment with business goals and risk tolerance
  • Security emerging trends
  • Key Performance Indicators (KPI)
  • Financial Planning
  • Development of business cases for security
  • Analyzing, forecasting, and developing a capital expense budget
  • Analyzing, forecasting, and developing an operating expense budget
  • Return on Investment (ROI) and cost-benefit analysis
  • Vendor management
  • Integrating security requirements into the contractual agreement and procurement process
  • Taken together, these five Domains of the C|CISO program translate to a thoroughly
  • knowledgeable, competent executive information security practitioner.
EXAM

Candidates who participate in the official EC Council C|CISO training course, via QA an official EC Council training provider, must show 5 years of experience in three of the C|CISO domains to take the exam.

To earn the C|CISO, every applicant must pass the exam covering all 5 C|CISO domains, regardless of experience in each domain. The exam consists of 150 multiple-choice questions administered over a two-and-a-half-hour period. The questions on the exam require extensive thought and evaluation, covering knowledge, application and analysis.

+

Enquire

Start date Location / delivery
17 Mar 2025 QA On-Line Virtual Centre, Virtual Book now
01132207150 01132207150

Related article

The Cyber Pulse is QA's new portal to free Cyber content, including on-demand webinars, articles written by leading experts,