CISM Review Manual 2011

Newly updated, the CISM Review Manual 2011 is a comprehensive reference guide designed to assist individuals in preparing for the CISM exam and individuals who wish to understand the roles and responsibilities of an information security manager. The manual has been continually enhanced over the past six editions and is a current, comprehensive, peer-reviewed information security management global resource.

The 2011 edition assists candidates study and understand essential concepts in the following job practice areas:

• Information security governance
• Inforamtion risk management
• Information security program development
• Information security program management
• Incident management and response

The CISM Review Manual 2011 retains the easy-to-navigate format first introduced in 2010. Each of the book's five chapters has been divided into two sections for focused study. The first section contains the definitions and objectives for the five areas, with the corresponding tasks and knowledge statements that are tested on the exam.

Section one of each chapter is an overview that provides:

• Definitions for the five areas
• Objectives for each area
• Descriptions of the tasks
• A map of the relationship of each task to the knowledge statements
• A reference guide for the knowledge statements, including the relevant concepts and explanations
• References to specific content in section two for each knowledge statement
• Sample practice questions and explanations of the answers
• Suggested resources for further study

Section two of each chapter consists of reference material and content that support the knowledge statements. The material enchances CISM candidates' knowledge and/or understanding when preparing for the CISM certification exam. Also included are definitions of terms most commonly found on the exam

This manual is effective as a stand-alone document for individual study and as a guide or reference for study groups and chapters conducting local review courses. It is also a primary reference resource for information security managers seeking global guidance on effective approaches to governance, risk management, program development, management and incident response.