Training 2020

EC-Council’s Certified CISO Program has certified leading information security professionals around the world. A core group of high-level information security executives, the CCISO Advisory Board, formed the foundation of the program and outlined the content covered by the exam, body of knowledge, and training. Some members of the Board contributed as authors, others as exam writers, others as quality assurance checks, and still others as instructors. Each segment of the program was developed with the aspiring and sitting CISO in mind and looks to transfer the knowledge of seasoned executives to the next generation of leaders in the areas that are most critical in the development and maintenance of a successful information security program.

EC-Council CCISO Training is going to be virtually online this year! Don’t miss this opportunity to take the next step in your career and join the growing ranks of Certified CISOs.

EC-Council’s Certified CISO (CCISO) Program has been helping information security professionals take their careers to the next level since 2012. Join the ranks of infosec managers making the leap to executive infosec leadership with live CCISO Training.

There are over 1,100 organizations around the world that employ CCISOs, including the following:

dod 100x100 - Training 2020 DOE 100x100 - Training 2020 DHS 100x100 - Training 2020 GE 100x100 - Training 2020 HP 100x100 - Training 2020 RSA 100x66 - Training 2020 IBM 100x50 - Training 2020

Course Overview


The CCISO Certification is an industry-leading program that recognizes the real-world experience necessary to succeed at the highest executive levels of information security. Bringing together all the components required for a C-Level positions, the CCISO program combines audit management, governance, IS controls, human capital management, strategic program development, and the financial expertise vital to leading a highly successful IS program. The job of the CISO is far too important to be learned by trial and error. Executive level management skills are not areas that should be learned on the job.

Material in the CCISO Program assumes a high-level understanding of technical topics and doesn’t spend much time on strictly technical information, but rather on the application of technical knowledge to an information security executive’s day-to-day work. The CCISO aims to bridge the gap between the executive management knowledge that CISOs need and the technical knowledge that many sitting and aspiring CISOs have. This can be a crucial gap as a practitioner endeavors to move from mid-management to upper, executive management roles. Much of this is traditionally learned as on the job training, but the CCISO Training Program can be the key to a successful transition to the highest ranks of information security management.

Course Outline

Domain 1

  • Definitions
  • Information Security Management Program
  • Information Security Laws, Regulations, & Guidelines
  • Privacy Laws

Domain 2

  • Design, Deploy, and Manage Security Controls in Alignment with Business Goals, Risk Tolerance, and Policies and Standards
  • Information Security Risk Assessment
  • Risk Treatment
  • Residual Risk
  • Risk Acceptance
  • Risk Management Feedback Loops
  • Business Goals
  • Risk Tolerance
  • Policies and Standards
  • Understanding Security Controls Types and Objectives
  • Implementing Control Assurance Frameworks
  • COBIT (Control Objectives for Information and Related Technology)
  • BAI06 Manage Changes
  • COBIT 4.1 vs. COBIT 5
  • ISO 27001/27002
  • Automate Controls
  • Understanding the Audit Management Process

Domain 3

  • The Role of the CISO
  • Information Security Projects
  • Security Operations Management

Domain 4

  • Access Controls
  • Physical Security
  • Disaster Recovery
  • Network Security
  • Threat and Vulnerability Management
  • Application Security
  • Systems Security
  • Encryption
  • Computer Forensics and Incident Response

Domain 5

  • Security Strategic Planning
  • Alignment with Business Goals and Risk Tolerance
  • Relationship between Security, Compliance, & Privacy
  • Leadership
  • Enterprise Information Security Architecture (EISA) Models, Frameworks, and Standards
  • Security Emerging Trends
  • It’s all about the Data
  • Key Performance Indicators (KPI)
  • Systems Certification and Accreditation Process
  • Resource Planning
  • Financial Planning
  • Procurement
  • Vendor Management
  • Request for Proposal (RFP) Process
  • Integrate Security Requirements into the Contractual Agreement and Procurement Process
  • Statement of Work
  • Service Level Agreements

Class Location & Details

Dates: November 9-13, 2020

Venue: Online


Early Registration: C$2,999

Late Registration: C$3,499

Course Includes:

  • Official Courseware
  • 1 Complimentary Exam voucher
  • Certificate of Attendance
  • Lunch and coffee breaks throughout the duration of the training

Minimum Requirements

In order to qualify to sit for the CCISO Exam without taking any training, candidates must have five years of experience in each of the 5 CCISO domains  verified via the Exam Eligibility Application.

To sit for the exam after taking training, candidates must have five years of experience in three of the five CCISO Domains verified via the Exam Eligibility Application.

Waivers for the CCISO are available to Self-Study Candidates

Domain Professional Certification Waivers Education Waivers
1. Governance and Risk Management CGEIT, CRISC 2 - years Ph.D. Information Security - 3 years, MS Information Security Management, MS Information Security Engineering - 2 years, BS Information Security - 2 years
2. Information Security Controls, Compliance, and Audit Management CISA, CISM - 2 years Ph.D. Information Security - 3 years, MS Information Security Management, MS Information Security Engineering - 2 years, BS Information Security - 2 years
3. Security Program Management & Operations PMP, ITIL, PM in IT Security - 2 years Ph.D. Information Security - 3 years, MS Information Security or MS Project Management - 2 years, BS Information Security - 2 years
4. Information Security Core Competencies CISSP, LPT, E|DRP, CIPP, MBCP - 2 years Ph.D. Information Security - 3 years, MS Information Security - 2 years, BS Information Security - 2 years
5. Strategic Planning, Finance, Procurement, and Vendor Management None CPA, MBA, M. Fin. - 3 years

To register for this course, click Buy Now,
if you are interested but still have questions, click Contact Us.