Data Breach Support

CCISO Training

Home / Security Training / Certified Chief Information Security Officer Training (CCISO)

CCISO training is designed to take your career to the next level

Who is the course aimed at?

This Chief Information Security Officer (CISO) Training Course is designed to provide IT professionals with the skills and knowledge they need to lead and manage an organisation’s Information Security programme. This CISSP Training can benefit a wide range of professionals, including:

Security Consultants
IT Security Engineers
Chief Information Security Officers (CISOs)
Network Architects
IT Consultants
Risk Managers

Course overview

The Certified Chief Information Security Officer (CCISO) Training Course is a critical pillar in cyber security. In an era marked by escalating cyber threats, the need for individuals with comprehensive knowledge of Information Security is paramount. This course equips professionals with the expertise needed to safeguard critical data, mitigate risks, and ensure that robust security measures are in place.

Learn cyber security management with this Chief Information Security Officer Training Understand incident response planning and crisis management. Gain expertise in developing and implementing comprehensive security policies.

Enrol Today
  • Recognised Certification
  • Course Duration is 3 Days
  • Multiple Course Dates
  • Course Discounts Available
  • Online Course Available
  • Highly Experienced Trainers

What is the course curriculum?

The course consists of 5 domains and 37 modules covered over a 3 day period.

Domain 1: Governance and Risk Management

Module 1: Governance

  • Introduction to Governance
  • Information Security Governance

Module 2: Information Security Management Structure

  • Introduction
  • Sizing
  • Management Structure

Module 3: Principles of Information Security

  • Principles of Information Security
  • CIA Traid
  • Security Vulnerabilities, Threats, Risks, and Exposures
  • Cyberattack Elements
  • Defence-in-depth

Module 4: Risk Management

  • Risk Management Programme
  • Approach
  • Process
  • Method
  • Best Practice Frameworks for Risk Management

Module 5: Management and Technical Information Security Elements

  • Management and Technical Information Security Elements
  • Security Programme Plan
  • Security Policies, Standards, and Guidelines
  • Asset Security
  • Identity and Access Management
  • Security Engineering
  • Security Operations
  • Software Development Security
  • Security Assessments and Testing
  • Security Training and Awareness
  • Business Continuity and Disaster Recovery

Module 6: Compliance

  • Compliance
  • Compliance Team
  • Compliance Management

Module 7: Privacy

  • Privacy
  • Privacy Impact Assessment
  • Privacy and Security

Module 8: Laws and Regulatory Drivers

  • Laws and Regulatory Drivers
  • Federal Information Security Modernisation Act
  • Defence Federal Acquisition Regulation Supplement 252.204-7012
  • Who Does DFARS 252.204-7012 Apply to?
  • How Does Compliance Impact an Organisation?
  • Clinger-Cohen Act
  • Payment Card Industry Data Security Standard
  • Who Does PCI DSS Apply to?
  • Privacy Act of 1974
  • GRAMM-LEACH-BLILEY ACT
  • Health Insurance Portability and Accountability Act
  • Family Educational Rights and Privacy Act
  • SARBANES-OXLEY ACT
  • General Data Protection Regulation

Module 9: Standards and Frameworks

  • ISO/IEC 27000 Series
  • ISO/IEC 27001
  • NIST Cybersecurity Framework
  • Federal Information Processing Standards
  • Privacy Shield
  • COBIT

Module 10: Information Security Trends and Best Practices

  • Information Security Trends and Best Practices
  • Open Web Application Security Project
  • Cloud Security Alliance
  • Centre for Internet Security

Module 11: Information Security Training and Certifications

  • International Information System Security Certification Consortium
  • ISACA
  • International Council of E-Commerce Consultants
  • Sans Institute
  • Computing Technology Industry Association
  • International Association of Privacy Professionals
  • Offensive Security

Module 12: Ethics

  • Introduction to Ethics
Domain 2: Information Security Controls, Compliance, and Audit Management

Module 13: Information Security Controls

  • Control Fundamentals
  • Control Frameworks

Module 14: Information Security Control Life Cycle

  • Information Security Control Life Cycle
  • Risk Assessment
  • Design
  • Implementation
  • Assessment
  • Monitoring

Module 15: Information Security Control Life Cycle Frameworks

  • NIST SP
  • NIST Risk Management Framework
  • NIST Cybersecurity Framework
  • ISO/IEC 27000

 

Module 16: Information Security Control Frameworks

  • Components of Exploring Information Security Control Frameworks
  • NIST SP 800-53
  • NIST Cybersecurity Framework
  • ISO/IEC 27002
  • CIS Critical Security Controls
  • CSA Cloud Controls Matrix

Module 17: Auditing for the CISO

  • Auditing for the CISO
  • Audit Management
  • Audit Process
  • Control Self-assessments
  • Continuous Auditing
  • Specific Types of Audits and Assessments
Domain 3: Security Programme Management and Operations

Module 18: Security Programme Management

  • Security Areas of Focus
  • Security Streams of Work
  • Security Projects

Module 19: Security Programme Budgets, Finance, and Cost Control

  • Establishing the Budget
  • Managing and Monitoring Spending
  • Security Programme Resource Management: Building the Security Team

Module 20: Project Management

  • Project Management Fundamentals
  • Phases of Project Management
  • Initiating
  • Planning
  • Executing
  • Monitoring and Controlling
  • Closing
Domain 4: Information Security Core Competencies

Module 21: Malicious Software and Attacks

  • Malware
  • Scripting and Vulnerability-Specific Attacks

Module 22: Social Engineering

  • Types of Social Engineering Attacks
  • Why Employees are Susceptible to Social Engineering?
  • Social Engineering Defences

Module 23: Asset Security

  • Asset Inventory and Configuration
  • Secure Configuration Baselines
  • Vulnerability Management
  • Asset Security Techniques

Module 24: Data Security

  • Data at Rest
  • Data in Transit
  • Data in Use
  • Data Life Cycle

Module 25: Identity and Access Management

  • Identity and Access Management Fundamentals
  • Identity Management Technologies
  • Authentication Factors and Mechanisms
  • Access Control Principles
  • Access Control Models
  • Access Control Administration
  • Identity and Access Management Life Cycle

Module 26: Communication and Network Security

  • WANs and LANs
  • IP Addressing
  • Network Address Translation
  • Network Protocols and Communications
  • Wireless
  • Network Technologies and Defences

Module 27: Cryptography

  • Cryptography
  • Cryptographic Definitions
  • Cryptographic Services
  • Symmetric, Asymmetric, And Hybrid Cryptosystems
  • Hash Algorithms
  • Message Authentication Codes
  • Digital Signatures
  • Public Key Infrastructure

Module 28: Cloud Security

  • Cloud Security
  • Cloud Computing Characteristics
  • Cloud Deployment Models
  • Cloud Service Models
  • Cloud Security Risks and Assurance Levels
  • Cloud Security Resources

Module 29: Physical Security

  • Making Security Decisions
  • Physical Security Threats
  • Physical Security Programme Planning
  • Physical Security Resources
  • Physical Security Controls
  • Physical Security Auditing and Measurement

Module 30: Personnel Security

  • Personnel Security
  • Software Development Security
  • Integrating Security into the SDLC
  • Security SDLC Roles and Responsibilities
  • Software Vulnerabilities
  • Secure Coding Practices
  • Software Vulnerability Analysis and Assessments

Module 31: Forensics, Incident Handling, and Investigations

  • Relevant Law
  • Logging and Monitoring
  • Incident Response and Investigations
  • Forensics and Digital Evidence

Module 32: Security Assessment and Testings

  • Introduction to Security Assessment and Testings
  • Vulnerability Assessments
  • Penetration Testing
  • Security Programme Assessments

Module 33: Business Continuity and Disaster Recovery

  • Introduction to Business Continuity and Disaster Recovery
  • Continuity Planning Initiation
  • Business Impact Analysis
  • Identify Preventive Controls
  • Develop Recovery Strategies and Solutions
  • Develop the Plan
  • Test the Plan
  • Maintain the Plan
Domain 5: Strategic Planning, Finance, Procurement, and Vendor Management

Module 34: Strategic Planning 

  • Introduction to Strategic Planning
  • Organisational Strategic Planning
  • Organisational Strategic Planning Teams
  • Strategic Planning Process
  • Security Strategic Plan

Module 35: Making Security Decisions

  • Introduction to Making Security Decisions
  • Enterprise Architecture

Module 36: Financial Management

  • Financial Management
  • Accounting and Finance Basics
  • Information Security Annual Budget

Module 37: Procurement and Vendor Management

  • Overview of Procurement and Vendor Management
  • Procurement Core Principles and Processes
  • Types of Contracts
  • Scope Agreements
  • Third-party Vendor Risk Management
Domain 6: Security Assessment and Testing

Design and Validate Assessment, Test, and Audit Strategies
Conduct Security Control Testing
Collect Security Process Data
Analyse Test Output and Generate Report
Conduct or Facilitate Security Audits

Domain 7: Security Operations

Understand and Support Investigations
Conduct Logging and Monitoring Activities
Securely Provisioning Resources
Understand and Apply Foundational Security Operations Concepts
Apply Resource Protection Techniques
Conduct Incident Management
Operate and Maintain Detective and Preventative Measures
Implement and Support Patch and Vulnerability Management
Participate in Change Management Processes
Implement Recovery Strategies
Implement disaster recovery (DR) processes
Test disaster recovery plans (DRP)
Participate in Business Continuity (BC) planning and exercises
Implement and manage physical security
Address personnel safety and security concerns

Domain 8: Software Development Security

Integrate Security in the Software Development Life Cycle (SDLC)
Identify and Apply Security Controls in Development Environments
Assess the Effectiveness of Software Security
Assess Security Impact of Acquired Software
Define and Apply Secure Coding Guidelines and Standards

auditing

What’s included?

World-Class Training Sessions from Experienced Instructors
Chief Information Security Officer Certificate
Digital Delegate Pack

Find Out More

Other Courses

CISSP Training
CISM Training
CCSP Training
CCS-PRO Training
Security Awareness Training

Certified Chief Information Security Officer (CISO) Training Course

£2495.00 + VAT

Enrol Today

Become a certified CISO

Enrol Today

WE CAN PROVIDE A DISCOUNT FOR MULTIPLE PEOPLE

We can enrol you today, you will get the course details via email

Contact Us

Contact us.

CCISO Training
First
Last
Data Protection - Please give your explicit consent for the processing of your personal data.

logo

Office Hours

We are available during UK office hours.

Call Us : +44 330 027 2161
We are open from Monday to Friday
9.00 AM - 5.00 PM

Quick Links

Services

Company Overview

Cyber Security 4 you is a trading name of Cyber21 Limited, a UK registered Limited Company.

The company provides affordable and cost-effective cyber security and data protection services and solutions.

Cyber21 Limited © Copyright 2025

Cyber Security 4 you
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.