Certified Information Security Manager, CISM®

• Awarded by Information Systems Audit and Control Association (ISACA)
• Designed for those who manage, design, oversee and assess an enterprise’s information security function
• Official Website: http://www.isaca.org/

• Domain 1 — Information Security Governance (17%)
• Domain 2 — Information Risk Management (20%)
• Domain 3 — Information Security Program Development and Management (33%)
• Domain 4 — Information Security Incident Management (30%)

• 21-hour intensive examination preparation workshop
• Conducted by renowned, experienced industrial expert
• Real case study will be adopted with experience sharing
• Eligible for 21 units of PDU / CPE

The Certified Information Security Manager^® (CISM^®) exam consists of 150 questions covering 4 job practice domains, all testing your knowledge and ability on real-life job practices leveraged by expert professionals.

Exam length: 4 hours (240 minutes), 150 multiple choice questions

• Pass the CISM® examination
• Five (5) or more years of experience in information security management. Experience waivers are available for a maximum of two (2) years
• After passing the exam, candidates require to pay the US$50 application processing fee
• CISM Chartered holders need to pay annual maintenance fee of US$45 for ISACA members and US$85 for ISACA non-member
• Recertification is required every three years. CISM® Charter holders are required to earn 120 Continuing Professional Education (CPE) credits every 3 years, with a minimum 20CPEs earned each year after certification
• More details: https://www.isaca.org/credentialing/cism/get-cism-certified

Mr. D. Ko, CISA, CISM, CCSP, AWS-SAA, CFA, FRM, HKICPA CPA

• Experiences in providing regulatory compliance, internal control, incident assessment and IT risk and security consultation services for numerous local and international financial institutions
• Act as Technology Risk and Assurance leader in government authority and providing regulatory and supervisory services
• Collaborating with the banking industry and other organizations (such as SFC and IA) in various technology risk management or fintech initiatives

Mr. Alan Yau

• CISSP, CISA, CISM, CGEIT, CRISC, CDPSE
• Alan is currently holding a Senior Management Role as Principal Cybersecurity Consultant and Trainer with 20+ years of experience
• Specializes in leading engagements and serving clients in Information Security, including Next Generation Security Operation Center, IT Risk Assessment, Penetration Testing and IT Audit
• Led the implementation and execution of Next Generation Security Operation Center, Security Operation Center, Infrastructure Security for Mobile Device Management, Security Exchange 2010 and Infrastructure Security for Enterprise Cloud Services
• Holds ISACA Accredited Trainer and Certified Mile2 Instructor credentials