• Online, Self-Paced
Course Description

Security incidents can have a huge cost factor on an organization. Examine incident logging, analyzing, and documenting, as well as techniques for responding to and recovering from information security incidents.

Learning Objectives

CISM: Information Security Incident Management Part 2

  • describe incident reporting requirements and procedures
  • define post-incident review practices and investigations
  • quantify damages, costs and business impacts
  • detect, log, analyze and document events
  • classify resources for investigation of incidents
  • identify impact of changes to the environment
  • know techniques to test the incident response plan
  • specify regulatory, legal and organization requirements
  • define KPIs and metrics to evaluate the response plan
  • define InfoSec security management

Framework Connections

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.