When will I have access to the lectures and assignments?

To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

What will I get if I subscribe to this Specialization?

When you enroll in the course, you get access to all of the courses in the Specialization, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.

Is financial aid available?

Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.

CISM: Security Program Management

This course is part of Exam Prep CISM: Certified Information Security Manager Specialization

Instructor: Whizlabs Instructor

Included with

Learn more

3 modules

Gain insight into a topic and learn the fundamentals.

Intermediate level

Recommended experience

6 hours to complete

Flexible schedule

Learn at your own pace

3 modules

Gain insight into a topic and learn the fundamentals.

Intermediate level

Recommended experience

6 hours to complete

Flexible schedule

Learn at your own pace

What you'll learn

Construct a Strategic Program Foundation.
Develop and Enforce Governance Documentation.
Cultivate a Risk-Aware Culture and Performance Tracking.

Details to know

Shareable certificate

Add to your LinkedIn profile

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

Build your subject-matter expertise

This course is part of the Exam Prep CISM: Certified Information Security Manager Specialization

When you enroll in this course, you'll also be enrolled in this Specialization.

Learn new concepts from industry experts
Gain a foundational understanding of a subject or tool
Develop job-relevant skills with hands-on projects
Earn a shareable career certificate

There are 3 modules in this course

CISM: Security Program Management is the third course of Exam Prep CISM: Certified Information Security Manager Specialization. This course equips learners to explore the fundamental stages of designing, building, and managing a comprehensive security program while aligning technical infrastructure with organizational objectives.

The course is structured into comprehensive modules, further segmented by Lessons and Video Lectures that blend management-level theory with practical application. This course facilitates learners with approximately 2:00–2:30 hours of video content. To ensure mastery of the material, Graded and Ungraded Quizzes are provided with every module, testing the ability of learners to utilize Metrics and Monitoring for Security Programmes and deploy effective Countermeasures and Controls in real-world business scenarios. - Module 1: Program Development and Architecture - Module 2: Program Operations and Infrastructure - Module 3: Security Controls and Awareness This course is specifically designed for information security managers and leadership-track professionals who aim to bridge the gap between high-level security strategy and the practical execution of a security program, ensuring that technical frameworks, cloud architectures, and privacy regulations align with the organization's risk appetite and strategic objectives. By the end of this course, a learner will be able to: - Construct a Strategic Program Foundation - Develop and Enforce Governance Documentation. - Cultivate a Risk-Aware Culture and Performance Tracking.

Module details

Welcome to the week 1. In this week, we will begin by exploring the core Information Security Program Development Concepts and defining the specific Information Security Program Objectives that align with your business mission. You will learn to establish authority and boundaries through a clear Scope and Charter of Information Security Program Development, ensuring a solid foundation for governance. We will then transition into the selection and implementation of Information Security Framework Components designed to structure your defenses effectively. A key focus will be placed on technical design, specifically understanding Information Infrastructure and Architecture and its role in building a scalable, secure environment. Finally, we will cover the practical steps for Implementing An Information Security Program, providing a comprehensive roadmap that bridges the gap between high-level strategy and technical execution.

What's included

7 videos2 readings2 assignments

7 videosTotal 42 minutes

Development of Information Security Program7 minutes
Information Security Program Objectives4 minutes
Information Security Program Development Concepts3 minutes
Information Security Framework Components8 minutes
Implementing An Information Security Program10 minutes
Information Infrastructure and Architecture4 minutes
Information Security Program6 minutes

2 readingsTotal 25 minutes

Welcome to the Course15 minutes
Overview of Program Development and Architecture10 minutes

2 assignmentsTotal 50 minutes

Designing Frameworks and Architecture - Knowledge Check25 minutes
Program Development and Architecture - Assessment25 minutes

Welcome to Week 2. This week, we will begin by establishing the administrative foundations, focusing on the day-to-day Administration and Management of Security Programmes to ensure they remain functional and relevant. We will transition into the tactical side of security, exploring how to deliver consistent Security Program Services and Operational Activities that support the business. A key focus will be placed on the governance lifecycle, specifically understanding the development and enforcement of Policy, Standards, and Procedures to create a predictable security environment. Finally, we will cover the strategic planning and financial oversight required for long-term success, including Creating a Road Map for an Information Security Programme and managing the Budget for Security to bridge the gap between technical operations and executive requirements.

What's included

8 videos1 reading2 assignments

8 videosTotal 58 minutes

Security Program Services and Operational Activities9 minutes
Overview of Information Security Programme Management15 minutes
Program Objectives for Information Security1 minute
Components of an Information Security Framework11 minutes
Creating a Road Map for an Information Security Programme5 minutes
Policy, Standards, and Procedures3 minutes
Budget for Security2 minutes
Administration and Management of Security Programmes13 minutes

1 readingTotal 10 minutes

Overview of Program Operations and Infrastructure10 minutes

2 assignmentsTotal 50 minutes

Operationalizing Management and Administration - Knowledge Check25 minutes
Program Operations and Infrastructure - Assessment25 minutes

In this week, we will begin by exploring the complex landscape of Privacy Regulations and the unique security challenges posed by Cloud Computing, ensuring your program remains compliant and secure in the digital age. We will transition into the selection and implementation of Countermeasures and Controls designed to mitigate identified risks effectively across the enterprise. A key focus will be placed on the human element of security, specifically understanding the role of Security Education and Training in building a risk-aware culture. Finally, we will cover Metrics and Monitoring for Security Programmes to ensure that control effectiveness is continuously tracked and reported to stakeholders, providing a comprehensive Information Security Program Development and Management overview that bridges the gap between technical defense and regulatory oversight.