The CCISO focuses on the application of information security management principles from an executive management point of view. Candidates must meet experience requirements and pass a written exam. Candidates who do not yet meet the CCISO requirements can pursue the Associate CCISO program certification.

Overall learn Advanced security anytime and anywhere. We have 3 training options and we have award-winning IT courses. In turn identify and implement client side and integration technologies. Thus learn how to create and manage your own security features.

Part-Time

Fast forward your career in the IT industry with a part-time CCISO Courses South Africa at School of IT. All in all the Part-time CCISO courses that allow working professionals to transition into a new skill set while working. In turn at School of IT we are agile and can customize an IT course to the individual. Start anytime and choose your hours!

Full Time

Are you ready to start a career in IT? In turn learn about security and cyber security as a full time student at School of IT. Thus beginning your career as a Cyber Security Analyst. Start anytime and manage your own contact hours with your mentor!

High School

In addition prepare for the future by learn about advanced security for networks while you’re still in high school. Have the option to get internationally accredited and recognized before you even finish school!

Corporate

All in all upskill yourself or your company by learning about about cybersecurity while you’re working. Thus no matter where you are, you can upskill yourself and get internationally accredited and recognized in under 3 months!

CCISO Courses South Africa Outline

Domain 1: Governance and Risk Management 

Module 1: Governance

• Introduction to Governance
• Information Security Governance

Module 2: Information Security Management Structure

• Introduction
• Sizing
• Management Structure

Module 3: Principles of Information Security

• Principles of Information Security
• CIA Traid
• Security Vulnerabilities, Threats, Risks, and Exposures
• Cyberattack Elements
• Defence-in-depth

Module 4: Risk Management

• Risk Management Programme
• Approach
• Process
• Method
• Best Practice Frameworks for Risk Management

Module 5: Management and Technical Information Security Elements

• Management and Technical Information Security Elements
• Security Programme Plan
• Security Policies, Standards, and Guidelines
• Asset Security
• Identity and Access Management
• Security Engineering
• Security Operations
• Software Development Security
• Security Assessments and Testing
• Security Training and Awareness
• Business Continuity and Disaster Recovery

Module 6: Compliance

• Compliance
• Compliance Team
• Compliance Management

Module 7: Privacy

• Privacy
• Privacy Impact Assessment
• Privacy and Security

Module 8: Laws and Regulatory Drivers

• Laws and Regulatory Drivers

• Federal Information Security Modernisation Act
• Defence Federal Acquisition Regulation Supplement 252.204-7012
• Who Does DFARS 252.204-7012 Apply to?
• How Does Compliance Impact an Organisation?
• Clinger-Cohen Act
• Payment Card Industry Data Security Standard
• Who Does PCI DSS Apply to?
• Privacy Act of 1974
• GRAMM-LEACH-BLILEY ACT
• Health Insurance Portability and Accountability Act
• Family Educational Rights and Privacy Act
• SARBANES-OXLEY ACT
• General Data Protection Regulation

Module 9: Standards and Frameworks

• ISO/IEC 27000 Series
• ISO/IEC 27001
• NIST Cybersecurity Framework
• Federal Information Processing Standards
• Privacy Shield
• COBIT

Module 10: Information Security Trends and Best Practices

• Information Security Trends and Best Practices

• Open Web Application Security Project
• Cloud Security Alliance
• Centre for Internet Security

Module 11: Information Security Training and Certifications

• International Information System Security Certification Consortium
• ISACA
• International Council of E-Commerce Consultants
• Sans Institute
• Computing Technology Industry Association
• International Association of Privacy Professionals
• Offensive Security

Module 12: Ethics

• Introduction to Ethics

Domain 2: Information Security Controls, Compliance, and Audit Management

Module 13: Information Security Controls

• Control Fundamentals
• Control Frameworks

Module 14: Information Security Control Life Cycle

• Information Security Control Life Cycle
• Risk Assessment
• Design
• Implementation
• Assessment
• Monitoring

Module 15: Information Security Control Life Cycle Frameworks

• NIST SP
• NIST Risk Management Framework
• NIST Cybersecurity Framework
• ISO/IEC 27000

Module 16: Information Security Control Frameworks

• Components of Exploring Information Security Control Frameworks
• NIST SP 800-53
• NIST Cybersecurity Framework
• ISO/IEC 27002
• CIS Critical Security Controls
• CSA Cloud Controls Matrix

Module 17: Auditing for the CISO

• Auditing for the CISO
• Audit Management
• Audit Process
• Control Self-assessments
• Continuous Auditing
• Specific Types of Audits and Assessments

Domain 3: Security Programme Management and Operations

Module 18: Security Programme Management

• Security Areas of Focus
• Security Streams of Work
• Security Projects

Module 19: Security Programme Budgets, Finance, and Cost Control

• Establishing the Budget
• Managing and Monitoring Spending
• Security Programme Resource Management: Building the Security Team

Module 20: Project Management

• Project Management Fundamentals
• Phases of Project Management
• Initiating
• Planning
• Executing
• Monitoring and Controlling
• Closing

Domain 4: Information Security Core Competencies

Module 21: Malicious Software and Attacks

• Malware
• Scripting and Vulnerability-Specific Attacks

Module 22: Social Engineering

• Types of Social Engineering Attacks
• Why Employees are Susceptible to Social Engineering?
• Social Engineering Defences

Module 23: Asset Security

• Asset Inventory and Configuration
• Secure Configuration Baselines
• Vulnerability Management
• Asset Security Techniques

Module 24: Data Security

• Data at Rest
• Data in Transit
• Data in Use
• Data Life Cycle

Module 25: Identity and Access Management

• Identity and Access Management Fundamentals
• Identity Management Technologies
• Authentication Factors and Mechanisms
• Access Control Principles
• Access Control Models
• Access Control Administration
• Identity and Access Management Life Cycle

Module 26: Communication and Network Security

• WANs and LANs
• IP Addressing
• Network Address Translation
• Network Protocols and Communications
• Wireless
• Network Technologies and Defences

Module 27: Cryptography

• Cryptography
• Cryptographic Definitions
• Cryptographic Services
• Symmetric, Asymmetric, And Hybrid Cryptosystems
• Hash Algorithms
• Message Authentication Codes
• Digital Signatures
• Public Key Infrastructure

Module 28: Cloud Security

• Cloud Security
• Cloud Computing Characteristics
• Cloud Deployment Models
• Cloud Service Models
• Cloud Security Risks and Assurance Levels
• Cloud Security Resources

Module 29: Physical Security

• Making Security Decisions
• Physical Security Threats
• Physical Security Programme Planning
• Physical Security Resources
• Physical Security Controls
• Physical Security Auditing and Measurement

Module 30: Personnel Security

• Personnel Security
• Software Development Security
• Integrating Security into the SDLC
• Security SDLC Roles and Responsibilities
• Software Vulnerabilities
• Secure Coding Practices
• Software Vulnerability Analysis and Assessments

Module 31: Forensics, Incident Handling, and Investigations

• Relevant Law
• Logging and Monitoring
• Incident Response and Investigations
• Forensics and Digital Evidence

Module 32: Security Assessment and Testings

• Introduction to Security Assessment and Testings
• Vulnerability Assessments
• Penetration Testing
• Security Programme Assessments

Module 33: Business Continuity and Disaster Recovery

• Introduction to Business Continuity and Disaster Recovery
• Continuity Planning Initiation
• Business Impact Analysis
• Identify Preventive Controls
• Develop Recovery Strategies and Solutions
• Develop the Plan
• Test the Plan
• Maintain the Plan

Domain 5: Strategic Planning, Finance, Procurement, and Vendor Management

Module 34: Strategic Planning 

• Introduction to Strategic Planning
• Organisational Strategic Planning
• Organisational Strategic Planning Teams
• Strategic Planning Process
• Security Strategic Plan

Module 35: Making Security Decisions

• Introduction to Making Security Decisions
• Enterprise Architecture

Module 36: Financial Management

• Financial Management
• Accounting and Finance Basics
• Information Security Annual Budget

Module 37: Procurement and Vendor Management

• Overview of Procurement and Vendor Management
• Procurement Core Principles and Processes
• Types of Contracts
• Scope Agreements
• Third-party Vendor Risk Management

The career prospects for CCISO graduates are excellent and high in demand. Computers is everywhere: on all platforms and devices and in all countries around the world!

• Security Analyst.
• Security Engineer.
• Security Architect.
• Security Administrator.
• Security Software Developer.
• Cryptographer.
• Cryptanalyst.
• Security Consultant.