CISM Certification Preparation Specialization

CISM Certification Preparation Specialization

Lead the Future of Cybersecurity Today.

Master Governance, Risk, Security programs, and Incident Management to pass CISM confidently.

Instructor: LearnKartS

Access provided by Universitas Indonesia

4 course series

Get in-depth knowledge of a subject

Beginner level

No prior experience required

4 weeks to complete

at 10 hours a week

Flexible schedule

Learn at your own pace

4 course series

Get in-depth knowledge of a subject

Beginner level

No prior experience required

4 weeks to complete

at 10 hours a week

Flexible schedule

Learn at your own pace

What you'll learn

Master Information Security Governance, Risk Management, Program Development, and Incident Management to become a strategic security leader.
Align security strategies with business goals, create risk management frameworks, and develop security programs that drive measurable business value.
Learn toidentify, assess, and mitigate risks using NIST, ISO 27005, and FAIR to protect your organization and manage risk effectively.
Lead incident response, manage recovery, and ensure business continuity with proven methods to strengthen resilience and minimize downtime.

Details to know

Shareable certificate

Add to your LinkedIn profile

Taught in English

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

Advance your subject-matter expertise

Learn in-demand skills from university and industry experts
Master a subject or tool with hands-on projects
Develop a deep understanding of key concepts
Earn a career certificate from LearnKartS

Specialization - 4 course series

Ready to move beyond technical security and step into enterprise security leadership?

Today’s organizations don’t just need analysts — they need professionals who can govern, manage risk, build structured security programs, and lead incident response with confidence. This CISM-aligned specialization is designed to build exactly those capabilities.

Through four integrated courses, you will learn Information Security Governance, Risk Management, Program Development, and Incident Management — the key foundation of enterprise security executive leadership.

You will learn how to align security and business strategy, define accountability using RACI tracks and governance models, assess and quantify risk with methods such as ALE, FAIR, NIST, or ISO 27005 frameworks; design and execute security programs; implement defense in depth controls; govern third-party risk; and manage structured incident response/recovery/continuity plans.

Unlike other courses with a focus on theory, this specialization ties together strategy, risk, execution, and resilience into one practical, business-first framework that fits you for real leadership positions.

Excellent for aspiring CISM professionals, security managers, risk analysts, program leads, IR leaders, and governance practitioners targeting senior/executive roles.

Enroll now and build the complete skillset required to lead enterprise information security with impact.

Applied Learning Project

This CISM Certification Preparation Specialization is designed to build yourexpertisein information security governance, risk management, program development, and incident management. It teaches you how security strategies are aligned with business goals and helps you understandenterprise governance principles,as well as legal and regulatory requirements. The course covers risk identification,analysismethods like ALE and FAIR, risk evaluation, and response strategies.You’llalso master the development of security programs, including asset classification, framework implementation, and policy execution. Lastly, the program addresses incident management, disaster recovery, and response planning, preparing you for the CISM exam and real-world security management roles.

Information Security Governance

Course 1 13 hours

What you'll learn

Master theCISM frameworkandleverageits principles to drive impactful Information Security Governance across your organization.
Build a business-aligned Information Security strategy that delivers measurable value, integrates with goals, and drives enterprise success.
Define clear roles and responsibilities using RACI and governance models to ensureaccountabilityandoptimizeorganizational efficiency.
Implement advanced risk assessment techniques and performance metrics to execute and continuously improve your InfoSec strategy.

Skills you'll gain

Category: Enterprise Risk Management (ERM)

Category: Regulatory Compliance

Category: Strategic Planning

Category: Business Continuity Planning

Category: Governance

Category: Risk Management Framework

Category: Cyber Governance

Category: Law, Regulation, and Compliance

Category: Stakeholder Management

Category: Policy Development

Category: Record Keeping

Category: Business Development

Category: Security Management

Category: Contract Compliance

Category: Risk Management

Category: Compliance Management

Category: Security Strategy

Category: Security Controls

Category: Business Risk Management

Category: Performance Measurement

Information Security Risk Management

Course 2 11 hours

What you'll learn

Gain a deep understanding of Risk Management principles,includingrisk appetite,tolerance, and capacity to drive informed decision-making.
Master risk identification techniques to assess threats, vulnerabilities, and existing controls, and create comprehensive risk registers.
Learn qualitative and quantitative risk analysis methods like ALE, FAIR, and PRA to evaluate and prioritize risks effectively.
Develop risk response strategies, define ownership, & build communication frameworks to monitor, report, & mitigate risks across the organization.

Skills you'll gain

Category: Business Risk Management

Category: Enterprise Risk Management (ERM)

Category: Stakeholder Engagement

Category: Vulnerability Assessments

Category: Risk Management Framework

Category: Threat Detection

Category: Stakeholder Communications

Category: Risk Modeling

Category: Threat Management

Category: Security Controls

Category: Vulnerability Management

Category: Risk Analysis

Category: Risk Control

Category: Cyber Risk

Category: Vulnerability

Category: Risk Mitigation

Category: Risk Appetite

Category: Risk Management

Information Security Program Management

Course 3 18 hours

What you'll learn

Build and align a comprehensive Information Security Program that directly supports business goals and addresses modern security challenges.
Master industry standards and frameworks to create actionable InfoSec policies, roadmaps, and strategic execution plans for long-term success.
Identifyand classify critical assets, designlayered securitycontrols,andintegrate risk management across all stages of your program.
Develop high-impact security awareness programs, manage third-party access, and continuously evaluate and improve your InfoSec program’s performance.

Skills you'll gain

Category: Security Requirements Analysis

Category: Continuous Monitoring

Category: Asset Management

Category: Cybersecurity

Category: Security Controls

Category: Product Roadmaps

Category: Information Management

Category: Security Management

Category: IT Security Architecture

Category: Supplier Management

Category: Vendor Management

Category: Program Management

Category: Cyber Security Policies

Category: Security Strategy

Category: Compliance Management

Category: Risk Management Framework

Category: Computer Security Awareness Training

Category: Security Awareness

Category: Continuous Improvement Process

Category: Quality Management

Information Security Incident Management

Course 4 12 hours

What you'll learn

Master Incident Managementfromimportancetorecovery, equipping you with the tools to handle any crisis efficiently.
Develop and implement effective Incident Response Plans, integrating Business Impact Analysis (BIA) & Business Continuity Management (BCM) strategies
Build disaster recovery strategies, selectoptimalrecovery sites, and execute critical actions to minimize business disruption.
Gain hands-on experience with incident investigation, containment, eradication, and post-incident reviews to ensure continuous improvement.