The qualification of "Certified Information Security Officer" (CISM in English) refers to the personnel engaged in information security work in information security enterprises, information security consulting services, information security evaluation and certification institutions (including authorized evaluation institutions), social organizations, organizations, universities, enterprises and institutions, and technical departments (including standardization departments) related to information system (network) construction, operation and application management. Obtaining this registration qualification shows that they have the qualifications and abilities of information security officers and have passed the certification of China Information Security Product Evaluation and Certification Center.
Second, the scope of CISM qualification registration
CISM qualification registration is applicable to the following persons:
L network security technician
L IT or security consultant
L IT or security management personnel
Information technology auditor
L college students
People who have studied and studied information security technology.
L Information workers in institutions, enterprises and institutions
Three. CISM knowledge system
The knowledge system of "Certified Information Security Officer" covers the fields of information security guarantee foundation, information security technology, information security management, information security engineering and information security standards and regulations. "Registered Information Security Officer" training will provide students with comprehensive, systematic and professional basic knowledge and skills learning; In the technical field, students will be able to master and improve the knowledge and ability of operating system security, firewall, anti-virus, intrusion detection, password technology and application; In the field of management, students will be able to understand the basic knowledge of information security management and governance, and learn and establish the relevant knowledge and practical ability required by national policy requirements, risk assessment, disaster recovery and emergency response; In the field of engineering, students will be able to learn and understand the practice and experience of information security engineering management, consultation and supervision; In the field of standards and laws and regulations, students will be able to fully understand the laws and regulations related to national information security, as well as the standards and practical experience related to information security at home and abroad.