The CCISO Certification is an industry-leading program that recognizes the real-world experience necessary to succeed at the highest executive levels of information security. The CCISO program is a first-of-its-kind training and certification course that aims to produce cybersecurity executives of the highest caliber and ethics. Through the CCISO program, EC-Council will transfer the knowledge of experienced professionals to you, the next generation of leadership, by focusing on the most critical competencies required to develop and maintain a successful information security portfolio.


* Actual course outline may vary depending on offering center. Contact your sales representative for more information.

Learning Objectives

Please refer to course overview

  • Domain 1 – Governance

    • Define, Implement, Manage, and Maintain an Information Security Governance Program
    • Information Security Drivers
    • Establishing an information security management structure
    • Laws/Regulations/Standards as drivers of Organizational Policy/Standards/Procedures
    • Managing an enterprise information security compliance program
    • Risk Management 
    • Risk mitigation, risk treatment, and acceptable risk
    • Risk management frameworks
    • NIST
    • Other Frameworks and Guidance (ISO 31000, TARA, OCTAVE, FAIR, COBIT, and ITIL)
    • Risk management plan implementation
    • Ongoing third-party risk management
    • Risk management policies and processes
    • Conclusion

  • Domain 2 - Security Risk Management, Controls, & Audit Management

    • Information Security Controls
    • Compliance Management
    • Guidelines, Good and Best Practices
    • Audit Management
    • Summary

  • Domain 3 - Security Program Management and Operations

    • Program Management
    • Operations Management

  • Domain 4 - Information Security Core Concepts

    • Access Control
    • Physical Security
    • Network Security
    • Endpoint Protection
    • Application Security
    • Encryption Technologies
    • Virtualization Security
    • Cloud Computing Security
    • Transformative Technologies

  • Domain 5 - Strategic Planning, Finance, Procurement and Vendor Management

    • Strategic Planning
    • Designing, Developing, and Maintaining an Enterprise Information Security Program 
    • Understanding the Enterprise Architecture (EA) 
    • Finance
    • Procurement
    • Vendor Management
    • Summary


This course is designed for the aspiring or sitting upper-level manager striving to advance his or her career by learning to apply their existing deep technical knowledge to business problems.




Candidates interested in earning the C|CISO Certification must qualify via EC-Council’s Exam Eligibility application before sitting for the C|CISO Exam. Only students with at least five years of experience in three of the five domains are permitted to sit for the C|CISO Exam. Any student who does not qualify to sit for the exam or who does not fill out the application will be permitted to take the EC-Council Information Security Manager (EISM) exam and earn that certification. EISMs may then apply for the CCISO Exam once they have achieved the required years of experience.


Length: 4.0 days (32 hours)


Not Your Location? Change

Course Schedule:

Schedule select
9:00 AM ET -
5:00 PM ET
Schedule select
9:00 AM ET -
5:00 PM ET