Domain 4: Information Security Incident Management Course

Course 4 covers ISACA CISM Domain 4, including principles of information security incident management.

4 hours, 45 minutes

Course description

CISM Domain 4 covers topics related to information security incident management, such as creating incident management and response plans; identifying and classifying incidents; tools and techniques for incident management; incident investigation, evaluation, containment and communication; incident eradication, recovery and review; business impacts and continuity; disaster recovery planning; and training, testing and evaluation of the incident response plan.


Domain 4: Information security incident management supplemental materials

File - 00:15:00

The supplemental materials for Domain 4 include documents with key terms, definitions, and other materials that will help students prepare for the ISACA CISM exam.
Domain 4: Information security incident management participant guide

File - 00:15:00

This participant guide includes the various slides that the instructor went over in the videos for Domain 4 so that participants can review the main ideas, as well as relevant charts, graphics, questions and activities.
Domain 4: Information security incident management course summary

Video - 00:03:00

A short summary of Domain 4, reviewing the main areas of focus related to information security incident management discussed in the preceding videos.
Training, testing and evaluation

Video - 00:45:00

This video details best practices for incident management training, the responsibilities of the IS manager in emergency response situations, measuring incident management program effectiveness, and more.
Disaster recovery planning

Video - 00:20:00

This chapter outlines steps an information security manager may need to take to recover and restore information systems and critical business processes after events such as security breaches, system failures, or natural disasters.
Business impact and continuity

Video - 00:38:00

In this video, the focus is on how to determine the business impacts an incident might have and protecting critical assets, information, systems, and processes by using tools such as a business impact analysis (BIA) and business continuity plan (BCP).
Incident eradication, recovery and review

Video - 00:20:00

This video describes the steps taken if an incident occurs, including determining the source of the incident and correcting it, recovering impacted systems, reviewing how and why the incident occurred to improve processes and deter future vulnerabilities, and legal or regulatory requirements for forensic evidence.
Incident investigation, evaluation, containment and communication

Video - 00:13:00

In this video, the instructor defines the differences between events and incidents and how to investigate, evaluate, contain and communicate about them.
Incident management operations, tools and technologies

Video - 00:27:00

This video covers the role of the information security manager in staying aware of how the security landscape is impacted by ever-changing online tools and technologies, the roles and responsibilities of the incident response team (IRT), and more.
Incident classification/categorization

Video - 00:11:00

Because not all incidents can be avoided and resources are not unlimited, this video illustrates ways in which incidents can be classified and categorized to make sure that the highest priority incidents are handled quickly and efficiently.
Incident management and response plans

Video - 00:47:00

This video defines an effective incident response plan (IRP), in which incidents are identified, detected, recorded and managed to limit impacts, policies and standards are well-defined and met, adequate resources are provided, and more.
Incident management and incident response overview

Video - 00:26:00

In this video, the instructor goes over the wide variety of information security events and incidents that could impact an enterprise and the differences between incident response and incident management, and the details of an incident management plan (IMP)..
Introduction to Domain 4: Information security incident management

Video - 00:04:00

The instructor provides a brief introduction to the learning objectives and an outline of the materials covered by the videos for Domain 4, which is weighted at 30% of the exam.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo

Award-winning training you can trust