What makes this specialization different from other CISM courses?

This specialization provides a comprehensive learning path, focusing not only on CISM exam content but also on real-world applications. With hands-on experience in program development, incident management, and risk assessment, you’ll be equipped to lead and execute InfoSec strategies successfully.

What career opportunities will this specialization open for me?

Upon completing the CISM Certification training specialization, you will be qualified for top positions like CISO, InfoSec Program Manager, Risk Manager, and Compliance Officer. The skills gained in this specialization will significantly increase your marketability in the cybersecurity job market.

What practical skills will I gain from this specialization?

You’ll learn to develop InfoSec programs, apply industry frameworks, assess security risks, and manage incidents. These skills are critical for CISM exam preparation and will make you proficient in leading security initiatives in real-world scenarios.

Is this course really 100% online? Do I need to attend any classes in person?

This course is completely online, so there’s no need to show up to a classroom in person. You can access your lectures, readings and assignments anytime and anywhere via the web or your mobile device.

Can I just enroll in a single course?

Yes! To get started, click the course card that interests you and enroll. You can enroll and complete the course to earn a shareable certificate. When you subscribe to a course that is part of a Specialization, you’re automatically subscribed to the full Specialization. Visit your learner dashboard to track your progress.

Is financial aid available?

Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.

Can I take the course for free?

No, you cannot take this course for free. When you enroll in the course, you get access to all of the courses in the Specialization, and you earn a certificate when you complete the work. If you cannot afford the fee, you can apply for financial aid.

Will I earn university credit for completing the Specialization?

This Specialization doesn't carry university credit, but some universities may choose to accept Specialization Certificates for credit. Check with your institution to learn more.

CISM Certification Preparation 专项课程

Save on skills that make you shine with 40% off 3 months of Coursera Plus. Save now

CISM Certification Preparation 专项课程

Lead the Future of Cybersecurity Today.

Master Governance, Risk, Security programs, and Incident Management to pass CISM confidently.

位教师：LearnKartS

包含在中

了解更多

4 门课程系列

深入学习学科知识

初级等级

无需具备相关经验

4 周完成

在 10 小时一周

灵活的计划

自行安排学习进度

4 门课程系列

深入学习学科知识

初级等级

无需具备相关经验

4 周完成

在 10 小时一周

灵活的计划

自行安排学习进度

您将学到什么

Master Information Security Governance, Risk Management, Program Development, and Incident Management to become a strategic security leader.
Align security strategies with business goals, create risk management frameworks, and develop security programs that drive measurable business value.
Learn toidentify, assess, and mitigate risks using NIST, ISO 27005, and FAIR to protect your organization and manage risk effectively.
Lead incident response, manage recovery, and ensure business continuity with proven methods to strengthen resilience and minimize downtime.

要了解的详细信息

可分享的证书

添加到您的领英档案

授课语言：英语（English）

了解顶级公司的员工如何掌握热门技能

了解关于 Coursera for Business 的更多信息

Petrobras, TATA, Danone, Capgemini, P&G 和 L'Oreal 的徽标

精进特定领域的专业知识

向大学和行业专家学习热门技能
借助实践项目精通一门科目或一个工具
培养对关键概念的深入理解
通过 LearnKartS 获得职业证书

专业化 - 4门课程系列

Ready to move beyond technical security and step into enterprise security leadership?

Today’s organizations don’t just need analysts — they need professionals who can govern, manage risk, build structured security programs, and lead incident response with confidence. This CISM-aligned specialization is designed to build exactly those capabilities.

Through four integrated courses, you will learn Information Security Governance, Risk Management, Program Development, and Incident Management — the key foundation of enterprise security executive leadership.

You will learn how to align security and business strategy, define accountability using RACI tracks and governance models, assess and quantify risk with methods such as ALE, FAIR, NIST, or ISO 27005 frameworks; design and execute security programs; implement defense in depth controls; govern third-party risk; and manage structured incident response/recovery/continuity plans.

Unlike other courses with a focus on theory, this specialization ties together strategy, risk, execution, and resilience into one practical, business-first framework that fits you for real leadership positions.

Excellent for aspiring CISM professionals, security managers, risk analysts, program leads, IR leaders, and governance practitioners targeting senior or executive roles.

Enroll now and step into enterprise security leadership with clarity, capability, and impact.

应用的学习项目

This CISM Certification Preparation Specialization is designed to build your expertise in information security governance, risk management, program development, and incident management. It teaches you how security strategies are aligned with business goals and helps you understand enterprise governance principles, as well as legal and regulatory requirements.

The course covers risk identification, analysis methods like ALE and FAIR, risk evaluation, and response strategies. You’ll also master the development of security programs, including asset classification, framework implementation, and policy execution. Lastly, the program addresses incident management, disaster recovery, and response planning, preparing you for the CISM exam and real-world security management roles.

Information Security Governance

第 1 门课程, 小时

您将学到什么

Master theCISM frameworkandleverageits principles to drive impactful Information Security Governance across your organization.
Build a business-aligned Information Security strategy that delivers measurable value, integrates with goals, and drives enterprise success.
Define clear roles and responsibilities using RACI and governance models to ensureaccountabilityandoptimizeorganizational efficiency.
Implement advanced risk assessment techniques and performance metrics to execute and continuously improve your InfoSec strategy.

您将获得的技能

类别：Security Strategy

类别：Cyber Security Strategy

类别：Cyber Governance

类别：Security Management

类别：Governance

类别：Enterprise Risk Management (ERM)

类别：Governance Risk Management and Compliance

类别：Risk Management

类别：Regulatory Compliance

类别：Policy Development

类别：Regulation and Legal Compliance

类别：Strategic Planning

类别：Stakeholder Management

类别：Compliance Management

类别：Risk Management Framework

类别：Performance Measurement

类别：Business Development

类别：Business Continuity Planning

类别：Contract Compliance

类别：Security Controls

Information Security Risk Management

第 2 门课程, 小时

您将学到什么

Gain a deep understanding of Risk Management principles,includingrisk appetite,tolerance, and capacity to drive informed decision-making.
Master risk identification techniques to assess threats, vulnerabilities, and existing controls, and create comprehensive risk registers.
Learn qualitative and quantitative risk analysis methods like ALE, FAIR, and PRA to evaluate and prioritize risks effectively.
Develop risk response strategies, define ownership, & build communication frameworks to monitor, report, & mitigate risks across the organization.

您将获得的技能

类别：Risk Management

类别：Risk Analysis

类别：Risk Management Framework

类别：Risk Appetite

类别：Stakeholder Communications

类别：Threat Management

类别：Risk Control

类别：Vulnerability Management

类别：Enterprise Risk Management (ERM)

类别：Threat Detection

类别：Risk Mitigation

类别：Stakeholder Engagement

类别：Business Risk Management

类别：Security Management

类别：Threat Modeling

类别：Risk Modeling

类别：Vulnerability Assessments

类别：Vulnerability

类别：Cyber Risk

类别：Security Controls

Information Security Program Management

第 3 门课程, 小时

您将学到什么

Build and align a comprehensive Information Security Program that directly supports business goals and addresses modern security challenges.
Master industry standards and frameworks to create actionable InfoSec policies, roadmaps, and strategic execution plans for long-term success.
Identifyand classify critical assets, designlayered securitycontrols,andintegrate risk management across all stages of your program.
Develop high-impact security awareness programs, manage third-party access, and continuously evaluate and improve your InfoSec program’s performance.

您将获得的技能

类别：Security Controls

类别：Security Management

类别：Program Development

类别：Computer Security Awareness Training

类别：Security Strategy

类别：Continuous Monitoring

类别：Cyber Security Policies

类别：Program Management

类别：Cyber Security Strategy

类别：Security Awareness

类别：Technology Roadmaps

类别：Continuous Improvement Process

类别：Information Management

类别：Cybersecurity

类别：IT Security Architecture

类别：Enterprise Security

类别：Quality Management

类别：IT Management

类别：Vendor Management

类别：Asset Management

Information Security Incident Management

第 4 门课程, 小时

您将学到什么

Master Incident Managementfromimportancetorecovery, equipping you with the tools to handle any crisis efficiently.
Develop and implement effective Incident Response Plans, integrating Business Impact Analysis (BIA) & Business Continuity Management (BCM) strategies
Build disaster recovery strategies, selectoptimalrecovery sites, and execute critical actions to minimize business disruption.
Gain hands-on experience with incident investigation, containment, eradication, and post-incident reviews to ensure continuous improvement.

您将获得的技能

类别：Incident Response

类别：Incident Management

类别：Disaster Recovery

类别：Business Continuity Planning

类别：Computer Security Incident Management

类别：Business Continuity

类别：Investigation

类别：Digital Forensics

类别：Risk Mitigation

类别：Threat Management

类别：Legal Risk

类别：Team Management

类别：Gap Analysis

类别：Security Management

类别：Governance Risk Management and Compliance

类别：Performance Improvement

类别：Continuous Improvement Process

类别：Crisis Management

获得职业证书

将此证书添加到您的 LinkedIn 个人资料、简历或履历中。在社交媒体和绩效考核中分享。

位教师

LearnKartS

160 门课程205,810 名学生

提供方

LearnKartS

人们为什么选择 Coursera 来帮助自己实现职业发展

Felipe M.

自 2018开始学习的学生

''能够按照自己的速度和节奏学习课程是一次很棒的经历。只要符合自己的时间表和心情，我就可以学习。'

Jennifer J.

自 2020开始学习的学生

''我直接将从课程中学到的概念和技能应用到一个令人兴奋的新工作项目中。'

Larry W.

自 2021开始学习的学生

''如果我的大学不提供我需要的主题课程，Coursera 便是最好的去处之一。'

Chaitanya A.

''学习不仅仅是在工作中做的更好：它远不止于此。Coursera 让我无限制地学习。'

通过 Coursera Plus 开启新生涯

无限制访问 10,000+ 世界一流的课程、实践项目和就业就绪证书课程 - 所有这些都包含在您的订阅中

了解更多

通过在线学位推动您的职业生涯

获取世界一流大学的学位 - 100% 在线

探索学位

加入超过 3400 家选择 Coursera for Business 的全球公司

提升员工的技能，使其在数字经济中脱颖而出

了解更多

常见问题

Yes! This specialization begins with some introductory information security management concepts before moving on to more advanced topics. It's not only made for newcomers to information security, but also veterans who want to earn their CISM certification.

The CISM exam assesses your ability to plan, design, and evaluate information security programs. The specialization focuses on the CISM domains, giving you the necessary knowledge in governance, risk management, incident response, and program management so that you can be confident when taking your exam.

This specialization is ideal for information security professionals, IT managers, and risk managers who wish to enhance their skills and earn the CISM certification. It’s also perfect for anyone looking to step into a leadership role in cybersecurity and information security management.