Cart 0

EC-Council Certified CISO Training CCISO v3
Course 2026
5 DAY COURSE

Course Outline

The Certified CISO (CCISO) EC-Council program is the first of its kind training and certification program aimed at producing top-level information security executives. The CCISO does not focus solely on technical knowledge but on applying information security management principles from an executive management point of view. Each segment of the program has been developed with the aspiring CISO in mind and looks to transfer the knowledge of seasoned professionals to the next generation in the most critical areas in developing and maintaining a successful information security program.

U.S. DoDM 8140.03
APPROVED BY DEPARTMENT OF DEFENSE

EC-Council Certified CISO Training CCISO v3 Benefits

  • In this CISO training, you will learn how to:

    • Prepare for the CCISO exam.
    • Navigate the day-to-day responsibilities of a CISO.
    • Consider the technical aspects of the CISO role from an executive perspective.
    • Plan security and financial strategies.
    • Align CISO tasks with business goals and risk tolerance.

  • Prerequisites

    Five years of IS management experience in each of the 5 CCISO domains verified via the Exam Eligibility Application

  • Certification Information

    In order to sit the exam, you must have five years of IS management experience in each of the 5 CCISO domains.

    Once the application has been approved, instructions for purchasing a Pearson VUE voucher will be issued. Applicants who do not meet these requirements can sit for the EC-Council Information Security Manager (E|ISM) exam as part of the Associate CCISO Program.

    This is an EC-Council certification prep course. Click here to view more EC-Council certification prep training ›

CCISO Certification Course Information

Domain 1: Governance (Policy, Legal, and Compliance)

  • Information Security Management Program
  • Defining an Information Security Governance Program
  • Regulatory and Legal Compliance
  • Risk Management

Domain 2: IS Management Controls and Auditing Management

  • Designing, deploying, and managing security controls
  • Understanding security controls types and objectives
  • Implementing control assurance frameworks
  • Understanding the audit management process

Domain 3: Security Program Management & Operations

  • The role of the CISO
  • Information Security Projects
  • Integration of security requirements into other operational processes (change management, version control, disaster recovery, etc.)

Domain 4: Information Security Core Concepts

  • Access Controls
  • Physical Security
  • Disaster Recovery and Business Continuity Planning
  • Network Security
  • Threat and Vulnerability Management
  • Application Security
  • System Security
  • Encryption
  • Vulnerability Assessments and Penetration Testing
  • Computer Forensics and Incident Response

Domain 5: Strategic Planning, Finance, & Vendor Management

  • Security Strategic Planning
  • Alignment with business goals and risk tolerance
  • Security emerging trends
  • Key Performance Indicators (KPI)
  • Financial Planning
  • Development of business cases for security
  • Analyzing, forecasting, and developing a capital expense budget
  • Analyzing, forecasting, and developing an operating expense budget
  • Return on Investment (ROI) and cost-benefit analysis
  • Vendor management
  • Integrating security requirements into the contractual agreement and procurement process
Course Dates
Attendance Method
Note about the Certification Exam

The exam is not included in the tuition. DIR will cover the cost if you choose to take the exam. When you register for the course, you will be prompted to choose Y/N to take the exam. Please be advised that if you do choose to take the exam, the Certification Organization has agreed to provide DIR the pass/fail status of your exam. DIR will only share this information in an aggregated report to state leadership that reflects total exam pass or fails. No individual names of any students will be included in any reports.

If you wish to pursue certification, DIR requires that you submit the request within one month of the last day of your course to request your exam voucher. DIR requires that you take your exam within six months of the last day of your course.

Additional comments or questions (optional)

Private Team Training

Interested in courses outside the scope of the DIR InfoSec Academy? Your organization has the option to purchase additional courses for your team through our DIR IT training contract DIR-TSO-4006