For more information about CSM-ACE 2019, please contact: 
  • |
  • +603 8800 7999

Certified Information Security Awareness Manager (CISAM)

Date 24 – 25 September 2019
Time 8.30 am - 5.00 pm
Venue Royale Chulan, Kuala Lumpur, Malaysia
Fee Training: RM3,050.00 | Exam: RM800.00 (Fees exclude 6% SST)
Level Certification

Certified Information Security Awareness Manager (CISAM) is a 2 days hands-on training and certification programme that provides the essential know-how, enabling information security professionals to develop and manage an effective security awareness programme for their organization.

  1. Identify the “As-Is” state of your organisation’s awareness and competence levels;
  2. Understand the difference between awareness, training and education;
  3. Build and maintain a comprehensive awareness and competence programme, as part of an organisation’s information security programme;
  4. Identify awareness, training and competence needs, develop a training plan, and get organisational buy-in for the funding of awareness and competence programme efforts;
  5. Select awareness, training and competence topics; Find sources of awareness and training materials;
  6. Implement awareness and training material, using various methods;
  7. Evaluate the effectiveness of the programme; Understanding and overcoming the obstacles to success; Update and improve the focus of technology and organisational priorities change; and
  8. Create an effective social engineering assessment programme.
  1. Information security officers / ISMS managers
  2. C-level executives
  3. Security auditors, risk and compliance managers
  4. Training managers / Human resource managers
  5. Anyone responsible to plan and execute security awareness

The CISAM examination is certified by the Global ACE Scheme. The examination framework is designed to align with a set of relevant Knowledge, Skills and Attitudes (KSA) that are necessary for an Information Security Awareness Manager. Candidates will be tested via a combination of either continual assessment (CA), multiple choice (MC), theory/underpinning knowledge assessment (UK), practical assessment (PA), assignments (AS) and case studies (CS) as required.

Candidates can take the examination at authorized examination centres in participating scheme member countries. Candidates who have successfully passed the CISAM examination will be eligible to apply as an associate or professional member by fulfilling the membership criteria defined under the Global ACE Scheme.


  1. The difference between “awareness” and “behavior”
  2. The elements of risks and analysis on why humans are the weakest link
  3. The learning continuum: awareness, training and education

Designing an Awareness and Competence Programme

  1. Structuring an organizational awareness and training programme
  2. Conducting awareness and training needs assessment
  3. Developing an awareness and training strategy and plan
  4. Establishing priorities
  5. Setting the bar
  6. Funding the security awareness and training programme

Developing Awareness and Competence Material

  1. Developing awareness material: selecting topics and sources of
  2. awareness materials
  3. Developing training material: a model for building training
  4. courses and sources for training courses

Implementing the Awareness and Competence Programme

  1. Communicating the plan
  2. Various techniques for delivering awareness material
  3. Reinforcement of learning


  1. How to monitor compliance
  2. Evaluation and feedback
  3. Using metrics to measure the impact of the awareness programme, including how to effectively run phishing assessments
  4. Managing change

Overcome Obstacles to Success

  1. Obstacles to success
  2. Critical success factors
  • 2 x tea break and 1 lunch for 2 day training
  • Exam Voucher worth RM1,196