Permanent link: [Article]-Course Review: Path to the ISAM
Course Review by Wardell Motley
I recently had the opportunity to travel to Colorado Springs, Co. and took the Information Security Assessment Methodology (ISAM) course by Security Horizon. The ISAM, which was formerly the NSA-IAM\IEM, course has now been merged into a combined 3-day, 24-hour course.
The ISAM was created by examining the processes and techniques implemented within the information security community by seasoned assessors from both industry and government sectors. The purpose of the ISAM is to provide a detailed systematic standard for the community to perform an information security assessment by thoroughly examining cyber vulnerabilities. Unlike other courses, the ISAM concentrates heavily on the actual methods and processes of an assessment and is not a tool-based or theory-heavy course.
Although no class can teach the fundamentals or give the experience of being able to communicate effectively with the target audience, the ISAM provides a roadmap on how to deal with flaky answers from executives and scared employees that fear their answers may end up putting them out of a job.