CvCISO-1 Foundation Course - April 9th through June 20th, 2024

The official curriculum for all levels of the SecurityStudio Certified virtual Chief Information Security Officer (CvCISO®) certification. SecurityStudio's CvCISO® certification sets the first universal standard for vCISO excellence.

10 weeks - 10 modules - 60 hours of instructor-led content modules - Hands-on learning - Dedicated to Information Security fundamentals - Vetted exam questions - 60 hours of extra learning materials - Official certification - 100% self-paced

This course was written by renowned information security veteran and expert Evan Francen.  Read about him here.

The certified standard for practicing and aspiring vCISOs

(But don’t take our word for it.)

5 star rating

Astoundingly Good!!!

Chris Rule

The depth and rigor of this class is not for the average student, or someone wanting to simply pay for a certification. The course material is spot-on and relevant for an experienced CISO or anyone looking to break into an Information Security ro...

Read More

The depth and rigor of this class is not for the average student, or someone wanting to simply pay for a certification. The course material is spot-on and relevant for an experienced CISO or anyone looking to break into an Information Security role. This course takes a lot of work, but you'll come away with a greater understanding and more complete skillset than from any other vCISO course available. I highly recommend this course!

Read Less

Course Description

The Certified virtual Chief Information Security Officer Course (CvCISO-1) is the intense foundational course for the SecurityStudio CvCISO® Program and is the required course for all CvCISO®  certifications.

This course covers all the basics of what a vCISO is and what a vCISO does. Students from all backgrounds and all levels of experience will benefit from this course.

Students with no information security experience will gain an understanding of what makes a vCISO successful. These students will also attain enough knowledge to pass the CvCISO-1 exam and perform as a vCISO in limited environments with assistance (See: CvCISO®  Level 1).

Students with many years information security experience will gain a better, more formalized understanding of how other (possibly more) successful vCISOs perform on the job. Students on the top end of the experience scale will attain enough knowledge to pass the exam and potentially attain the CvCISO®  Level 3 or Expert designation.


The live classes for this CvCISO-1 session are open for registration now which gives you access to the course content so you can start learning NOW

This class is a prerequisite for taking the CvCISO-1 Certification Exam. Completing the CvCISO-1 course and passing the exam earns the student the designation of “CvCISO® ”.

Classes are taught Monday, Tuesday, and Wednesday evenings from 6pm - 8pm Central Time (CT) and runs for 10 weeks. All class are taught LIVE and recorded to accommodate the occasional missed class. Recorded sessions are also available to assist students in their studies.

Course Outline

There are ten chapters in the CvCISO-1 course. Each chapter covers one or more topics that are essential to the success of a certified vCISO (CvCISO® ).

Course Length

The CvCISO-1 course runs for ten weeks and includes 30 instructor-led 2-hour sessions (60 classroom hours in total). In addition to the classroom hours, students are expected to complete an additional 60 hours of practical assignments and study (to be successful).

Course Cost

The cost of the course is $3,000/student.

The cost of the course includes the CvCISO-1 examination fee (and retakes, if necessary).

"I have learned a ton from the Security Studio CvCISO training/certification. As a Virtual CISO, I have put the fundamentals and lessons learned into real world conversations with our clients and am adding additional value to our relationships. I also have been told by my peers that my knowledge and ability to add value has increased exponentially.”
- Philip G.

Course Curriculum

Chapter 1 - Introduction to the CvCISO Program

(1 Lesson/2 Hours)

Covers everything there is to know about the SecurityStudio Certified virtual Chief Information Security Officer Program and how to be successful with it.

Chapter 2 - Information Security Fundamentals

(15 Lessons/30 Hours)

The most intense portion of the CvCISO-1 course, this chapter introduces information security fundamentals without shortcuts and builds mastery critical to vCISO success.

Chapter 3 – vCISO/Customer Relationship

(1 Lesson/2 Hours)

This chapter covers setting the appropriate expectations and communicating effectively, especially with people who don’t speak the information security language natively.

Chapter 4 - Roles and Responsibilities

(1 Lesson/2 Hours)

This chapter covers how to establish good governance, including how to determine the most important roles, assigning the roles, and establishing accountability.

Chapter 5 - Risk Assessment

(3 Lessons/6 Hours)

In previous chapters, the vCISO should have established effective communication, determined (and assigned) roles, and established responsibilities. This chapter leverages previous work to conduct a comprehensive, objective, and measurable information security risk assessment. Students will learn how to lead an information security risk assessment and use SecurityStudio's S2Org to conduct one.

NOTE: Although S2Org is used in the class, CvCISO certification is NOT dependent upon using any SecurityStudio product.

Chapter 6 - Building a Roadmap

(2 Lessons/4 Hours)

Risk assessment is only one part of the risk management process. Learning how to use a risk assessment is where skill and experience are put to the test. Risk decisions must be made and resources must be allocated to enact the decisions. This chapter teaches students how to build, communicate, and adjust information security roadmaps.

Chapter 7 - Asset Management

(2 Lessons/4 Hours)

It's only logical that we can't protect what we don't know we have. Students learn how to build and maintain effective asset management programs in this chapter.

Chapter 8 - Incident Management

(2 Lessons/4 Hours)

Information security incidents are a certainty that all information security leaders need to be prepared for. In this chapter, students will learn how to build functional incident management capabilities and integrate them into an organization seamlessly.

Chapter 9 - Third Party Information Security Risk Management (TPISRM)

(1 Lesson/2 Hours)

More than half of all information security incidents are caused directly or indirectly by third parties. In this Chapter, students will learn how to build a comprehensive third-party information security risk management program from building an inventory of third-party relationships to risk management and contract requirements.

Students will use S2Vendor to conduct third-party information security risk management activities for demonstration; however, S2Vendor-specific skills are not required for CvCISO certification.

Chapter 10 - Maintaining Progress and Transition

(2 Lessons/4 Hours)

Information security processes must be continually maintained and eventually all vCISO contracts are terminated. In this Chapter, students learn strategies to ensure that information security progress is not lost and can be maintained over the long term. Students also learn how to gracefully transition vCISO leadership from themselves to someone else.

BONUS - CvCISO-1 Examination Preparation

(1 Lesson/2 Hours)

All the content has been delivered at this point. This session is dedicated to preparing the students for their certification examination.

About SecurityStudio and the CvCISO Program

SecurityStudio is 100% dedicated to the mission of serving our community by fixing the information security industry. Fixing the information security industry requires dedication to our vision, “SIMPLIFY INFORMATION SECURITY FOR ALL” and developing solutions to unsolved problems.

SecurityStudio’s Software as a Service (SaaS) platform, known as S2, has been used by thousands of organizations and individuals to help them manage information security risk and master information security fundamentals.

The CvCISO Program is the first certification program for virtual Chief Information Security Officers (vCISOs). The program was designed by SecurityStudio to develop more and better vCISOs to serve our community’s information security needs in a more credible and standardized manner.

We hope you will join us on our mission!

For more information about SecurityStudio, visit us online at