加入 Systematic Facebook 擁躉群  

這個頁面上的內容需要較新版本的 Adobe Flash Player。

取得 Adobe Flash Player


想定期知道最新課程及優惠嗎?
免費訂閱本中心的課程通訊!

課堂錄影隨時睇 10 大優點之視像清晰:使用 LCD 闊螢幕來播放視像,可同時清楚觀看導師動作表情、白板上的圖畫文字、全螢幕的電腦實習畫面!

CISM 國際認可證書課程

  • 課程時間
  • 課程簡介
  • 課程特點
  • 考試須知
  • 課程內容

課程優惠!現凡同時報讀以下兩個課程:
即減 $420!

推介服務:課堂錄影隨時睇
編號 地點 可預約星期及時間 學費低至 85 折  
PP1812MV 旺角 一至五:11:30 - 22:30   六及日:10:30 - 21:30   (公眾假期休息) 95 折後只需 $2,261 按此報名
PP1812OV 觀塘 一至五:13:30 - 22:00   六及日:12:30 - 21:00   (星期三及公眾假期休息) 9 折後只需 $2,142 按此報名
PP1812PV 北角 一至五:13:30 - 22:00   六及日:12:30 - 21:00   (星期三及公眾假期休息) 9 折後只需 $2,142 按此報名
PP1812SV 沙田 一至五:13:30 - 22:00   六及日:12:30 - 21:00   (星期三及公眾假期休息) 85 折後只需 $2,023 按此報名
PP1812YV 屯門 一至五:13:30 - 22:00   六及日:12:30 - 21:00   (星期三及公眾假期休息) 85 折後只需 $2,023 按此報名
* 各政府部門可使用 P Card 付款  
免費試睇: 首 1 小時,請致電與本中心職員預約。 查看各地點電話
旺角 2332-6544
觀塘 3563-8425
北角 3580-1893
沙田 2151-9360
屯門 3523-1560
免費重睇: 學員可於享用時期內於報讀地點不限次數地重看課堂錄影,從而可反覆重溫整個課程!
導師解答: 學員可於觀看某一課堂錄影後提出課堂直接相關的問題,課程導師會樂意為學員以單對單的形式解答!
課時: 12 小時
享用時期: 報讀日至 4 星期內,進度由您控制,可快可慢。
課堂錄影導師: Franco (任教課程清單)
課堂錄影隨時睇: 詳情及示範片段


地區 地址 電話 教育局註冊編號
旺角 九龍旺角亞皆老街 109 號,皆旺商業大廈 18 樓 2332-6544 533459
觀塘 九龍觀塘成業街 7 號寧晉中心 12 樓 G2 室 3563-8425 588571
北角 香港北角馬寶道 41-47 號華寶商業大廈 3 樓 01-02 號舖 3580-1893 591262
沙田 新界沙田石門安群街 3 號京瑞廣場 1 期 10 樓 M 室 2151-9360 604488
屯門 新界屯門屯喜路 2 號屯門柏麗廣場 17 樓 1708 室 3523-1560 592552
注意! 客戶必須查問報讀學校的教育局註冊編號,以確認該校為註冊學校,以免蒙受不必要的損失!


ISACA® 成立於 1969 年,多年來不斷參與各項系統確認性與安全、企業資訊治理及資訊風險的活動,口碑載譽。

ISACA® 會員遍佈逾 180 個國家,總數超過 140,000 人。其頒授的全球認可的國際資訊安全經理人 (CISM® - Certified Information Security Manager®) 資格,更是各位資訊管理人員必考的證書。

CISM 認證是為信息安全經理和處理信息安全管理職責的專業人員而設計。擁有 CISM 認證標誌著該專業人員具備信息風險管理,同時在管理和設計資訊安全計劃上具備認可的專業知識。


課程時數: 合共 12 小時 (共 4 堂)
適合人士: 具備 5 年或以上安全管理工作經驗
授課語言: 以廣東話為主,輔以英語
課程筆記: 本中心導師親自編寫英文為主筆記,而部份英文字附有中文對照。

1. Franco Tsang (CCIE #19772) 親自教授: 本課程由擁有 CISM, CISA, CISSP, ITIL Expert 的 Franco Tsang 親自教授。
2. Franco Tsang 親自編寫筆記: Franco 親自編寫英文為主筆記,而部份英文字附有中文對照,令你無須「死鋤」如字典般厚及不適合香港讀書格調的書本。
3. 理論與考試並重: Franco 會在課堂上深入淺出地講解相關概念,務求令同學理解抽象的電腦信息風險管理、管理和設計資訊安全計劃概念。並會在課堂上操練具質素的題目以應用所學的知識。
4. 免費重讀: 傳統課堂學員可於課程結束後三個月內免費重看課堂錄影。

Since 2017, CBT (Computer-Based Testing) for the CISA, CRISC, CISM, and CGEIT certifications will be offered during three testing windows of eight-week durations.

通過考試後,同學需要

  • 具備 5 年或以上安全管理工作經驗
  • 同意遵守 ISACA 制定的職業道德準則
  • 提交 CISM 申請表

完成上述事項後,便能成為 CISM。

本中心為 PSI 指定的 CISM 考試試場,導師會在課堂上講解考試程序。考試費用如下:

  • ISACA Member: US $575
  • ISACA Nonmember: US $760




1 Introduction to CISM
1.1 Scope
1.2 Exam question types and properties
1.3 Focus

2 Domain 1: Information Security Governance
2.1 Definition
2.2 Task statements
2.3 Establish and/or maintain an information security strategy in alignment with organizational goals and objectives to guide the establishment and/or ongoing management of the information security program
2.3.1 Effective information security governance
2.3.1.1 Scope of information security
2.3.1.2 Requirements of IT vs requirements of information security
2.3.1.3 Responsibility
2.3.2 Information Security Strategy Overview
2.3.2.1 Two initial elements are needed to develop a plan to achieve objective(s)
2.3.2.2 Information security strategy development participants
2.3.2.3 The objective of the security strategy
2.3.3 Developing an Information Security Strategy
2.3.3.1 From strategy to controls
2.3.3.2 Developing an information security strategy
2.3.3.3 Common pitfalls (陷阱)
2.3.4 Information Security Strategy Objectives
2.3.5 Action Plans to Implement Strategy
2.3.5.1 Gap analysis
2.3.5.2 Policy development
2.3.5.3 Standard Development
2.3.5.4 Training and awareness
2.3.5.5 Action Plan Metrics
2.4 Establish and/or maintain an information security governance framework to guide activities that support the information security strategy
2.4.1 Business Model for Information Security (BMIS)
2.4.1.1 Four elements
2.4.1.1.1 Organization design and strategy
2.4.1.1.1.1 Organization
2.4.1.1.1.2 Strategy
2.4.1.1.1.3 Design
2.4.1.1.2 People
2.4.1.1.2.1 Internal
2.4.1.1.2.2 External
2.4.1.1.3 Process
2.4.1.1.4 Technology
2.4.1.2 Six dynamic interconnections
2.4.1.2.1 Governance
2.4.1.2.2 Culture
2.4.1.2.3 Enablement and support
2.4.1.2.4 Emergence
2.4.1.2.5 Human factors
2.4.1.2.6 Architecture
2.4.2 The Desired State
2.4.2.1 What is the desired state?
2.4.2.2 Impossible…
2.4.2.3 An example
2.4.2.4 Approaches
2.5 Integrate information security governance into corporate governance to ensure that organizational goals and objectives are supported by the information security program.
2.5.1 Information Security Governance Overview
2.5.1.1 What is governance?
2.5.1.2 First step in establishing information security governance
2.5.2 Business Goals and Objectives
2.5.3 The Desired State
2.5.4 Determining the Current State of Security
2.5.4.1 Risk assessment
2.5.4.2 Business impact analysis (BIA)
2.5.5 Information Security Strategy Development
2.6 Establish and maintain information security policies to guide the development of standards, procedures and guidelines in alignment with enterprise goals and objectives.
2.6.1 Roles and Responsibilities
2.6.1.1 Roles
2.6.1.2 Responsibilities
2.6.1.3 RCAI charts
2.6.1.3.1 R
2.6.1.3.2 A
2.6.1.3.3 C
2.6.1.3.4 I
2.6.1.3.5 An example
2.6.1.3.6 Considerations when developing RACI chart
2.6.1.4 Key roles
2.6.1.4.1 Broad of directors
2.6.1.4.2 Senior management
2.6.1.4.3 Business process owners
2.6.1.4.4 Steering committee
2.6.1.4.5 CISO (Chief Information Security Officer)
2.6.2 Policies and Standards (with Procedures and Guidelines)
2.6.2.1 Policies
2.6.2.2 Standards
2.6.2.3 Procedures
2.6.2.4 Guidelines
2.7 Develop business cases to support investments in information security.
2.7.1 Developing the Business Case
2.7.1.1 What is Business Case?
2.7.1.2 “Initial” Business Case
2.7.1.3 Developing the Business Case
2.7.2 Presenting the Business Case
2.8 Identify internal and external influences to the organization (e.g., emerging technologies, social media, business environment, risk tolerance, regulatory requirements, third-party considerations, threat landscape) to ensure that these factors are continually addressed by the information security strategy
2.8.1 Governance of Third-party Relationships
2.8.1.1 Third-party organizations
2.8.1.2 Challenges when cooperating with third-party organizations
2.8.2 Strategy Constraints
2.8.2.1 Relationship between strategy constraints and strategy
2.8.2.2 Examples of strategy constraints
2.9 Gain ongoing commitment from senior leadership and other stakeholders to support the successful implementation of the information security strategy
2.9.1 Obtaining Senior Management Commitment
2.10 Define, communicate and monitor information security responsibilities throughout the organization (e.g., data owners, data custodians, end users, privileged or high-risk users) and lines of authority
2.10.1 Roles and Responsibilities
2.10.1.1 Chief Risk Officer (CRO)
2.10.1.2 Chief Information Officer (CIO)
2.10.1.3 System and information owners
2.10.1.4 Business and functional managers
2.10.1.5 Data custodians
2.10.1.6 End users / high-risk users and security awareness trainers
2.11 Establish, monitor, evaluate and report key information security metrics to provide management with accurate and meaningful information regarding the effectiveness of the information security strategy
2.11.1 Information Security Governance Metrics
2.11.1.1 What is metric?
2.11.1.2 Technical metrics and their limitations
2.11.1.3 SMART
2.11.1.3.1 S
2.11.1.3.2 M
2.11.1.3.3 A
2.11.1.3.4 R
2.11.1.3.5 T
2.11.2 References to other standards or frameworks
2.12 SWOT analysis

3 Domain 2: Information Risk Management
3.1 Definition
3.2 Task statements
3.3 Establish and/or maintain a process for information asset classification to ensure that measures taken to protect assets are proportional to their business value
3.3.1 The Goal
3.3.2 Ensure Asset identification, Classification and Ownership
3.3.3 Information Asset Classification
3.3.3.1 Information asset classification should be based on…
3.3.3.2 When facing resource constraint…
3.3.3.3 To get started with…
3.3.3.4 Benefits of information classification
3.3.3.5 An important part of information classification
3.4 Identify legal, regulatory, organizational and other applicable requirements to manage the risk of noncompliance to acceptable levels
3.4.1 Defining the External Environment
3.4.2 Defining the Internal Environment
3.4.3 Legal and Regulatory Requirements
3.5 Ensure that risk assessments, vulnerability assessments and threat analyses are conducted consistently, and at appropriate times, to identify and assess risk to the organization’s information
3.5.1 Risk Assessment
3.5.1.1 Standard approach
3.5.1.2 Asset identification and valuation
3.5.1.2.1 Methodologies of asset identification and valuation
3.5.1.2.2 Strategy of valuation
3.5.1.2.3 Risk Assessment and Management Approaches
3.5.1.2.4 Aggregated and cascading risk
3.5.1.2.4.1 Aggregated risks
3.5.1.2.4.2 Cascading risks
3.5.1.3 Risk identification
3.5.1.3.1 Threats
3.5.1.3.1.1 Personnel threats
3.5.1.3.1.2 APT (Advanced Persistent Threat)
3.5.1.3.1.3 Emerging threats
3.5.1.3.2 Vulnerabilities
3.5.1.3.2.1 Vulnerability sources
3.5.1.3.2.2 From technology’s point of view
3.5.1.3.2.3 From personnel’s point of view
3.5.1.3.3 Risk, Likelihood and Impact
3.5.1.3.4 Risk Register
3.5.1.4 Common risk analysis methods
3.5.1.4.1 General concepts
3.5.1.4.2 Qualitative Analysis and Semi-Quantitative Analysis
3.5.1.4.3 Quantitative Risk Analysis
3.5.1.5 Other risk analysis methods
3.5.1.5.1 Risk ownership and accountability
3.6 Identify, recommend or implement appropriate risk treatment/response options to manage risk to acceptable levels based on organizational risk appetite
3.6.1 Risk Treatment (Response) Options
3.6.1.1 Four strategic choices
3.6.1.1.1 Ignore??
3.6.1.2 Avoid
3.6.1.3 Transfer
3.6.1.4 Mitigate
3.6.1.5 Acceptance and residual risk
3.6.1.5.1 Acceptance
3.6.1.5.2 Residual risks
3.6.1.5.3 Risk acceptance framework
3.7 Determine whether information security controls are appropriate and effectively manage risk to an acceptable level
3.7.1 Security Control Baseline
3.7.1.1 What is security baseline?
3.7.1.2 Establish security control baseline
3.7.1.3 Set and implement security control baseline
3.7.2 Controls and Countermeasures
3.7.2.1 What is control?
3.7.2.2 Relationship between controls and managing information security risks
3.7.2.3 General controls
3.7.2.4 Roles and responsibilities
3.7.2.5 Control’s “scope”
3.7.2.6 Control categories
3.7.2.7 Control design considerations
3.7.2.8 Control objectives and selections
3.7.2.8.1 Control objectives
3.7.2.8.2 Control selections
3.7.2.9 Controls as Strategy implementation Resources
3.7.2.9.1 Mixed controls
3.7.2.9.2 Control principles
3.7.2.9.2.1 General control principles
3.7.2.9.2.2 MAC and DAC
3.7.2.10 Control strength
3.7.2.11 Control methods / categories
3.7.2.12 Control recommendations
3.7.2.13 Countermeasures
3.7.2.14 Physical and environmental controls
3.7.2.15 Technology control categories
3.7.2.16 Technical control components and architecture
3.7.3 Control Testing and Modification
3.8 Facilitate the integration of information risk management into business and IT processes (e.g., systems development, procurement, project management) to enable a consistent and comprehensive information risk management program across the organization
3.8.1 Risk Management Integration with Life Cycle Processes
3.8.1.1 Change management (life cycle processes)
3.8.1.2 IT System Development Lifecycle
3.8.1.3 Lifecycle-based risk management principles and practices
3.9 Monitor for internal and external factors (e.g., threat landscape, cybersecurity, geopolitical, regulatory change) that may require reassessment of risk to ensure that changes to existing or new risk scenarios are identified and managed appropriately
3.9.1 Risk Monitoring and Communication
3.9.1.1 Risk monitoring
3.9.1.2 Key Risk Indicator (KRI) and communication
3.9.2 Security Program Metrics and Monitoring
3.9.2.1 Metric levels
3.9.2.1.1 Strategic metrics
3.9.2.1.2 Management metrics
3.9.2.1.3 Operational metrics
3.9.2.2 Metric development considerations
3.9.2.3 What to measures?
3.9.2.3.1 Measuring Information Security Risk and Loss
3.9.2.3.2 Measuring Support of Organizational Objectives
3.9.2.3.3 Measuring Compliance
3.9.2.3.4 Measuring Security Cost-effectiveness
3.9.2.3.5 Measuring Organizational Awareness
3.9.2.3.6 Measuring Effectiveness of Technical Security Architecture
3.9.2.3.7 Measuring Effectiveness of Management Framework and Resources
3.10 Report noncompliance and other changes in information risk to facilitate the risk management decision-making process
3.10.1 Reporting Significant Changes in Risk
3.11 Ensure that information security risk is reported to senior management to support an understanding of potential impact on the organizational goals and objectives
3.11.1 Reporting Significant Changes in Risk

4 Domain 3: Information Security Program Development and Management
4.1 Definition
4.2 Task statements
4.3 Establish and/or maintain the information security program in alignment with the information security strategy
4.3.1 Strategic Alignment
4.3.1.1 Six outcomes
4.3.1.1.1 Outcome 1
4.3.1.1.2 Outcome 2
4.3.1.1.3 Outcome 3
4.3.1.1.4 Outcome 4
4.3.1.1.5 Outcome 5
4.3.1.1.6 Outcome 6
4.3.2 Information Security Framework Components
4.3.2.1 Component 1
4.3.2.2 Component 2
4.3.2.3 Component 3
4.3.2.4 Component 4
4.3.2.5 Component 5
4.3.3 Information Security Infrastructure and Architecture
4.3.3.1 What is enterprise architecture (EA)?
4.3.3.1.1 Enterprise
4.3.3.1.2 Architecture
4.3.3.2 Enterprise architecture domains
4.3.3.2.1 Domain 1
4.3.3.2.2 Domain 2
4.3.3.2.3 Domain 3
4.3.3.2.4 Domain 4
4.3.3.3 Information Security Architecture Objectives
4.3.3.3.1 Focus 1
4.3.3.3.2 Focus 2
4.3.3.3.3 Focus 3
4.4 Align the information security program with the operational objectives of other business functions (e.g., human resources [HR], accounting, procurement and IT) to ensure that the information security program adds value to and protects the business
4.4.1 Information Security Program Management Overview
4.4.1.1 What is information security program?
4.4.1.2 Trends
4.4.1.3 Elements of a successful information security program
4.4.1.4 Outcomes of successful information security program
4.4.2 Security Program Management and Administrative Activities
4.4.2.1 Activity 1
4.4.2.2 Activity 2
4.4.2.3 Activity 3
4.4.2.4 Activity 4
4.4.2.5 Activity 5
4.4.2.6 Activity 6
4.4.2.7 Activity 7
4.4.2.8 Activity 8
4.4.2.9 Activity 9
4.4.2.10 Activity 10
4.4.2.11 Activity 11
4.4.2.12 Activity 12
4.4.2.13 Activity 13
4.4.2.14 Activity 14
4.4.2.15 Activity 15
4.4.2.16 Activity 16
4.4.2.17 Activity 17
4.4.3 Security Program Services and Operational Activities
4.4.3.1 Activity 1
4.4.3.2 Activity 2
4.4.3.3 Activity 3
4.4.3.4 Activity 4
4.4.3.5 Activity 5
4.4.3.6 Activity 6
4.4.3.7 Activity 7
4.4.3.8 Activity 8
4.4.3.9 Activity 9
4.4.3.10 Activity 10
4.4.3.11 Activity 11
4.4.3.12 Activity 12
4.5 Identify, acquire and manage requirements for internal and external resources to execute the information security program
4.5.1 Security Program Management and Administrative Activities
4.5.2 Security Program Services and Operational Activities
4.6 Establish and maintain information security processes and resources (including people and technologies) to execute the information security program in alignment with the organization’s business goals
4.6.1 Security Program Management and Administrative Activities
4.6.2 Security Program Services and Operational Activities
4.7 Establish, communicate and maintain organizational information security standards, guidelines, procedures and other documentation to guide and enforce compliance with information security policies
4.7.1 Security Program Management and Administrative Activities
4.7.2 Security Program Metrics and Monitoring
4.8 Establish, promote and maintain a program for information security awareness and training to foster an effective security culture
4.8.1 Security Awareness Training and Education
4.8.2 Security Program Services and Operational Activities
4.9 Integrate information secure requirements into organizational processes (e.g., change control, mergers and acquisitions, system development, business continuity, disaster recovery) to maintain the organization's security strategy
4.9.1 Architecture Implementation
4.9.2 Security Program Services and Operational Activities
4.9.3 Controls and Countermeasures
4.10 Integrate information security requirements into contracts and activities of third parties (e.g., joint ventures, outsourced providers, business partners, customers) and monitor adherence to established requirements in order to maintain the organization’s security integrity
4.10.1 Vendor Management
4.10.2 Outsourcing and Service Providers
4.10.2.1 Why outsourcing?
4.10.2.2 Considerations when evaluating outsourcing options
4.10.2.3 Managing outsourcing
4.10.2.4 Contracts
4.10.3 Cloud Computing
4.10.3.1 Service models
4.10.3.2 Deployment models
4.10.4 Controls and Countermeasures
4.11 Establish, monitor and analyze program management and operational metrics to evaluate the effectiveness and efficiency of the information security program
4.11.1 Controls and Countermeasures
4.11.2 Security Program Metrics and Monitoring
4.12 Compile and present reports to key stakeholders on the activities, trends and overall effectiveness of the information security program and the underlying business processes in order to communicate security performance
4.12.1 Documentation
4.12.2 Security Program Metrics and Monitoring

5 Domain 4: Information Security Incident Management
5.1 Definition
5.2 Task statements
5.3 Establish and maintain an organizational definition of, and severity hierarchy tor, information security incidents to allow accurate classification and categorization of and response to incidents
5.3.1 Incident Management Overview
5.3.1.1 What is incident management and response?
5.3.1.2 Purposes of incident management and response
5.3.1.3 Incident Management Lifecycle
5.3.1.4 Outcomes of incident management
5.3.1.4.1 Outcome 1
5.3.1.4.2 Outcome 2
5.3.1.4.3 Outcome 3
5.3.1.4.4 Outcome 4
5.3.2 Incident Management Systems (e.g. distributed incident management system, centralized incident management system, etc.)
5.4 Establish and maintain an incident response plan to ensure an effective and timely response to information security incidents
5.4.1 Incident Response Procedures
5.4.2 Incident Response Concepts
5.4.2.1 Incident handling
5.4.2.2 Incident management
5.4.3 Incident Response Technology Concepts
5.4.3.1 Security Principles
5.4.3.2 The Internet / Networking
5.4.3.3 Operating Systems
5.4.3.4 Malicious Codes
5.4.3.5 Programming
5.4.4 Response and Recovery Plan
5.5 Develop and implement processes to ensure the timely identification of information security incidents that could impact the business
5.5.1 Vulnerabilities
5.5.2 Developing an Incident Response Plan
5.5.2.1 Preparation
5.5.2.2 Identification
5.5.2.3 Containment
5.5.2.4 Eradication
5.5.2.5 Recovery
5.5.2.6 Lessons Learned
5.5.3 Help/Service Desk Processes for Identifying Security Incidents
5.6 Establish and maintain processes to investigate and document information security incidents in order to determine the appropriate response and cause while adhering to legal, regulatory and organizational requirements
5.6.1 Outcomes of incident management
5.6.2 Incident Response Concepts
5.6.3 Roles and Responsibilities
5.6.4 Documenting Events
5.7 Establish and maintain incident notification and escalation processes to ensure that the appropriate stakeholders are involved in incident response management
5.7.1 Incident Management Systems (e.g. distributed incident management system, centralized incident management system, etc.)
5.7.2 Skills of incident response team member
5.7.3 Incident Management Metrics and Indicators
5.7.4 Detailed Plan of Action for Incident Management
5.7.5 Escalation Process for Effective Incident Management
5.7.6 Incident Notification Requirements and Process
5.8 Organize, train and equip incident response teams to respond to information security incidents in an effective and timely manner
5.8.1 Incident Management and Response Teams
5.8.2 Organizing, Training and Equipping the Response Staff
5.9 Test, review and revise (as applicable) the incident response plan periodically to ensure an effective response to information security incidents and improve response capabilities
5.9.1 Integrating Incident Response with Business Continuity
5.9.1.1 RTO
5.9.1.2 RPO
5.9.1.3 Relationship between RTO and RPO
5.9.1.4 SDO
5.9.1.5 MTO
5.9.2 Updating Recovery Plans
5.9.3 Periodic Testing of the Response and Recovery Plans
5.9.4 Testing for infrastructure and Critical Business Applications
5.9.5 Types of Tests
5.9.6 Test Results
5.9.7 Recovery Test Metrics
5.9.8 Chain of custody
5.10 Establish and maintain communication plans and processes to manage communication with internal and external entities
5.10.1 Outcomes of incident management
5.10.2 Personnel
5.10.2.1 Incident response team
5.10.2.2 Incident response team models
5.10.3 Developing an Incident Response Plan
5.10.4 Escalation Process for Effective Incident Management
5.10.5 Incident Notification Requirements and Process
5.11 Conduct postincident reviews to determine the root cause of information security incidents, develop corrective actions, reassess risk, evaluate response effectiveness and take appropriate remedial actions
5.11.1 Postincident Activities and Investigation
5.11.2 Identifying Causes and Corrective Actions
5.11.3 Documenting Events
5.12 Establish and maintain integration among the incident response plan, business continuity plan and disaster recovery plan
5.12.1 Integrating Incident Response with Business Continuity

6 Appendix
6.1 Examination


 

更多綜合課程
  CFA 特許金融分析師認證課程
  • CFA Level I
  (特許金融分析師一級) 認證
  法律課程
  • 代理人的法律責任
  • 公司董事和合夥人的法律責任
  • 婚姻的法律責任
  • 遺產繼承的合法權益
  英文課程
  • IPA 拼音:級別 1 2 3 4
  普通話課程
  • 基礎普通話拼音 (免費)
  • 進階普通話拼音
  • 普通話會話:級別 1 2 3
  西班牙語文課程
  • 級別 1 2 3
  中醫課程
  • 濕疹與皮膚敏感病
  • 暗瘡與色斑 | 鼻敏感與感冒
  • 脫髮與白髮 | 從五官看健康
  攝影課程
  • 攝影初級
  • 攝影中級 (風景專題)
  風水命理課程
  • 紫微斗數:級別 1 2 3
  • 子平八字:級別 1 2 3
  • 八字風水:級別 1 2 3
  • 奇門遁甲:級別 1 2 3

這個頁面上的內容需要較新版本的 Adobe Flash Player。

取得 Adobe Flash Player