About
The Certified Information Security Manager (CISM®) certification validates your expertise in managing and overseeing information security programs. It emphasizes effective risk management, governance, and incident response, ensuring that you stay ahead in a rapidly evolving field.
Certification Body: ISACA® (Information Systems Audit and Control Association – USA)
Learning Objective
- Assess security risks and implement effective risk management strategies.
- Establish and manage security governance frameworks.
- Develop and maintain information security programs.
- Manage and respond to security incidents effectively.
- Address modern security threats, including data breaches and ransomware.
- Understand emerging technologies like AI and block chain for security management.
Exam Information
- Duration: 4 hours
- Format: Multiple-choice questions
- Language: Available in various languages, including English, French, and Spanish
Recertification
- Earn CPE credits annually: Professionals must accumulate a certain number of Continuing Professional Education (CPE) credits each year.
- Stay updated: CPE ensures that certified individuals remain current with the latest security trends, technologies, and best practices.
- Mandatory for certification renewal: Earning CPE credits is required to maintain the CISM certification.
- ISACA guidelines: Follow ISACA’s specific CPE requirements for reporting and maintaining certification.
Curriculum
- 1 Section
- 4 Lessons
- 40 Hours
Expand all sectionsCollapse all sections
Requirements
- Minimum 5 years of experience in information security management.
- Substitutions allowed for:
Relevant degree in information security or related fields.
Other ISACA certifications. - Experience must align with CISM job practice areas.
Target audiences
- IT security managers and professionals
- Risk management professionals
- IT auditors and consultants
- Anyone responsible for managing an organization’s information security program