Problem or issue? Click on Help icon at the bottom right of the web page and send us a ticket. We will get back to you as soon as we can.

CISM

Certified Information Security Manager - CISM Certification

What is a CISM (Certified Information Security Manager)?

The Certified Information Security Manager (CISM) signifies that an individual has the knowledge & experience to build & manage an enterprise information security program.

ISACA, a nonprofit, independent organization representing information security, assurance, risk management, and governance professionals, offers the CISM certification.

The CISM certification is intended for infosec managers, prospective managers, or IT consultants who assist in infosec program management. ANSI recognizes it as compliant with ISO/IEC 17024:2003.

How to become a CISM

To get CISM certified, candidates should complete a 150-question multiple-choice examination with a 450 passing score. This examination is part of the CISM certification process and is evaluated using a 200–800 scaled scoring system.

The exam covers the following topics:

  • Information Security Governance
  • Information Risk Management
  • Information Security Program Development and Management
  • Information Security Incident Management

Demonstrate your information security management expertise. The uniquely management-focused CISM certification promotes international security practices and recognizes the individual who manages, designs, oversees, and assesses an enterprise's information security.

PREPARE FOR SUCCESS IN AN INCREASINGLY IMPORTANT AND IN-DEMAND FIELD

Around the world, the demand for skilled information security management professionals is on the rise, and the CISM certification is the globally accepted standard of achievement in this area. The uniquely management-focused CISM training or certification ensures holders understand business and know how to manage and adapt technology to their enterprise and industry. Since its inception in 2002, more than 30,000 professionals worldwide have earned the industry-leading CISM to affirm both their high level of technical competence and qualifications for top-caliber leadership and management roles.

  • In addition to technical competence, CISM demonstrates a deep understanding of the relationship between information security programs and broader business goals and objectives.
  • Earning a CISM certification is considered a great way to pave the path from security technologist to security manager, and it helps you rise to the top of hiring manager resume/CV stacks.
  • CISM Certification holders are consistently recognized among the .most-qualified professionals in the information security .and risk management fields.
  • CISM promotes international security practices, and CISM-certified employees provide enterprises with an information security management certification recognized .by organizations and clients around the globe. So having a CISM certification adds directly to the value you offer the enterprise you serve.
  • The credibility CISM offers is strengthened by its real-world experience requirement. Unlike some security certifications, CISM verifies that holders have a minimum of five years of information security work experience, in addition to having passed a CISM exam.

WHO SHOULD OBTAIN A CISM Certification?

The CISM certification was developed specifically for experienced information security managers and those with information security management responsibilities which include:

  • Information Security Managers
  • Aspiring Information Security Managers
  • IS/IT Consultants
  • Chief Information Officer

CISM Course Curriculum

Eligibility for CISM Certification

You should have five or more years of professional experience in information security. At least three of those years must be in at least three different work practice areas, with at least one year each. Information security management is one of these areas.

Pre-requisites for CISM Certification

Candidates must have at least three or more years of infosec management experience in three or more CISM topic areas and five years of proven experience in the infosec industry to fulfill CISM requirements. You must obtain experience within five years after the exam or ten years of the application date, whichever comes first.

FAQ about CISM Certification

  • How to prepare for CISM certification?
  • It would be best if you did the actions below to prepare for the CISM certification. 1. Candidates must study the ISACA candidate information guide.
    2. Utilize your resources as best you can.
    3. Develop your managerial thinking skills.
    4. Create a schedule. 5. Participate in study groups with other participants to enhance your knowledge. 6. Take practice tests.
  • How to maintain CISM certification?
  • Individuals who decide to maintain their CISM certification must maintain an adequate level of expertise in information systems security management, undertake 20 hours of annual continuing professional education (CPE), and adhere to the ISACA Code of Professional Ethics.
  • How much does CISM certification cost?
  • The Certified Information Security Manager or CISM exam cost for qualified candidates may go up to $760.

What They’re Saying

Passed the CISSP on the first try! Great product in combination with some books.

Mark Maxwell

CloudBees

I attempted and passed the CISSP exam today in 1st attempt. Would like to take both the individual who recommended CCCURE and the CCCURE team for a great platform to self-assess the preparedness.

Anoop

VP, Resilience Risk, Retal and Wealth

I passed so that's pretty great. I used this site almost exclusively to pass my test.

Russell Collins

N/A

I passed the actual exam today. Couldn't be happier to get that garbage test out of the way. I used this as my primary source of learning the material and it obviously works.

Russell Collins

CEO

I took the CISSP for the first time yesterday and passed with the (new) minimum number of questions (125). The cccure practice questions were a great way to prep. At the time, I thought some of the questions were a bit dodgy and maybe the answers were a bit iffy. But, wow, that is how MOST of the exam questions were too! Definitely a great tool to have in your belt as you prepare for the exam.

Stephanie

Cybersecurity Operations

I used CCCURE for CISSP, CCSP, Security+, CASP, and Network+. The questions were great and very similar to the exams. I have a lot of experience in these areas already so these practice exams were exactly what I needed to refresh on areas I needed.

Scott Sailors

CISO

CCCure is an outstanding resource for CISSP test practice. I like how I was able to create domain specific quizzes of ~50 questions, and then full length tests ~130 questions across all domains. This helped me improve in focused areas, and also gain confidence in my overall test taking aptitude. I practiced until I had seen all the available practice questions and was consistently in the 80%-90% range. I passed the CISSP on my first try. I saw approximately 130 questions, and took ~ 2.5 hours to finish the exam. The CCCure questions are on target as far as testing both general, and ve...

Troy Freeman

Comcast Business / Sr. Solutions Engineer

Passed my CISSP on 5/31/2022. Went through the whole 150 questions like a champ but was very nervous about it. I attend a couple of boot camps offered by my job and used cccure and boson exams engine to study. Initially I was making the mistake of not taking the time to understand the ask of each question. After several practice exams I finally got a grip on the nature of how the questions are asked. The CISSP is mostly scenario based questions and the practice exams helps in training the mind in understand the scenarios. Materials Used: CCCURE test engine Boson Test engines 11th hour M...

Emil

ISSO

I PASSED THE SECURITY PLUS EXAM WITH A 754. This test bank will get you the methodology of the test, but the content will differ slightly. I attempted the exam twice. My primary means of studying were Prof. Messer videos and this test bank.

Ty Thompson

Macro Solutions/Service desk Technician

I find it hard studying from written media, I certainly did not posses the desire to read any of the books I purchased cover to cover. However, using the 'study quiz' functionality of the site I was able to find my weak points and really focus on studying those. I found repeated quizing on all areas, and then repeat quizing on the questions I got wrong was the fastest way for me to learn.. I have been in the IT industry for some 23 years, and in the Cyber Sec for the last 5 and a bit.. I really dislike doing exams, and the countless posts, blogs and video's outlining just how hard ...

Mike Hudson

Lead Cyber Security Analyst