- How to learn Ethical Hacking?
- How to become a Ethical Hacker ? Know about the requirements to become one
- Introduction to Cyber Security | A Complete Guide
- Top Reasons to Learn Cyber Security | Everything You Need to Know to Become an Expert
- CyberSecurity Framework | How to Implement | A Definitive Guide with Best Practices [ OverView ]
- The Impact of AI and Machine Learning on Cybersecurity | Everything You Need to Know
- What is Certified Ethical Hacker (CEH) Certification and Why is it Important? [ OverView ]
- Benefits Of ECSA Certification | Everything You Need to Know | Expert’s Top Picks
- Top Most OSINT Tools – Open Source Intelligence | Expert’s Top Picks
- Cyber Security Salary in India : Everything You Need to Know
- What is Computer Security? Free Guide Tutorial & REAL-TIME Examples
- Ethical Hacker Salary and Job Description | Everything You Need to Know
- Hacking Tools and Software | All you need to know [ OverView ]
- What is DES? Free Guide Tutorial & REAL-TIME Examples
- How to Become an Ethical Hacker?
- Which are the Best Network Security Certifications?
- Cybersecurity Consultant Career Path
- The Most Effective Data Encryption Techniques
- Great CISSP Books and Study Guides for the CISSP Certification
- What Is Kerberos?
- Top CISSP Domains
- Cyber Security Career Path
- CISSP Certification Exam Guide 2020
- Top Cyber Security Trends for 2020
- CISSP Exam Online 2020
- Compare and Contrast Physical and Environmental Security Controls
- What is information security architect?
- Certified Information Systems Security Professional (CISSP) Certification
- Top Cyber Security Jobs
- What is CISA Certification?
- What is Threat Modeling?
- Certified Information Security Manager (CISM) Certification
- Information Security Management Principles
- Network Perimeter Security Design
- Things You Must Know About Cyber Security in the Cloud
- What is ECSA?
- Why is Cybersecurity Important?
- Tips to Clear Certified Ethical Hacker (CEH) Exam
- Average Annual Salary of a CISSP Certified Professional
- “How to Become a Cyber Security Engineer? “
- Who is an Ethical Hacker?
- What are the requirements to become Cissp certified?
- The Phases of Ethical Hacking
- What is Ethical Hacking?
- Top Ethical Hacking Certifications
- Hash in Python
- How to learn Ethical Hacking?
- How to become a Ethical Hacker ? Know about the requirements to become one
- Introduction to Cyber Security | A Complete Guide
- Top Reasons to Learn Cyber Security | Everything You Need to Know to Become an Expert
- CyberSecurity Framework | How to Implement | A Definitive Guide with Best Practices [ OverView ]
- The Impact of AI and Machine Learning on Cybersecurity | Everything You Need to Know
- What is Certified Ethical Hacker (CEH) Certification and Why is it Important? [ OverView ]
- Benefits Of ECSA Certification | Everything You Need to Know | Expert’s Top Picks
- Top Most OSINT Tools – Open Source Intelligence | Expert’s Top Picks
- Cyber Security Salary in India : Everything You Need to Know
- What is Computer Security? Free Guide Tutorial & REAL-TIME Examples
- Ethical Hacker Salary and Job Description | Everything You Need to Know
- Hacking Tools and Software | All you need to know [ OverView ]
- What is DES? Free Guide Tutorial & REAL-TIME Examples
- How to Become an Ethical Hacker?
- Which are the Best Network Security Certifications?
- Cybersecurity Consultant Career Path
- The Most Effective Data Encryption Techniques
- Great CISSP Books and Study Guides for the CISSP Certification
- What Is Kerberos?
- Top CISSP Domains
- Cyber Security Career Path
- CISSP Certification Exam Guide 2020
- Top Cyber Security Trends for 2020
- CISSP Exam Online 2020
- Compare and Contrast Physical and Environmental Security Controls
- What is information security architect?
- Certified Information Systems Security Professional (CISSP) Certification
- Top Cyber Security Jobs
- What is CISA Certification?
- What is Threat Modeling?
- Certified Information Security Manager (CISM) Certification
- Information Security Management Principles
- Network Perimeter Security Design
- Things You Must Know About Cyber Security in the Cloud
- What is ECSA?
- Why is Cybersecurity Important?
- Tips to Clear Certified Ethical Hacker (CEH) Exam
- Average Annual Salary of a CISSP Certified Professional
- “How to Become a Cyber Security Engineer? “
- Who is an Ethical Hacker?
- What are the requirements to become Cissp certified?
- The Phases of Ethical Hacking
- What is Ethical Hacking?
- Top Ethical Hacking Certifications
- Hash in Python

Certified Information Security Manager (CISM) Certification
Last updated on 06th Oct 2020, Artciles, Blog, Cyber Security
The ISACA community – members, volunteers and professionals – is guided by our Purpose and Promise, which define the essence of who we are and what we do. Our Purpose is the reason we exist – to help business technology professionals and their enterprises around the world realize the positive potential of technology. Our Promise is how we as an organization and as individuals, deliver on our Purpose – the work we do every day to inspire confidence that enables innovation through technology.
Subscribe For Free Demo
Error: Contact form not found.
Applicants must meet the following requirements to become CISM Certified:
Successfully Complete the CISM Examination:
- The examination is open to all individuals who have an interest in information security management. All are encouraged to work toward and take the examination. Successful examination candidates will be sent all information required to apply for certification with their notification of a passing score.
Adhere to the Code of Professional Ethics:
- Members of ISACA and/or holders of the CISM designation agree to a Code of Professional Ethics to guide professional and personal conduct.
Adhere to the Continuing Professional Education (CPE) Policy: The objectives of the continuing education policy are to:
- Maintain an individual’s competency to ensure that all CISMs maintain an adequate level of current knowledge and proficiency. CISMs who successfully comply with the CISM CPE Policy will be better equipped to manage, design, oversee and assess an enterprise’s information security
- Provide a means to differentiate between qualified CISMs and those who have not met the requirements for continuation of their certification
Demonstrate the Required Minimum Work Experience:
A minimum of 5-years of professional information security management work experience – as described in the CISM job practice areas – is required for certification. The work experience for CISM certification must be gained within the 10-year period preceding the application date for certification. Candidates have 5-years from the passing date to apply for certification.
Substitutions and waivers may be obtained for a maximum of 2-years as follows:
Two Years:
- Certified Information Systems Auditor (CISA) in good standing
- Certified Information Systems Security Professional (CISSP) in good standing
- Post-graduate degree in information security or a related field (e.g., business administration, information systems, information assurance)
One Year:
- One full year of information systems management experience
- One full year of general security management experience
- Skill-based security certifications (e.g., SANS Global Information Assurance Certification (GIAC), Microsoft Certified Systems Engineer (MCSE), CompTIA Security +, Disaster Recovery Institute Certified Business Continuity Professional (CBCP), ESL IT Security Manager)
The experience substitutions will not satisfy any portion of the 3-year information security management work experience requirement.
Exception:
Every 2-years as a full-time university instructor teaching the management of information security can be substituted for every 1-year of information security experience.
It is important to note that many individuals choose to take the CISM exam prior to meeting the experience requirements. This practice is acceptable although the CISM designation will not be awarded until all requirements are met.
What you’ll learn
- Govern information security policies
- Manage risks and ensure compliance to the information security policies
- Develop, manage and implement information security program in an organization
- Manage incidents related to information security
Requirements
- 1. As with the CISM certification exam, the candidates are required to have a minimum of five years of experience in information security management.
- 2. Experience in the fields of information security governance, risk management, compliance, and incident management is also preferable.
Description
The Certified Information Security Manager (CISM) course helps the candidates to achieve the CISM certification. The certification is offered by the Information Systems Audit and Control Association (ISACA) to validate the expertise and knowledge of the candidates regarding the relationship between an information security program and the broader business targets. The certification also validates that the candidate has the hands-on knowledge of developing, managing and implementing an information security program for an organization.

CISM certification is a certification by ISACA for experienced Information security management professionals with work experience in developing and managing information security programs. The CISM course covers the four domains of the CISM certification exam. The course is an ideal preparatory course for the students seeking to gain CISM certification as well as the IT security and information security professionals looking to build on their practical experience.
Who this course is for:
- The ideal candidates for the course must be:
- Experienced information security managers and officers
- IT consultants and managers
- IT auditors
- IT security policy makers
- Privacy officers
- Network administrators
- Network security engineers
- Candidates seeking CISM certification
How to become a CISM
The CISM certification process includes a 200-question multiple-choice exam that is scored using a 200-800 scaled scoring method. This allows performance comparisons to be made among candidates. 450 is a passing score, indicating that the individual meets a minimum consistent standard of knowledge set by the ISACA Certification Committee.
The exam covers four content areas:
- 1. Information security management
- 2. Information risk management and compliance
- 3. Information security program development and management
- 4. Information security incident management
To qualify for the exam, applicants must have five years of verified experience in the infosec field, with a minimum of three years of infosec management experience in three or more of the CISM content areas. Experience must be gained within a 10-year period preceding the application date or within five years from the date of passing the exam.
To maintain CISM certification, individuals must sustain an adequate level of knowledge and proficiency in the field of information systems security management, complete 20 continuing professional education (CPE) hours annually and follow ISACA’s Code of Professional Ethics.
Benefits of CISM Certification
- Recognition of attainment of advanced job skills as required for an information security professional
- Worldwide recognition as an information security manager
- Confirms commitment to profession
- Provides access to valuable resources, such as peer networking and idea exchange
CISM holders understand business and how to manage and adapt technology in their organizations and industries. They identify serious issues and tune company-specific practices to allow for the governance of information and related technologies.
The CISM credential is, therefore, highly desirable due to its ability to appeal to organizational security requirements in an industry wide accepted fashion. Organizations will for a long time to come remain receptive to accredited holders of the CISM.