Live Chat
Monday - Friday 8am - 6pm EST Chat Now
Contact Us
Monday - Friday 8am - 8pm EST 1-866-716-6688 Other Contact Options

Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:


Certified Information Security Manager

Achieving Certified Information Security Manager (CISM) certification validates that you have expertise and knowledge of the relationship between an information security program and the broader business goals and objectives. It also confirms that you have experience developing and managing an information security program.


To apply for CISM certification, you must have five or more years of work experience in information security management, with at least three years of that experience in three or more of the job practice analysis areas - or domains - listed below. At the discretion of ISACA, you may use some security-related certifications and information systems management experience to satisfy up to two years of the required five years of experience.

Required Exams

About the CISM Exam 

You will have four hours to answer 200 questions based on the four domains:

  • Domain 1: Information Security Governance
  • Domain 2: Information Risk Management and Compliance
  • Domain 3: Information Security Program Development and Management
  • Domain 4: Information Security Incident Management

Recommended Courses


The CISM continuing professional education (CPE) policy requires that you attain at least 20 CPE hours per year and 120 CPE hours every three years.