What is the CISM certification?
According to ISACA, more than 40,000 professionals have earned their CISM certification since it launched in 2002. This management-focused credential is aimed at professionals who build and manage an enterprise’s information security.
CISM demonstrates a deep understanding of the relationship between information security programs and broader business goals and objectives. CISM-certified professionals have the ability to navigate complex security management issues that can severely impact organizational success.
To achieve this certification, an individual must take and pass the CISM certification exam, consisting of 150 questions and four job practice domains:
- Information Security Governance
- Information Risk Management
- Information Security Program Development and Management
- Information Security Incident Management
Who should take the CISM exam?
CISM is an essential certification for individuals looking to make the move from security technologist to security manager. It confirms a high level of technical competence and qualification for top-caliber leadership and management roles.
Since it’s a management-focused certification, candidates are required to have at least five years of information security experience, with at least three as a security manager.
Experienced security management professionals with the following responsibilities may also be interested in this certification: IT consultants, auditors, managers, security policy writers, privacy officers, information security officers, network administrators, security device administrators, and security engineers.