Your browser is incompatible with this site. Upgrade to a different browser like Google Chrome or Mozilla Firefox to experience this site.
CISM - Certified Information Security Manager
The management-focused CISM certification promotes international security practices and recognizes the individual who manages, designs, oversees and assesses an enterprise’s information security.
Around the world, demand for skilled information security management professionals is on the rise, and the CISM certification is the globally accepted standard of achievement in this area. The uniquely management-focused CISM certification ensures holders understand business and know how to manage and adapt technology to their enterprise and industry. Since its inception in 2002, more than 30,000 professionals worldwide have earned the CISM to affirm their high level of technical competence and qualification for top-caliber leadership and management roles.
- CISM demonstrates a deep understanding of the relationship between information security programs and broader business goals and objectives.
- Earning a CISM is considered a great way to pave the path from security technologist to security manager.
- CISM holders are consistently recognized among the most-qualified professionals in the information security and risk management fields.
- CISM-certified employees provide enterprises with an information security management certification recognized by organizations and clients around the globe.
- The credibility CISM offers is strengthened by its real-world experience requirement.
This certification is a DoD Approved 8570 Baseline Certification and meets DoD 8140/8570 training requirements.
Download the Free Prep Guide
Certified Information Security Manager (CISM)
Domain 1 – Information Security Governance (24%)
Domain 2 – Information Risk Management (30%)
Domain 3 – Information Security Program Development and Management (27%)
Domain 4 – Information Security Incident Management (19%)
- All ISACA certification exams consist of 150 multiple choice questions that cover the respective job practice areas created from the most recent job practice analysis.
- You have 4 hours to complete the exam.
The CISM continuing professional education (CPE) policy requires that you attain at least 20 CPE hours per year and 120 CPE hours every three years.
Visit the ISACA website for additional detail.