Live Chat
Monday - Friday 8am - 6pm EST Chat Now
Contact Us
Monday - Friday 8am - 8pm EST 1-800-268-7737 Other Contact Options

Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:


Achieving CISM - Certified Information Security Manager certification validates that you have the expertise and knowledge of the relationship between an information security program and the broader business goals and objectives. It also confirms that you have experience developing and managing an information security program.


This certification is a DoD Approved 8570 Baseline Certification and meets DoD 8140/8570 training requirements. 


To apply for CISM certification, you must have five or more years of work experience in information security management, with at least three years of that experience in three or more of the job practice analysis areas - or domains - listed below. At the discretion of ISACA, you may use some security-related certifications and information systems management experience to satisfy up to two years of the required five years of experience.

Required Exams

About the CISM Exam 

You will have four hours to answer 200 questions based on the four domains:

  • Domain 1: Information Security Governance
  • Domain 2: Information Risk Management and Compliance
  • Domain 3: Information Security Program Development and Management
  • Domain 4: Information Security Incident Management

Recommended Courses


The CISM continuing professional education (CPE) policy requires that you attain at least 20 CPE hours per year and 120 CPE hours every three years.


2018 Top Certifications

Find out where this certification ranked in our 2018 top paying certifications report.