top of page
ISACA
CISM

   ISACA CISM 

​​Description:​

CISM (Certified Information Security Manager) is an essential certification for information security professionals who manage, implement, monitor, and evaluate information security within an organization. The course prepares Information Security managers to perform their functions, covering Information Security Governance, Risk Management and Compliance, Information Security Program Development and Management, and Information Security Incident Management. The course includes discussions, domain-specific exercises, and a simulated exam, preparing participants for the ISACA CISM certification exam. It is available in the Live Online Training format.or related areas.

CISM

Domains:

Domain 1: Information Security Governance

Domain 2: Information Security and Risk Management 

Domain 3: Development and Management of Information Security     

Domain 4: Information Security Incident Management

Who benefits?
 The CISM certification offers several benefits for professionals and organizations:

  • Professional Recognition: A prestigious, widely recognized credential.

  • Career Opportunities: Access to leadership positions in information security.

  • Salary Increase: Certified professionals tend to earn higher salaries.

  • Continuous Development: Requires continuous education, keeping professionals up to date.

  • Credibility: Commitment to high ethical standards.

  • Organizational Security: Better equipped to develop and manage security programs.

  • Networking: Access to a global network of information security professionals.

  • Improved Internal Processes: Ability to implement more effective security policies and procedures.

Prerequisites:
- Professional experience in information security or related areas such as IT, risk management, auditing, or IT governance.
- Basic knowledge of information security, including aspects such as security controls, security legislation, security standards (such as ISO 27001/27002), and risk management practices.

​​Exam Information:

  • Exam: ISACA CISM

  • Exam Format: Multiple Choice

  • Total Number of Questions: 150

  • Exam Duration: 4 Hours

  • Required Score: 450/800

Course Duration:
  6 Days | 24 Hours | 4 hours per day

​​

CISM

​​​Objectives:
By the end of the course, participants will be able to:

  • Establish and maintain a structure that aligns information security strategies with business objectives and applicable regulations.

  • Identify and manage information security risks to achieve organizational objectives.

  • Design, develop, and manage an information security program to implement a governance structure.

  • Oversee and lead security activities to execute an information security program.

  • Develop and manage the capability to respond to disruptive and destructive events related to information security.

or related areas.

The 4 CISM Domains:

 

Domain 1: Information Security Governance:

  • Establish and maintain a security governance framework aligned with organizational objectives.

  • Ensure security strategy alignment with organizational goals.   

  • Develop comprehensive security policies aligned with business needs and regulatory requirements.   

  • Justify security investments based on business value.

Domain 2: Risk Management and Information Compliance:

  • Establish a process for managing information risk, identifying, analyzing, and mitigating risks.

  • Define classification criteria for information and assets.

  • Assess risks using qualitative and quantitative methods.

  • Implement risk mitigation strategies.

Domain 3: Development and Management of Information Security Programs:

  • Develop and manage a security program aligned with organizational strategy.

  • Ensure the security program supports other business functions.   

  • Allocate resources for managing information security.   

  • Monitor and measure the security program's performance.

Domain 4: Information Security Incident Management:

  • Establish and maintain an incident response plan that minimizes damage and restores operations.

  • Include communication, root cause investigation, and documentation in the response plan.

Certification Process: 5 Steps:

​​

  • 1. Pass the CISM Exam: The first crucial step is passing the exam, which assesses knowledge in information security management, covering areas such as governance, risk management, program development, and incident management

  • 2. Agree to the Professional Code of Ethics: After passing the exam, it is necessary to agree to the code of ethics established by ISACA, which guides the professional and personal conduct of certification holders.

  • 3. Meet Continuing Education Policy: To keep the certification active, you must complete a minimum of 20 hours of professional continuous education (CPE) annually and a total of 120 hours within three years. This requirement ensures that you maintain an adequate level of up-to-date knowledge and proficiency in information security.

  • 4. Professional Experience: You must demonstrate at least five years of work experience dedicated to information security, with at least three of those years in information security management functions across three or more areas of work practice analysis. These areas include information security governance, information risk management, development and management of information security programs, and information security incident management. This experience must be gained within ten years before passing the exam or within five years after passing it.

  • 5. Work Experience Substitutions: ISACA allows some substitutions for the work experience requirement, such as:

    • Two years substituted if you hold another relevant certification, such as CISSP (Certified Information Systems Security Professional) or CISA (Certified Information Systems Auditor).

    • One year substituted for each year of experience in information systems management or in leadership or management roles outside the information security field.   

    • Up to two years substituted for a postgraduate degree in information security or related areas.

CISM

Course Brochures (click the icon)

For more information:

Privacy Notice (GDPR):

Information will not be shared and used exclusively to communicate.

bottom of page