Certified Information Security Manager (CISM)

Certified Information Security Manager (CISM) Training

CISM means higher earning potential and career advancement. Recent independent studies consistently rank CISM as one of the highest paying and sought after IT certifications.

Contact to get certified as an Information Security Manager.


Enhance your competitive advantage

Demonstrate your information security management expertise


The uniquely management-focused CISM certification promotes international security practices and recognizes the individual who manages, designs, and oversees and assesses an enterprise’s information security.


Prerequisites & Required Courses

To obtain the CISM credential, candidates must do the following:

  1. Pass the CISM examination
  2. Possess a minimum of five years of information security work experience (checkout the exemtions listed below).
  3. Adherence to the Code of Professional Ethics
  4. Maintain Continuing Professional Education (CPE) Credits

In Addition to Passing the CISM Certification Exam you need


A minimum of five years of information security work experience, with a minimum of three years of information security management work experience in three or more of the job practice analysis areas. The experience Must have been gained within the 10-year period preceding the date of application, or within five years of passing the exam.


Experience Substitutions

Two Years:

  • Certified Information Systems Auditor (CISA) in good standing
  • Certified Information Systems Security Professional (CISSP) in good standing
  • Post-graduate degree in information security or a related field (e.g., business administration, information systems, information assurance)

One Year:

  • One full year of information systems management experience
  • One full year of general security management experience
  • Skill-based security certifications e.g.
    • lobal Information Assurance Certification (GIAC)
    • Microsoft Certified Systems Engineer (MCSE)
    • CompTIA Security +
    • isaster Recovery Institute Certified Business Continuity Professional (CBCP)
    • SL IT Security Manager)
  • Completion of an information security management program at an institution aligned with the Model Curriculum

The experience substitutions will not satisfy any portion of the 3-year information security management work experience requirement.

Exception: Two years as a full-time university instructor teaching the management of information security can be substituted for every 1 year of information security experience.


Additional information is available at ISACA’s CISM page

CISM Certification Job Practice


The below job practice is organized by domains that will be tested for the first time in 2017. Also, starting in 2017, the CISM exam will contain 150 questions testing the new job practice.

Cism Job Practise Domains

  • Domain 1—Information Security Governance (24%)
  • Domain 2—Information Risk Management (30%)
  • Domain 3—Information Security Program Development and Management (27%)
  • Domain 4—Information Security Incident Management (19%)

Contact for further details on preparing for getting certified in Certified Information Security Manager (CISM)


© 2018 - Thanks for Visiting FerroTechnics Inc.    Privacy Policy