ISACA’s Certified Information Security Manager (CISM®) certification shows you have expertise in information security governance, program development and management, incident management and risk management. Take your career out of the technical realm to management!
The CISM exam is four hours in duration, contains 150 multiple-choice questions, and covers four information security management areas called domains. Each domain is further defined and detailed through Task and Knowledge statements. Read on below for the domains and their weightings.
A copy of ISACA’s Exam Candidate Guide can be downloaded here.
As well as passing the CISM exam, there are additional criteria for certification. For example, a candidate must submit evidence of at least five years of professional experience in information security management, with at least three years of this experience in three or more of the job practice analysis areas. If a candidate does not have the required experience, this may still be gained within five years after originally passing the CISM exam. Please see the full additional criteria detailed on ISACA’s website.