Year-End Learning Carnival: Get Free Courses and Up to 50% off on Career Booster Combos!
D H M S
Get Placement Support & Resume Optimization
Rated the best Trustpilot 4.9/5 Read Reviews
Infosectrain Group Learner
Infosectrain Learner Point 700657+ Learners

Program Highlights

The CISM is a management-focused certification that promotes international security practices and validates individuals’ skills to manage designs, oversee, and assesses an enterprise’s information security. The CISM training course at InfosecTrain helps candidates develop an understanding of risk management, information security governance, and drafting security policies and strategies to achieve the organizational goals.

  • 32-Hour LIVE Instructor-Led Training32-Hour LIVE Instructor-Led Training
  • ISACA Premium Training PartnerISACA Premium Training Partner
  • Immersive LearningImmersive Learning
  • Highly Interactive and Dynamic SessionsHighly Interactive and Dynamic Sessions
  • 98% Exam Pass Rate98% Exam Pass Rate
  • Learn from Industry ExpertsLearn from Industry Experts
  • Career Guidance and MentorshipCareer Guidance and Mentorship
  • Post Training SupportPost Training Support

Learning Schedule

  • upcoming classes
  • corporate training
  • 1 on 1 training
Upcoming classes
28 Dec - 19 Jan Online Weekend 19:00 - 23:00 IST BATCH OPEN
25 Jan - 01 Mar Online Weekend 19:00 - 23:00 IST BATCH OPEN
corporate training

Why Choose Our Corporate Training Solution

  • Upskill your team on the latest tech
  • Highly customized solutions
  • Free Training Needs Analysis
  • Skill-specific training delivery
  • Secure your organizations inside-out

Seeking Corporate Training?

Discover Tailored Solutions for your unique needs. Request a Quote Today!

1-on-1 training

Why Choose 1-on-1 Training

  • Get personalized attention
  • Customized content
  • Learn at your dedicated hour
  • Instant clarification of doubt
  • Guaranteed to run

Desire Personalized Attention?

Request for exclusive batches that are tailored just for you, with flexible schedules.
Ask for 1-on-1 Training Now!

Can't Find a Suitable Schedule? Talk to Our Training Advisor

Offer|InfosecTrain
About Course

The CISM certification, which is focused on management, promotes worldwide security practices and acknowledges the professional who manages, designs, oversees, and assesses an organization’s information security. The CISM certification is the worldwide recognized benchmark of excellence in this field, and the demand for skilled information security management experts is on the rise.

 

Old CISM Domains vs New CISM Domains:

Course Curriculum

Domain 1: Information Security Governance – 17%

  • A–ENTERPRISE GOVERNANCE
    • Organizational Culture
    • Legal, Regulatory and Contractual Requirements
    • Organizational Structures, Roles and Responsibilities
  • B–INFORMATION SECURITY STRATEGY
    • Information Security Strategy Development
    • Information Governance Frameworks and Standards
    • Strategic Planning (e.g., Budgets, Resources, Business Case)

 

Domain 2: Information Security Risk Management – 20%

  • A–INFORMATION SECURITY RISK ASSESSMENT
    • Emerging Risk and Threat Landscape
    • Vulnerability and Control Deficiency Analysis
    • Risk Assessment and Analysis
  • B–INFORMATION SECURITY RISK RESPONSE
    • Risk Treatment / Risk Response Options
    • Risk and Control Ownership
    • Risk Monitoring and Reporting

 

Domain 3: Information Security Program – 33%

  • A–INFORMATION SECURITY PROGRAM DEVELOPMENT
    • Information Security Program Resources (e.g., People, Tools, Technologies)
    • Information Asset Identification and Classification
    • Industry Standards and Frameworks for Information Security
    • Information Security Policies, Procedures and Guidelines
    • Information Security Program Metrics
  • B–INFORMATION SECURITY PROGRAM MANAGEMENT
    • Information Security Control Design and Selection
    • Information Security Control Implementation and Integrations
    • Information Security Control Testing and Evaluation
    • Information Security Awareness and Training
    • Management of External Services (e.g., Providers, Suppliers, Third Parties, Fourth Parties)
    • Information Security Program Communications and Reporting

 

Domain 4: Incident Management – 30%

  • A–INCIDENT MANAGEMENT READINESS
    • Incident Response Plan
    • Business Impact Analysis (BIA)
    • Business Continuity Plan (BCP)
    • Disaster Recovery Plan (DRP)
    • Incident Classification/Categorization
    • Incident Management Training, Testing and Evaluation
  • B–INCIDENT MANAGEMENT OPERATIONS
    • Incident Management Tools and Techniques
    • Incident Investigation and Evaluation
    • Incident Containment Methods
    • Incident Response Communications (e.g., Reporting, Notification, Escalation)
    • Incident Eradication and Recovery
    • Post-Incident Review Practices

Target Audience
  • Security Consultants and Managers
  • IT Directors and Managers
  • Security Auditors and Architects
  • Security Systems Engineers
  • Chief Information Security Officers (CISOs)
  • Information Security Managers
  • IS/IT Consultants
  • Chief Compliance/Privacy/Risk Officers
Pre-requisites

The CISM is a desirable certification if you have at least five years of information security work experience and at least three years of work experience in three or more job practices analysis areas of information security management. Work experience must be achieved within 10 years of applying for certification or within 5 years of passing the exam.

The following security-related certifications and management experience in information systems can be used to replace the required amount of information security job experience.

 

Two Years:

  • Certified Information Systems Auditor (CISA) in good standing
  • Certified Information Systems Security Professional (CISSP) in good standing
  • Post-graduate degree in information security or a related field (e.g., business administration, information systems, information assurance)

 

One Year:

  • One full year of information systems management experience
  • One full year of general security management experience
  • Skill-based security certifications (e.g., SANS Global Information Assurance Certification (GIAC), Microsoft Certified Systems Engineer (MCSE), CompTIA Security +, Disaster Recovery Institute Certified Business
  • Continuity Professional (CBCP), ESL IT Security Manager)

 

Completion of an information security management program at an institution aligned with the Model Curriculum.

Exam Details

Certification Certified Information Security Manager (CISM)
Exam Duration 4 Hours
Number of Questions 150
Exam Pattern Multiple Choice
Passing Marks 450 out of 800
Languages English, Japanese, Korean, Spanish
Course Objectives
  • Learn about Enterprise Governance covering the importance of Information Security Governance, Organizational Culture and Structure, Legal, Regulatory and Contractual Requirements.
  • Learn to formulate an Information Security Strategy, create Information Governance Frameworks and Standards and conduct Strategic Planning.
  • Learn about the emerging risk and threat landscape, Vulnerability and Control Deficiency Analysis.
  • Learn to conduct Risk Analysis, Evaluation and Assessment.
  • Respond to risk by understanding Risk Treatment/Risk Response Options, Risk and Control Ownership, Risk Monitoring and Reporting.
  • Learn how to develop an Information Security Program by utilizing industry standards and frameworks, Information Security policies, procedures and guidelines and creating an Information Security Program Road Map.
  • Manage an information security program by focusing on different aspects such as the design, control, implementation, integration, testing, evaluation and training, communications and reporting.
  • Assess the incident management readiness of an organization based on Business Impact Analysis, Business Continuity Plan, Disaster Recovery Plan, Incident Management Training, Testing and Evaluation.
  • Learn about Incident Management Operations, Tools and Technologies, Incident Containment Methods, Incident Eradication and Recovery and Post-Incident Review Practices.
Still unsure?
We're just a click away
For
loader-infosectrain

Can't wait? Get in touch now

Toll Free Numbers

How We Help You Succeed

Vision

Vision

Goal

Goal

Skill-Building

Skill-Building

Mentoring

Mentoring

Direction

Direction

Support

Support

Success

Success

Career Transformation

Career Transformation

3.4 million

Cybersecurity experts needed

$4.55 Million

The average cost of a data breach

To tackle the skills shortage
67%

Organizations Plan to recruit trained staff

72%

Organizations Plan to invest in training

Demand across industries
Education

Education

Healthcare

Healthcare

Retail

Retail

Government

Government

Manufacturing

Manufacturing

Finance

Finance

Career Transformation
Career Transformation

Your Trusted Instructors

Words Have Power

Success Speaks Volumes

Success Story

Get a Sample Certificate

Sample Certificate

Frequently Asked Questions

How long is the CISM Exam?

The CISM examination is a four-hour (240 minutes) exam consisting of 150 multiple choice questions.

Where can I take the CISM Exam?

  • Computer-Based Testing Locations
  • CISM exams are administered at 1,300 PSI locations across the world and in ten languages.

Please visit https://www.isaca.org/credentialing/cism/cism-exam to search the suitable exam site. ISACA keeps adding the new PSI locations.

Can I review answers before the end of the test?

Yes. Answers can reviewed.
Flag questions you want to review before your exam time is over.

When will I receive my exam results?

  • Preliminary result (pass or not pass) is available on the screen immediately after the completion of your exam.
  • Official score will be emailed and available online within 10 business days from the date that candidates take the exam.
  • Successful candidates receive details on how to apply for certification.
  • Result is not available on phone or fax to maintain the privacy.

Do I need to apply for another exam voucher if I need to retake the exam?

Yes, but candidates do not need to go through the eligibility application process again.

What are the eligibility requirements for CISM Certification?

  • Pass the CISM Exam within the last 5 years.
  • Work experience must be gained within the 10-year period preceding the application date for certification or within five years from the date of initially passing the exam.
  • Three of the five years of work experience must be gained performing the role of an information security manager.
  • Submit the CISM Certification Application including Application Processing Fee.

For more information please visit https://www.isaca.org/credentialing/cism

What qualifications are required to earn the CISM Certification?

  • Pass the CISM examination
  • Submit an application for CISM certification
  • Adherence to the Code of Professional Ethics
  • Adherence to the Continuing Professional Education Program
  • Compliance with the Information Systems Auditing Standards

Who is eligible to become CISM Certified and what makes CISM unique?

  • CISM certification is a unique management-focused certification.
  • It has been designed is for the individual who manages, designs, oversees and assesses an enterprise’s information security.
  • it validates your managerial, designing, overseeing skills and expertise.
  • It brings the best opportunities for anyone in the infosec with an interest in the managerial aspects of information security, in contrast to the technical aspects.
  • Any professional with the required experience can apply for the certification.

How much is the exam fees?

  • Member: US$575
  • Non Member Fee: US$760

How is the CISM exam scored?

On 200-800 point scale, ISACA has set 450 as the passing mark for the exams.

  • A scaled score is a conversion of the raw score on an exam to a common scale.
  • Please note that the exam score is not based on an arithmetic or percent average. For example, if all 150 questions are answered correctly, the scaled score is 800, a perfect score; a scaled score of 200 is the lowest score possible when only a small number of questions are answered correctly.
  • A score of 450 represents a minimum consistent standard of knowledge as established for the exam by the respective ISACA Certification Committee.
  • Scaled score of 450 or higher must be achieved to pass the exam.

Are there any fees to apply for CISM Certification?

  • A US$50 application processing fee is required for all
  • submissions.
  • The application fee is a one-time, non-refundable payment.

Payment can be made on https://www.isaca.org/credentialing/cism/get-cism-certified

Can I take the CISM, CRISC, CISA and CGEIT exams in the same exam window?

  • Yes, candidates are allowed to take one each of CISM, CRISC, CISM and CGEIT within the same window.
  • Candidates may NOT take the same certification exam more than one time within a window

Where can I find the application for CISM certification?

CISM application is available on ISACA website

What are the requirements to maintain CISM Certification? What does CISMs continuing professional education policy require?

  • Maintaining your CISM Certification means maintaining an adequate level of current knowledge and proficiency in the field of information systems audit, control and security.
  • The CISM CPE policy requires the attainment of CPE hours over an annual and three-year certification period. CISMs must comply with the following requirements to retain certification:
  • Earn and report an annual minimum of twenty (20) CPE hours. These hours must be appropriate to the currency or advancement of the CISM’s knowledge or ability to perform CISM-related tasks. The use of these hours towards meeting the CPE requirements for multiple ISACA certifications is permissible when the professional activity is applicable to satisfying the job-related knowledge of each certification.
  • Earn and report a minimum of one hundred and twenty (120) CPE hours for a three-year reporting cycle period.
  • Pay the CISM annual maintenance fee
  • Comply with the annual CPE audit if selected
  • Comply with ISACA’s Code of Professional Ethics
  • Abide by ISACA’s IT auditing standards

Failure to comply with these certification requirements will result in the revocation of an individual’s CISM designation. In addition, as all certificates are owned by ISACA, if revoked, the certificate must be destroyed immediately.

How can I schedule the exam for CISM?

  • Candidates can register online anytime for the CISM certification exam.
  • Registration and payment will be valid for 365days/12 months from the date of online registration.
  • Payment is mandatory before scheduling the exam.
  • Candidates can schedule their exam for any available date/time/location within their 365-day eligibility period.
  • Exam can be rescheduled within 365 days eligibility period. But it must be done more than 48 hours prior to the original scheduled testing appointment.
  • Candidates must take the exam if they are within 48 hours of scheduled testing appointment or their registration fee will be forfeited.

What are the pre requisites for CISM certification

To earn CISM certification, candidates need to:

  • Submit the complete application within five years from the date of initially passing the examination
  • Get all the listed experience verified by the employers.
  • The experience should have been gained within the 10-year period preceding the date of application, or within five years of passing the examination.
  • A minimum of 5-years of professional information systems auditing, control or security work experience – as described in the CISM job practice areas – is required for certification.

Is there any waiver for 5years experience required for CISM Certification?

To help candidates meet the CISM work experience requirements, ISACA allows candidates to substitute up to 2years of the CISM work experience requirement of 5 years with various options.
to know the details of the waivers available

Will CISSPs and other security credential holders qualify for CISM?

Yes, CISSPs receive a two-year general information security experience waiver. Other security credential holders are also considered as professionals with knowledge and experience in information security management.

What is the best way to prepare for the exam

  • CISM Review Manual offered by ISACA, has all the relevant course content good enough to help the aspirants to crack CISM exam. Make a habit to read it religiously. This Manual is treated as the best guide for self study.
  • Practice questions can easily be picked up from ISACA’s Review Questions Database. It is an online source which not only has questions but also answers and explanation of those answers.
  • In addition to these candidates can join boot camps/ online training offered by Infosec Train for CISM Certification exam.

TOP
whatsapp