- Govern information security policies
- Manage risks and ensure compliance to the information security policies
- Develop, manage and implement information security program in an organization
- Manage incidents related to information security
Requirements
- As with the CISM certification exam, the candidates are required to have a minimum of five years of experience in information security management.
- Experience in the fields of information security governance, risk management, compliance, and incident management is also preferable.
Description
The Certified Information Security Manager (CISM) course helps the candidates to achieve the CISM certification. The certification is offered by the Information Systems Audit and Control Association (ISACA) to validate the expertise and knowledge of the candidates regarding the relationship between an information security program and the broader business targets. The certification also validates that the candidate has the hands-on knowledge of developing, managing and implementing an information security program for an organization.
CISM certification is a certification by ISACA for experienced Information security management professionals with work experience in developing and managing information security programs. The CISM course covers the four domains of the CISM certification exam. The course is an ideal preparatory course for the students seeking to gain CISM certification as well as the IT security and information security professionals looking to build on their practical experience.
Who this course is for:
- The ideal candidates for the course must be:
- Experienced information security managers and officers
- IT consultants and managers
- IT auditors
- IT security policy makers
- Privacy officers
- Network administrators
- Network security engineers
- Candidates seeking CISM certification
How to become a CISM
The CISM certification process includes a 200-question multiple-choice exam that is scored using a 200-800 scaled scoring method. This allows performance comparisons to be made among candidates. 450 is a passing score, indicating that the individual meets a minimum consistent standard of knowledge set by the ISACA Certification Committee.
The exam covers four content areas:
- Information security management
- Information risk management and compliance
- Information security program development and management
- Information security incident management
To qualify for the exam, applicants must have five years of verified experience in the infosec field, with a minimum of three years of infosec management experience in three or more of the CISM content areas. Experience must be gained within a 10-year period preceding the application date or within five years from the date of passing the exam.
To maintain CISM certification, individuals must sustain an adequate level of knowledge and proficiency in the field of information systems security management, complete 20 continuing professional education (CPE) hours annually and follow ISACA’s Code of Professional Ethics.
Benefits of CISM Certification
- Recognition of attainment of advanced job skills as required for an information security professional
- Worldwide recognition as an information security manager
- Confirms commitment to profession
- Provides access to valuable resources, such as peer networking and idea exchange