The CISM is a management-focused certification that promotes international security practices and validates individuals’ skills to manage designs, oversee, and assesses an enterprise’s information security. The CISM training course at Infosec Train helps candidates develop an Understanding of Risk management, information security governance, and drafting security policies and strategies to achieve the organizational goals.
The uniquely management-focused CISM certification promotes international security practices and recognizes the individual who manages designs, and oversees and assesses an enterprise’s information security. The demand for skilled information security management professionals is on the rise, and the CISM certification is the globally accepted standard of achievement in this area.
CISMs understand the business. They know how to manage and adapt technology to their enterprise and industry.
- Security consultants and managers
- IT directors and managers
- Security auditors and architects
- Security systems engineers
- Chief Information Security Officers (CISOs)
- Information security managers
- IS/IT consultants
- Chief Compliance/Privacy/Risk Officers
Submit verified evidence of a minimum of five years of information security work experience, with a minimum of three years of work experience in three or more job practice analysis areas of information security management. The work experience must be gained within the 10 years preceding the application date for certification or within 5 years from the exam’s passing date.
The following security-related certifications and information systems management experience can be used to substitute the indicated amount of information security work experience.
- Certified Information Systems Auditor (CISA) in good standing
- Certified Information Systems Security Professional (CISSP) in good standing
- Post-graduate degree in information security or a related field (e.g., business administration, information systems, information assurance)
- One full year of information systems management experience
- One full year of general security management experience
- Skill-based security certifications (e.g., SANS Global Information Assurance Certification (GIAC), Microsoft Certified Systems Engineer (MCSE), CompTIA Security +, Disaster Recovery Institute Certified Business
- Continuity Professional (CBCP), ESL IT Security Manager)
Completion of an information security management program at an institution aligned with the Model Curriculum
- Duration: 4 Hours
- Number of questions: 150
- Question format: Multiple Choice
- Passing marks: 450 out of 800
- Exam language: English, Japanese, Korean, Spanish