Course Overview

The Certified Information Security Manager (CISM) certification from ISACA is a leading credential for professionals who manage, design, oversee, and assess an enterprise's information security. The CISM certification validates your expertise in the four key domains of information security, demonstrating that you have the knowledge and experience to bridge the gap between high-level business goals and effective, on-the-ground security implementation.

Learning Outcomes

Upon successful completion of this course, you will be able to:

Establish and maintain an information security governance framework aligned with business goals.
Manage information risk to an acceptable level based on a formal risk assessment process.
Develop and manage an information security program to implement the governance framework.
Oversee information security incident management to effectively respond to and recover from events.
Understand the relationship between information security and broader enterprise governance.
Be fully prepared to sit for and pass the CISM certification exam.

Ready to Lead Your Organization's Security?

Take our free skills assessment to see how well you understand information security management.

Take the Free Exam

Comprehensive Syllabus

Domain 1: Information Security Governance

Enterprise Governance and Information Security Strategy
Legal, Regulatory, and Contractual Requirements
Organizational Structure, Roles, and Responsibilities
Information Security Policies, Standards, and Procedures
Business Case Development and Performance Metrics (KPIs, KRIs)

Domain 2: Information Risk Management

Information Risk Identification and Assessment
Risk Response and Mitigation
Risk and Control Monitoring and Reporting
Threat and Vulnerability Evaluation
Integrating Risk Management into the Enterprise

Domain 3: Information Security Program Development and Management

Information Security Program Resources and Frameworks
Security Awareness, Training, and Education
Business Impact Analysis (BIA)
Security Controls Implementation and Integration
Program Metrics and Performance Measurement

Domain 4: Information Security Incident Management

Incident Response Plan Development and Maintenance
Incident Detection, Investigation, and Triage
Incident Containment, Eradication, and Recovery
Post-Incident Activities and Reporting
Business Continuity and Disaster Recovery Planning

Certification Exam

This training prepares you for the official ISACA Certified Information Security Manager (CISM) exam.

Exam Format: Multiple-choice questions.
Number of Questions: 150 questions.
Passing Score: Scaled score of 450 or higher (out of 800).
Duration: 4 hours.
Examining Body: ISACA.

Key Facts

AudienceInformation Security Managers, IT Directors, Security Consultants, Risk Officers, and experienced IT professionals aspiring to a management role in security.
PrerequisitesFive or more years of experience in information security management is required for certification (waivers are available).
Duration5 Days / 40 Contact Hours
FormatIn-Person & Live Online
Certification BodyISACA

Enroll or Inquire Now Download Course Catalogue