ISACA Certified Information Security Manager (CISM®)
Training including examination and certification
.svg)
Machine Learning Engineer
Domain 1: Information Security Governance
- Overview of corporate governance
- Organizational culture, structures, roles and responsibilities
- Legal, regulatory and contractual requirements
- Information security strategy
- Framework conditions and standards for information security
- Strategic planning
Domain 2: Information Security Risk Management
- Risk and threat situation
- Analysis of weak points and control deficiencies
- Risk assessment, evaluation and analysis
- Response to information risks
- Risk monitoring, reporting and communication
Domain 3: Information Security Program
- Development and Resources for IS Programs
- IS Standards and Frameworks
- Defining an IS Program Roadmap
- IS Program Metrics
- IS Program Management
- IS Awareness and Training
- Integration of the security program into IT operations
- Program communication, reporting and performance management
Domain 4: Incident Management
- Overview of Incident Management and Incident Response
- Incident management and incident response plans
- Classification/categorization of incidents
- Measures, tools and technologies for incident management
- Investigation, assessment, containment and communication of incidents
- Elimination, recovery and verification of incidents
- Impact on Business and Business Continuity
- Disaster recovery planning
- Training, testing and evaluation
Requirements:
There is no formal admission for attending the course.
The requirements for official ISACA® certification are:
1. Passing the CISM® exam
- The exam can be taken without any work experience.
- Once you have passed the exam, you must apply for certification within 5 years.
2. proof of at least five years of professional experience in information security management
- This experience must have been gained within the last ten years before submitting the application or within five years of passing the examination.
3. coverage of at least three of the four CISM® domains
- The professional experience must include practical knowledge in at least three of the following four areas:
- Information Security Governance
- Information Security Risk Management
- Information Security Program
- Incident Management
4. verifiability of professional experience
- Work experience must be verified by a higher-level authority (e.g., supervisor the human resources department).
5. submission of the application for certification to ISACA®
- Online application or PDF form (depending on the case)
- Payment of an application fee, currently $50
6. Agreement to the ISACA® Code of Professional Ethics
- Obligation to comply with ethical standards in the exercise of the profession
7. compliance with Continuing Professional Education (CPE) requirements
- After certification: annual further training and proof of maintenance of the title
- Develop and manage a governance framework that aligns information security with business objectives
- Defining guidelines, responsibilities and control mechanisms within the framework of legal and regulatory requirements
- Identify, assess and prioritize information security risks based on threats, vulnerabilities and impacts
- Developing appropriate risk management strategies and establishing a continuous risk reporting and monitoring system
- Establish and implement a comprehensive information security program that includes policies, measures, awareness and metrics
- Integrating security processes into business operations and managing internal and external resources
- Develop and maintain an incident management process for the effective detection, reporting and handling of security incidents
- Conducting analysis, containment, recovery, and follow-up—including lessons learned and process optimization
Depending on your learning style, exam preparation requires at least 10–20 additional hours of study outside of class.
When you register for an ISACA exam, you have six months from the date of registration to schedule and take your exam. So be sure to reserve your exam date well in advance.
All other learning resources, such as QAE, online review courses, webinars, and virtual workshops, will also be available to you for 6 months from the date of redemption. You will retain access to the official review manuals indefinitely.
Exam format:
- 150 multiple-choice questions
- Duration: 4 hours (240 minutes)
- Implementation: Online with remote proctoring or in an authorized test center
- Language: Available in multiple languages (you select the language when you register for the exam.)
- Aids: none
The course is aimed at information security professionals with at least five years of professional experience - at least three of which must be in a senior security role.
This course is ideal for CISOs, CSOs, security managers, and IT and compliance professionals who want to take the next step in their leadership careers. CISM® certification enhances your credibility when interacting with stakeholders, colleagues regulatory authorities—both internally and externally.
.svg)
