CISM Certification: Certified Information Security Manager

ISACA Elite Featured Training Partner

2,447 Learners

CISM Certification Course Overview

You will acquire the requisite skills to design, deploy, and manage security architecture for your organization with this CISM certification training from Simplilearn. This course is aligned with ISACA best practices. Today, enterprises and government agencies increasingly expect their IT professionals to hold a CISM certification.

Exam Pass Guarantee
Simplilearn offers an Exam Pass Guarantee* to students who complete our course training. We also provide a voucher (free of charge) to our students so they can retake the exam in case they fail the CISM Certification final exam on the first try.
100% Money Back Guarantee
No questions asked refund*

At Simplilearn, we value the trust of our patrons immensely. But, if you feel that a course does not meet your expectations, we offer a 7-day money-back guarantee. Just send us a refund request via email within 7 days of purchase and we will refund 100% of your payment, no questions asked!

CISM Certification Key Features

  • ISACA Kit included
  • Official CISM® Review Questions & Explanations Database
  • 16 CPE’s offered
  • ISACA Accredited Instructors
  • Official Review manual from ISACA
  • 8X higher interaction in live online classes conducted by industry experts
  • ISACA Kit included
  • ISACA Accredited Instructors
  • Official CISM® Review Questions & Explanations Database
  • Official Review manual from ISACA
  • 16 CPE’s offered
  • 8X higher interaction in live online classes conducted by industry experts
  • ISACA Kit included
  • ISACA Accredited Instructors
  • Official CISM® Review Questions & Explanations Database
  • Official Review manual from ISACA
  • 16 CPE’s offered
  • 8X higher interaction in live online classes conducted by industry experts

Skills Covered

  • Information Security Governance
  • Information Security Program
  • Design Security Architecture
  • Enterprise IT Frameworks
  • Information Security Risk Management
  • Incident Management
  • Knowledge of ISACA Domains
  • Information Security Governance
  • Information Security Risk Management
  • Information Security Program
  • Incident Management
  • Design Security Architecture
  • Knowledge of ISACA Domains
  • Enterprise IT Frameworks
  • Information Security Governance
  • Information Security Risk Management
  • Information Security Program
  • Incident Management
  • Design Security Architecture
  • Knowledge of ISACA Domains
  • Enterprise IT Frameworks

Begin your journey to success

Get lifetime access to self-paced e-learning content

Benefits

CISM certification is a globally recognized professional requirement in the IT Security domain. This certification is best suited for security consultants and managers, IT directors and managers, security auditors and architects, security system engineers, CISOs, information security managers, and risk officers.

  • Designation
  • Annual Salary
  • Hiring Companies

Training Options

online Bootcamp

  • 90 days of flexible access to online classes
  • Lifetime access to high-quality self-paced elearning content and live class recordings
  • 24x7 learner assistance and support
  • Cohorts starting from:-
4th May: Weekend Class

Program Fee as low as :

$ 2,299

View all cohorts

CISM Certification Course Curriculum

Eligibility

CISM certification is a globally recognized professional requirement in the IT Security domain. This certification is best suited for security consultants and managers, IT directors and managers, security auditors and architects, security system engineers, CISOs, information security managers, IT consultants, and risk officers.

To be eligible to take the CISM exam, you must meet the following requirements:

Successful completion of the CISM Exam

Certification application within the five-year window post-exam

Accumulation of 5 years of experience in the Information Security Management field

Eligibility criteria for job roles under IS audit, control, assurance, or security experience can be found here

Experience required within 3 out of the 4 domain 

All applicable experience must fall within the past 10 years of the application

A minimum of 3 years of experience is required in three out of the four CISM job practice areas.

General Information Security Experience Waiver (optional) 
Overall experience in information security (up to a maximum of 2 years).

Substitutions for CISM Work Experience (Optional) - Only 1 may be applied and documentation required. Click here for more details
Read More

Pre-requisites


Work experience verification requires independent confirmation from a person with whom you collaborated
- Manager
- Supervisor
- Colleague 
- Client
Verifiers cannot be:
- Immediate or extended family 
- Human Resources Department
Read More

Course Content

  • Certified Information Security Manager (CISM®)

    Preview
    • Lesson 01: Course Introduction

      05:15Preview
      • 1.01 Welcome to Certified Information Security Manager Course
        00:27
      • 1.02 Certification Overview
        01:12
      • 1.03 Skills Covered
        03:36
    • Lesson 02: Information Security Governance: Enterprise Governance

      36:37Preview
      • 2.01 Organizational Culture
        03:24
      • 2.02 Governance vs. Management
        04:51
      • 2.03 Legal Regulatory and Contractual Requirements
        06:24
      • 2.04 Data Security Frameworks
        10:39
      • 2.05 Data States
        03:10
      • 2.06 Organizational Structures Roles and Responsibilities
        08:09
    • Lesson 03: Information Security Governance: Information Security Strategy

      47:34Preview
      • 3.01 Information Security Strategy Development
        02:38
      • 3.02 Information Governance Frameworks and Standards
        03:04
      • 3.03 Strategic Planning
        06:17
      • 3.04 SWOT Analysis
        03:20
      • 3.05 Opex and Capex
        01:49
      • 3.06 KGI's KPI's and KRI's
        03:48
      • 3.07 CIA Triad
        05:00
      • 3.08 Designing security into software
        04:54
      • 3.09 US Data Privacy Laws
        07:13
      • 3.10 GDPR
        09:31
    • Lesson 04: Information Security Risk Management Information Security: Risk Assessment

      35:55Preview
      • 4.01 Emerging Risk and Threat Landscape
        02:55
      • 4.02 Risk Identification
        03:33
      • 4.03 Risk Management
        05:05
      • 4.04 Vulnerability and Control Deficiency Analysis
        03:29
      • 4.05 Risk Assessment and Analysis
        07:03
      • 4.06 COBIT
        04:35
      • 4.07 Attackers and Phishing
        04:38
      • 4.08 ISO 27001
        04:37
    • Lesson 05: Information Security Risk Management Information Security: Risk Response

      09:21
      • 5.01 Risk Treatment and Response
        04:13
      • 5.02 Risk and Control Ownership
        02:44
      • 5.03 Risk Monitoring and Reporting
        02:24
    • Lesson 06: Information Security Program Information Security: Program Development

      14:48Preview
      • 6.01 Information Security Program Resources
        03:42
      • 6.02 Information Asset Identification and Classification
        04:39
      • 6.03 Information Security Policies Procedures and Guidelines
        02:46
      • 6.04 Information Security Program Metrics
        03:41
    • Lesson 07: Information Security Program Information Security: Program Management

      32:29Preview
      • 7.01 Information Security Control Design and Selection
        04:26
      • 7.02 Information Security Control Implementation and Integrations
        02:46
      • 7.03 Information Security Control Testing and Evaluation
        02:07
      • 7.04 Information Security Awareness and Training
        02:23
      • 7.05 Management of External Services
        01:35
      • 7.06 Information Security Program Communications and Reporting
        02:07
      • 7.07 Introduction to Access Control
        02:50
      • 7.08 Authentication and Authorization
        02:28
      • 7.09 Introduction to Cryptography
        02:33
      • 7.10 Overview of Encryption
        02:36
      • 7.11 Hashing
        02:23
      • 7.12 Social Engineering Attacks
        04:15
    • Lesson 08: Incident Management: Incident Management Readiness

      20:27Preview
      • 8.01 Incident Management Plan
        03:34
      • 8.02 Business Impact Analysis (BIA)
        02:45
      • 8.03 Business Continuity Plan (BCP)
        03:13
      • 8.04 Disaster Recovery Plan (DRP)
        04:19
      • 8.05 Incident Classification and Categorization
        01:53
      • 8.06 Incident Management Training and Testing
        04:43
    • Lesson 09: Incident Management: Incident Management Operations

      16:18
      • 9.01 Incident Management Tools and Techniques
        03:02
      • 9.02 Incident Containment Methods
        03:28
      • 9.03 Incident Response Communications
        04:05
      • 9.04 Incident Eradication and Recovery
        02:51
      • 9.05 Post incident Review Practices
        02:52

CISM Certification Course Advisor

  • Dean Pompilio

    Dean Pompilio

    Technical Trainer, Owner- Steppingstonesolutions Inc

    Mr.Pompilio has been an IT Professional since 1989. He has worn many hats along the way and holds over 20 IT certifications which include EC-Council CEI, CEH, CHFI, CISSP, CISA, CISM. His passion is to help IT professionals achieve their training goals and career growth.

prevNext

CISM Course Exam & Certification

CISM Certification: Certified Information Security Manager
  • How do you become a CISM certified professional?

    To become CISM certified, you must meet the following requirements:

    • Successful completion of the CISM examination
    • Adherence to the ISACA Code of Professional Ethics
    • Agree to comply with the Continuing Education Policy
    • Five years of work experience in the field of information security, three of which must be as an information security manager. Work experience must be gained in three of the four CISM domains. All information must be verified independently by employers.
    • Submit an application for CISM certification Training within five years from the date of initially passing the exam

     
    For additional information on how to become a certified CISM professional and to understand the CISM certification requirements, please visit:
    https://support.isaca.org/s/article/What-are-the-requirements-to-become-CISA-certified

    *Exam Pass Guarantee: Except for Indian Subcontinent, and Africa.
    Simplilearn offers Exam Pass Guarantee to our students who complete our course training. We offer a voucher (free of charge) to the students to retake the exam in case they fail ISACA CISM final exam.

    T&C for claiming the retake voucher as a part of the exam pass guarantee:

    • Attend at least one complete instructor-led class
    • Must give final exam within 30 days from the date of course completion
    • Produce exam failure notice received from ISACA

  • What are the prerequisites for CISM certification?

    To become a CISM certified professional, you need to fulfill the following criteria:
    • A completed application must be submitted within 5 years from the date of initially passing the examination.
    • All experience must be verified independently with employers.
    • This experience must have been gained within the 10-year period preceding the application date for certification or within five years of passing the examination.
    • Three (3) years of the five (5) years of work experience must be gained performing the role of an information security manager
    • In addition, this work experience must be broad and gained in three (3) of the four (4) CISM® domains

  • What do I need to do to unlock my certificate?

    Online Self-learning
    • Complete 85% of the Online Self Learning Content
    • Complete one simulation test with a minimum score of 60%

    Online Classroom:

    • Attend 1 complete Live Class batch or Complete 85% of the Online Self Learning Content
    • Complete one simulation test with a minimum score of 60%

  • Do you provide any practice tests as part of this course?

    Yes, we provide 1 practice test as part of our course to help you prepare for the actual certification exam. You can try this Free CISM Exam Prep Practice Test to understand the type of tests that are part of the course curriculum. 

  • Are there any domains I should prioritize when studying for the CISM exam?

    While comprehensive preparation across all four CISM domains is essential for success, understanding their relative weightage can guide strategic study efforts.
     

    According to the ISACA CISM Exam Outline, the approximate weightage for each domain is as follows:

    Domains

    Average Weight

    1. Information Security Governance 17%
    2. Information Security Risk Management 20%
    3. Information Security Program 33%
    4. Incident Management 30%
    Total 100%

    However, it's crucial to remember:

    • Weightage can vary slightly from exam to exam.
    • Neglecting domains with lower weightage could still lead to missed questions and a lower score.
    • Exam questions often integrate concepts from multiple domains, requiring a holistic understanding.

CISM Certification Training Reviews

  • Peter Bartow

    Peter Bartow

    Sr Project Manager IT PMO

    I enjoyed taking the class with so many people from all over the world. The course was elaborate and easy to comprehend.

  • Tejaswa Rastogi

    Tejaswa Rastogi

    The course encapsulates the offensive approach, which is good, and there is much to learn.

  • Hussein Ali AL-Assaad

    Hussein Ali AL-Assaad

    IT Manager at O&G Engineering

    Simplilearn has been a great learning experience. The trainer is extremely knowledgeable. The full team is very helpful and flexible. I recommend Simplilearn to my friends and families.

prevNext

Why Online Bootcamp

  • Develop skills for real career growthCutting-edge curriculum designed in guidance with industry and academia to develop job-ready skills
  • Learn from experts active in their field, not out-of-touch trainersLeading practitioners who bring current best practices and case studies to sessions that fit into your work schedule.
  • Learn by working on real-world problemsCapstone projects involving real world data sets with virtual labs for hands-on learning
  • Structured guidance ensuring learning never stops24x7 Learning support from mentors and a community of like-minded peers to resolve any conceptual doubts

CISM Certification’s Related FAQs

  • You offer an exam pass guarantee. How does it work?

    *Free exam retake terms and conditions:

    Terms and Conditions: 
    Simplilearn offers Exam Pass Guarantee to our students who complete our course training. Simplilearn uses top learning methodologies to equip learners with the knowledge and confidence to pass the CISM exam in the first attempt. If you do not pass the CISM exam at the first attempt, Simplilearn will provide you one free exam retake.


    To ensure your success, we strongly recommend that you take the CISM exam within a week of the course completion date—or a maximum of 45 days from the completion of the online training. This way, the course materials will be fresh in your mind.

    Exam Attempts:

    Attempt

    Time Frame

    Result

    Free Exam Retake

    First

    Within 6 months (180 days) from enrollment date

    Did Not Pass

    Yes

    Exam Pass Guarantee:
    If you do not pass the exam on the first attempt, Simplilearn will provide you one free exam retake.  You must submit a copy of your scorecard.  

    Terms and Conditions for qualifying:

    This money-back guarantee applies only to Simplilearn’s CISM blended learning. The guarantee is valid only for participants who have paid the entire enrollment fee.

    The guarantee becomes void if:

    • Participants do not take the CISM examination within 45 days of unlocking the certificate.
    • Participants do not maintain 100% attendance during the training sessions.
    • Participants fail to book their exam within 6 months from the date of enrollment 
    • Participants do not follow the instructions of the trainer and do not complete the exercises given during the training.
    • Participants do not submit the required documents to Simplilearn.
    • Participants failed to request a refund within 15 days of receiving their results 

  • What is the CISM certification cost?

    The CISM certification cost is USD 575 for ISACA members and USD 760 for non-ISACA members.

  • What is the structure of the CISM certification exam?

    ISACA uses and reports scores on a common scale of 200 to 800. For example, the scaled score of 800 represents a perfect score with all questions answered correctly; a scaled score of 200 is the lowest score possible and signifies that only a small number of questions were answered correctly. You must achieve a score of 450 or higher to pass the CISM exam.

  • What certification will I receive after completing the training?

    After successful completion of the training, you will be awarded the course completion certificate along with the 16 CPE certificate from Simplilearn.

  • When & where are the CISM exams conducted?

    CISM exam is conducted thrice in a year in the months of July, September and December. To find the exam locations & dates go to (www.isaca.org/certification/pages/exam-locations.aspx)

  • Can I defer my CISM certification exam?

    If you are unable to take the exam, you can request a deferral of your registration fees to the next exam date. To learn more about deferring your exam, including deferral deadlines and costs, please visit http://www.isaca.org/certification/pages/exam-deferral.aspx.

  • Do you provide assistance for the exam application process?

    Yes, we do provide assistance for the exam application process. You can state your queries on community.simplilearn.com and get them answered along with any other query or concern that you might have about the course.

  • How does Simplilearn assure me that the training and course material delivered are effective?

    Our CISM course is developed to deliver a first attempt pass rate of 100%. With a hands-on learning approach, the training not only gives you the confidence to clear the exam but also helps you retain the knowledge beyond the examination.

  • Can I cancel my enrollment? Will I get a refund?

    Yes, you can cancel your enrollment. We provide you a refund after deducting the administration fee. To know more, please go through our Refund Policy.

  • I’d like to learn more about this training program. Who should I contact?

    Contact us using the form on the right of any page on the Simplilearn website, or select the Live Chat link. Our customer service representatives will be able to give you more details.

  • What after CISM?

    Achieving a CISM certification offers you many career benefits. However, you shouldn’t stop upskilling yourself as the world of cybersecurity is quite dynamic. Here are some of the courses you can consider taking after becoming CISM certified:

  • How do I get CISM certified?

    You need to pass the CISM certification exam to get certified. Additionally, you must have the relevant full-time work experience of at least five years in information security management and then submit the CISM Certification Application, including the application processing fee. 

  • What is a CISM certification?

    The CISM or the certified information security manager is a certification designed for information security and IT professionals who want to acquire and validate skills required for designing, maintaining, and deploying security architecture. For risk management to respond proactively to incidents, this certification focuses on every vital skill necessary for security management. 

    The cism certification covers four domains including information security risk management, information security governance, information security incident management, and information security program development and management. All these domains are covered to validate the skills and knowledge necessary for efficient and effective information security management. The cism certification holds special importance in government entities and large corporation bodies where maintaining information security is crucial.

  • Who is eligible for CISM?

    Although anyone with an interest in the information security management field will find the certified information security manager certification relevant, for becoming a CISM-certified professional it is essential to have at least five years of working experience in the field of information security or fulfilling similar roles. You can sit for the CISM exam without prior working experience in this field; however, for becoming a certified information security manager in CISM, work experience is mandatory. 

  • Benefits of having CISM certification

    When you successfully acquire a cism certification, you enjoy multiple advantages associated with it, such as:

    • Better Job Opportunities: The cism certification is your doorway to welcoming better job opportunities. After acquiring this certification, you can fulfill several important roles in an organization including information security manager, chief information security officer, IT security manager, IT security specialist, and many others. 
    • Increased Income Potential: Undoubtedly, after becoming a CISM-certified professional, your income potential increases. You can fulfill roles with higher salary packages and value.
    • Versatility: The cism certification welcomes versatility in your career. You can choose from a variety of job opportunities including in the fields of IT security, information systems security management, security administration, and many others. 
    • Skill Enhancement: CISM provides you with the opportunity to not only validate your existing skills but also learn new ones. The skill sets learned help in career advancement and increase your value in an organization.
    • Higher Organizational Value: CISM-certified professionals are highly valued throughout the industry. They are valued for their advanced knowledge and skill that helps organizations in enhancing their information security systems.

  • CISM certification requirements

    The list of CISM certification requirements is as follows:

    • The completion of a high school diploma or an undergraduate degree.
    • Submission of a completed application form within five years of passing the CISM exam.
    • Working experience gained within a 10-year period preceding the application date for the certification or within five years of passing the CISM exam. 
    • A minimum of three to five years of working experience, must have served the role of an information security manager or similar position. The experience gained must cover at least three out of four CISM domains. 
       

  • Is CISM right for me?

    The CISM or certified information security manager certification is right for you if you are willing to establish a rewarding career in the field of information security management. If it is your desire to fulfill higher, strategic, and managerial roles, earning the CISM certification is no less than a valuable asset. If you see the career of your future in the information security industry and want to occupy leadership positions in the same, CISM is definitely the best certification for you to obtain.

  • How to pass CISM Training in first attempt?

    The secret to passing the CISM training in the first attempt is good preparation. You can choose to pursue a CISM certification training from a reliable and accredited online platform like Simplilearn. The comprehensive training program takes you to the depth of CISM domains and follows a comprehensive study structure and practice through projects and real-world scenarios. The study materials and practice exams help you fully prepare for the CISM training exam and pass it on the first attempt with confidence.

  • What is the pass mark for CISM Certification?

    ISACA, the examining board uses a 200-800 point scale for calculating the marks; however, obtaining a minimum score of 450 or higher is mandatory to obtain the certification.

  • How long does CISM certification last?

    The CISM certification is valid for a period of three years. If you are a member of the ISACA, you will be required to pay a minimal fee of $45 for the annual maintenance of the certification. Non-members are required to pay a fee of $85 for annual maintenance. Once the validation of your certification is over, you must appeal for renewal and obtain the desired credit mandatory for the renewal process.

  • Why get a Cism certification?

    Not just one, there are several reasons why you should acquire a CISM certification, such as:

    • Welcomes Advancement in Career: Undoubtedly, the cism certification welcomes career advancement for information security professionals. Once certified, they are recognized in the industry as skilled information security professionals who are ideal for managerial and other leadership roles in the organization. This career advancement enhances credibility and also increases the income potential of a professional. 
    • Increases Organizational Value: There cannot be anything better than occupying a higher-level position in an organization. With the knowledge and skills gained throughout the learning process and obtaining the cism certification, your value in the organizationincreases, and you become the most suitable candidate for occupying higher, more important, skill-based positions. 
    • Your Skills and Knowledge are Enhanced: A CISM certification training is your gateway to learning new skills and obtaining more, in-depth knowledge about the four CISM domains. The new skillsets and in-depth knowledge make you more valuable in the competitive job industry. 
    • Increased Network Opportunities: Once you become a CISM-certified professional, you get global exposure, thus, giving rise to several new opportunities for collaborating, networking, and expanding your recognition. 
    • Your Income Potential is Higher: The CISM-certified exam is competitive, and once you pass this difficult examination, you become eligible for highly paid roles of greater responsibility and importance in an organization.

  • What are the career opinions after completing CISM Training?

    There are several career opportunities after acquiring the CISM certification. Find out the list of career options and their average annual earnings from the detailed table below:

    Job Roles

    Average Salary in India (per year)

    Average Salary in the USA (per year)

    Information Security Officer

    ₹ 12.0 Lakhs

    $99,878

    Chief Information Security Officer

    ₹ 36.4 Lakhs

    $2,23,269

    Senior IT Security Specialist

    ₹ 13.4 Lakhs

    $128,433

    Lead Security Analyst

    ₹ 15.4 Lakhs

    $93,167

    Senior Security Administrator

    ₹ 9.0 Lakhs

    $93,052 

    Information Security Manager

    ₹ 18.0 Lakhs

    $124,615 

  • CISM vs. CISSP

    The CISM and CISSP are both highly-valued and recognized certifications in the field of information security. Many professionals get confused between these two certifications and cannot decide which one is better for their career. Here is a brief distinction between CISM and CISSP:
     

    Specification

    CISM

    CISSP

    Main Focus

    The main focus of this certification is on information security systems management and its four domains, including risk management, incident management, program development, and governance. 

    The main focus of this certification is on the domains of network security, cyber security, cryptography, software development security, and so on. 

    Ideal For

    Professionals seeking managerial and leadership roles.

    Professionals seeking IT security roles.

    Required Work Experience 

    Minimum five years of working experience with expertise in three out of four domains of CISM.

    A minimum five years of full-time experience focusing on the eight domains of CISSP. 

  • Disclaimer
  • PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.