Certified Information Security Manager (CISM)

Certified Information Security Manager (CISM)

Manage information security programs and become a strategic asset to enterprise leadership

Certified Information Security Manager (CISM)


ISACA’s Certified Information Security Manager (CISM) certification is for those with technical expertise and experience in IS/IT security and control and wants to make the move from team player to manager. CISM can add credibility and confidence to your interactions with internal and external stakeholders, peers and regulators.

Delivery format: Classroom, Virtual-Led & Self-Paced Online
Certification: Certified Information Security Manager (CISM) 

The ISACA Certified Information Security Manager (CISM)certification is one of the most important and prestigious InfoSec qualifications in the world today. CISM defines the core competencies and international standards of performance that information security managers are expected to master. It provides executive management with the assurance that those who have earned their CISM have the experience and knowledge to offer effective security management and advice.

This 4-day course provides an intense environment in which participants can acquire, thoroughly and properly, the skills and knowledge expected of a world-class information security manager. In the process the course provides outstanding preparation for the CISM exam.

Types of risk may vary, but with its key role as an agent of innovation, technology has become the most critical risk factor for today’s enterprises. Since, conducting a risk assessment is not something a typical information technology education includes, many IT professionals are lacking in knowledge that businesses increasingly deem imperative to determining their future success.

The Certified Information Security Manager course is structured to follow the four Job Practice Areas as set out in the current CISM Review Manual. The course comprehensively covers each of the core competencies and associated task and knowledge statements, thereby ensuring thorough preparation for the CISM exam. The fundamental thrust of the examination is on understanding the concepts, not on memorising facts.  As a result, the course will be presented in an interactive manner to ensure the underlying concepts are understood and examination questions can be analysed properly to achieve the correct answer.

The Certified in Risk and Information Systems Control (CRISC) designation is designed for IT risk, control and compliance practitioners, business analysts, project managers and other resected professionals. The highly respected certification demonstrates to employers that the holder is able to identify and evaluate IT risk, and help their enterprise accomplish its business objectives. CRISC has received over 15 global recognitions.

Learning Objectives

The first step to becoming CISM certified is to take and pass the CISM certification exam, consisting of 150 questions covering 4 job practice domains:

  • Information Security Governance – Affirms the expertise to establish and/or maintain an information security governance framework (and supporting processes) to ensure that the information security strategy is aligned with organizational goals and objectives. Domain 1 confirms your ability to develop and oversee an information security governance framework to guide activities that support the information security strategy.
  • Managing Information Risk – proficiency in this key realm denotes advanced ability to manage information risk to an acceptable level, in accordance with organizational risk appetite, while facilitating the attainment of organizational goals and objectives. Domain 2 demonstrates expertise in classifying information assets to ensure measures taken to protect those assets are proportional to their business value
  • Developing and Managing an Information Security Program – establishes ability to develop and maintain an information security program that identifies, manages and protects the organization’s assets while aligning with business goals. Domain 3 attests to ability to ensure the information security program adds value while supporting operational objectives of other business functions (human resources, accounting, procurement, IT, etc.)

Information Security Incident Management – validates capacity to plan, establish and manage detection, investigation, response and recovery from information security incidents in order to minimize business impact. Domain 4 establishes your skills in accurately classifying and categorizing information security incidents and developing plans to ensure timely and effective response.

Target Audience

Designed for those who manage, design, oversee and assess an enterprise’s information security function.

ISACA’s Certified Information Security Manager (CISM) certification is for those with technical expertise and experience in IS/IT security and control and wants to make the move from team player to manager. CISM can add credibility and confidence to your interactions with internal and external stakeholders, peers and regulators.

Exam Structure

All ISACA certification exams consist of 150 multiple choice questions that cover the respective job practice areas created from the most recent job practice analysis. Candidates have up to 4 hours (240 minutes) to complete the exam.



There are no reviews yet.

Be the first to review “Certified Information Security Manager (CISM)”

Your email address will not be published. Required fields are marked *

Event Details

Cybiant offer the following learning options for this course:

Self-Paced-Online Learning - 3 months access
If your a choosing the Self-Paced-Online (SPO) learning option, you will complete the course on your own time, in your own pace. Cybiant will provide you with access to an online learning environment where you can watch videos, and practice with sample questions. The SPO option provides access for 3 months, and includes the official exam.

Virtual Training - 2x2hours per day
If you are choosing the virtual training learning option, you will participate in a live course by a Cybiant instructor, which is delivered 100% online. You will receive meeting invitations to participate in the live lectures through the Zoom platform. There will be 2 x 2-hour sessions per day, so this option does provide you with flexibility to plan some other work. All sessions are recorded, in case you miss any of the session. All virtual training courses include the official examination, which will be taken online on the last day of class.

Classroom Training - full day
If you are choosing the classroom training option, you will participate in this training in a live class in a 5-star hotel. This training option provides you with the opportunity to discuss topics in detail with other course participants, and learn from their experience. You will be trained by one of our Cybiant experts, and will complete the exam on the last day of class. Training is conducted daily, based on the following time schedule:

Start time: 09:00 UTC+08

End time: 17:00 UTC+08

Includes Examination

Unless otherwise specified, all courses include official examination

Expert Trainers

All Cybiant trainers are experts in their knowledge domain

14 Days Evaluation

Is your e-learning not what you expected? You get your money back.


Go to Top