CISM - Certified Information Security Manager

(WGU-CISM) / ISBN : 978-1-61691-857-6
Lessons
TestPrep
52 Reviews
Get A Free Trial

Skills You’ll Get

The CISM exam is a standalone certification from ISACA with the exam code CISM.

The certification is targeted at professionals who manage designs, oversees and assesses an enterprise's information security. The CISM program is developed particularly for experienced information security managers and those who have information security management responsibilities. Individuals earning the CISM certification become part of a best peer network, attaining a one-of-a-kind credential. Those who hold this designation join a network of professionals known for their expertise in information security management, IT governance and risk management.

1

Information Security Governance

  • Security Strategy
  • Information Security Governance framework
  • Integrating security governance into corporate governance
  • Security Policies: standards, procedures, and guidelines
  • Business cases to support investments
  • Internal and external influences on information security strategy
  • Management and other stakeholder commitment
  • Roles and Responsibilities
  • Measuring the effectiveness of the information security strategy
2

Information Risk Management and Compliance

  • Information asset classification
  • Risk management, assessments, vulnerability assessments and threat analyses
  • Risk treatment options
  • Manage risk of noncompliance
  • Information security controls
  • Current and desired risk levels: Gap analysis
  • Monitoring risk
3

Information Security Program Development and Management

  • Alignment of IS program with information security strategy
  • Information security manager's role and responsibilities in alignment
  • Information security frameworks
  • Information security architectures
  • Evaluating the effectiveness and efficiency of the IS program
  • Integrating the IS program with IT processes
  • Integrating the IS program into contracts and activities of third parties
  • Controls and countermeasures
  • Security Program Metrics and Monitoring
4

Information Security Incident Management

  • Organizational definition and severity hierarchy for security incidents
  • Incident response plan
  • Processes for timely identification
  • Testing and review
  • Investigating and documenting information security incidents
  • Integration of incident response plan, disaster recovery plan and business continuity plan
5

ITPROTV Video Tutorials

  • Introduction
  • Information Security Governance
  • Information Risk Management and Compliance
  • Information Security Program Development and Management
  • Information Security Incident Management
6

Video Tutorials

  • Introduction
  • Information Security Threats, Management, And Protection
  • Security Compliance And Strategy
  • Business Functions And Policies
  • Security Standards, Activities, And Strategy Development
  • Information Security Governance Framework
  • Regulatory Requirements And Liability Management
  • Business Case, Budgetary Reporting Methods And Planning Strategy
  • Organizational Drivers And Their Impacts
  • Commitment To Info Security
  • Management Roles And Responsibilities
  • Reporting And Communicating
  • Risks Assessment
  • Information: Classification, Ownership, And Resource Valuation
  • Baseline And BIAs
  • Risk: Countermeasures, Mitigation Strategies, And Life Cycle
  • Risk: Management And Reporting
  • Information Security Strategies And Programs
  • Security Technologies, Cryptography, And Access Controls
  • Monitoring Tools, Security Programs And Controls
  • Business Assurance Function And SLAs
  • Resources, Services, And Skills
  • Security Architecture, Model, And Deployment
  • Info Security: Policies, Awareness And Training Programs
  • Documentation
  • Organizational Processes
  • Contracts, Joint Ventures, Business Partners And Customers
  • Third Parties, Suppliers, And Subcontractors
  • Info Security Metrics
  • Goals And Methods Of Evaluating Info Security Controls
  • Vulnerability
  • Assessment Tools And Tracking Info Security Awareness Training And Education Programs
  • Evaluation And Management Metrics
  • Data Collection, Reviews, And Measurement
  • Assurance Providers, Line Management, Budgeting, And Staff Management
  • Facilities And Program Resources
  • Security Policy, Administrative Processes, And Procedures
  • Access Control, Access Security Policy Principles, And Identity Management
  • Authentication, Remote Access And User Registration
  • Procurement And Enforcing Policy Standard and Compliance
  • Third Party Relationships
  • SLAs, SDLC, And Security Enforcement
  • Maintenance, Monitoring, And Configuration Management
  • Maintaining Info Security And Due Diligence Activities
  • Info Access, Security Advice, Guidance, And Awareness
  • Stakeholders
  • Testing Info Security Control
  • Noncompliance Issues And Security Baselines
  • Incident Response And Continuity Of Operations
  • Disaster Recovery And Business Continuity Plan
  • Incident Management And Response Plan
  • Processes, Requirements, And Plans
  • Incident Response, Disaster Recovery And Business Continuity Plans
  • Forensics Procedures And Incident Review Process
  • Conclusion

Any questions?
Check out the FAQs

Still have unanswered questions and need to get in touch?

Contact Us Now

  • ISACA Member: USD 535
  • ISACA Non-Member: USD 710

The net price for taking CISM certification test is between (US $415-US $465) for ISACA members. For the non-members, it is between (US $545- US $595). Net price does not include applicable taxes, vouchers, promotions you may have. Click here to get information on exam fees.

The CISM is administered by ISACA itself at testing centers worldwide. Click here to find a testing center near you.

The exam consists of liner and multiple choice questions.

ISACA has the following pre-requisites for CISM:

  • Attain and report an annual minimum of twenty (20) CPE hours. These hours must be appropriate to the currency or advancement of the CISM's knowledge or ability to perform CISM-related tasks. The use of these hours towards meeting the CPE requirements for multiple ISACA certifications is permissible when the professional activity is applicable to satisfying the job-related knowledge of each certification.
  • Submit annual CPE maintenance fees to ISACA International Headquarters in full.
  • Attain and report a minimum of one hundred and twenty (120) CPE hours for a three-year reporting period.
  • Submit required documentation of CPE activities if selected for the annual audit.
  • Comply with ISACA's Code of Professional Ethics.

The exam contains 200 questions.

240 minutes

450

(on a scale of 450-800)

CISM certification, ISACA's retake policy is:

  • A candidate receiving a score of less than 450 has not passed and can retake the exam by registering and paying the appropriate exam fee for any future exam administration.
  • A candidate receiving a score of less than 450 has is not considered to be passed and can retake the exam during any future exam administration. To assist with future study, the results letter each candidate receives will include a score analysis by content area. There are no limits to the number of times a candidate can take the exam.

CISM certification expires after three years from date of issue, after which the certification holder will need to renew their certification. Click here for more information.

CISM - Certified Information Security Manager

$139.99

Buy Now

Related Courses

All Course
scroll to top