ISACA

CISM - Certified Information Security Manager

(WGU-CISM) / ISBN : 978-1-61691-857-6

Lessons

TestPrep

52 Reviews

Get A Free Trial

This course includes:

Free pre-assessment and first 2 lessons

6+ Interactive Lessons

377+ Videos | 01:37+ Hours

Accessible on mobile and tablet too

Certificate of completion

$139.99

Buy Now

Are you an instructor?

Access detailed information about the course content, learning objectives, activities, and assessments before adding it to your curriculum.

Skills You’ll Get

The CISM exam is a standalone certification from ISACA with the exam code CISM.

The certification is targeted at professionals who manage designs, oversees and assesses an enterprise's information security. The CISM program is developed particularly for experienced information security managers and those who have information security management responsibilities. Individuals earning the CISM certification become part of a best peer network, attaining a one-of-a-kind credential. Those who hold this designation join a network of professionals known for their expertise in information security management, IT governance and risk management.

Interactive Lessons

6+ Interactive Lessons | 115+ Quizzes | 107+ Flashcards | 107+ Glossary of terms

Gamified TestPrep

15+ Pre Assessment Questions | 3+ Full Length Tests | 150+ Post Assessment Questions | 450+ Practice Test Questions

Video Lessons

377+ Videos | 01:37+ Hours

Download Course Outline

Information Security Governance

Security Strategy
Information Security Governance framework
Integrating security governance into corporate governance
Security Policies: standards, procedures, and guidelines
Business cases to support investments
Internal and external influences on information security strategy
Management and other stakeholder commitment
Roles and Responsibilities
Measuring the effectiveness of the information security strategy

Information Risk Management and Compliance

Information asset classification
Risk management, assessments, vulnerability assessments and threat analyses
Risk treatment options
Manage risk of noncompliance
Information security controls
Current and desired risk levels: Gap analysis
Monitoring risk

Information Security Program Development and Management

Alignment of IS program with information security strategy
Information security manager's role and responsibilities in alignment
Information security frameworks
Information security architectures
Evaluating the effectiveness and efficiency of the IS program
Integrating the IS program with IT processes
Integrating the IS program into contracts and activities of third parties
Controls and countermeasures
Security Program Metrics and Monitoring

Information Security Incident Management

Organizational definition and severity hierarchy for security incidents
Incident response plan
Processes for timely identification
Testing and review
Investigating and documenting information security incidents
Integration of incident response plan, disaster recovery plan and business continuity plan

ITPROTV Video Tutorials

Introduction
Information Security Governance
Information Risk Management and Compliance
Information Security Program Development and Management
Information Security Incident Management

Video Tutorials

Introduction
Information Security Threats, Management, And Protection
Security Compliance And Strategy
Business Functions And Policies
Security Standards, Activities, And Strategy Development
Information Security Governance Framework
Regulatory Requirements And Liability Management
Business Case, Budgetary Reporting Methods And Planning Strategy
Organizational Drivers And Their Impacts
Commitment To Info Security
Management Roles And Responsibilities
Reporting And Communicating
Risks Assessment
Information: Classification, Ownership, And Resource Valuation
Baseline And BIAs
Risk: Countermeasures, Mitigation Strategies, And Life Cycle
Risk: Management And Reporting
Information Security Strategies And Programs
Security Technologies, Cryptography, And Access Controls
Monitoring Tools, Security Programs And Controls
Business Assurance Function And SLAs
Resources, Services, And Skills
Security Architecture, Model, And Deployment
Info Security: Policies, Awareness And Training Programs
Documentation
Organizational Processes
Contracts, Joint Ventures, Business Partners And Customers
Third Parties, Suppliers, And Subcontractors
Info Security Metrics
Goals And Methods Of Evaluating Info Security Controls
Vulnerability
Assessment Tools And Tracking Info Security Awareness Training And Education Programs
Evaluation And Management Metrics
Data Collection, Reviews, And Measurement
Assurance Providers, Line Management, Budgeting, And Staff Management
Facilities And Program Resources
Security Policy, Administrative Processes, And Procedures
Access Control, Access Security Policy Principles, And Identity Management
Authentication, Remote Access And User Registration
Procurement And Enforcing Policy Standard and Compliance
Third Party Relationships
SLAs, SDLC, And Security Enforcement
Maintenance, Monitoring, And Configuration Management
Maintaining Info Security And Due Diligence Activities
Info Access, Security Advice, Guidance, And Awareness
Stakeholders
Testing Info Security Control
Noncompliance Issues And Security Baselines
Incident Response And Continuity Of Operations
Disaster Recovery And Business Continuity Plan
Incident Management And Response Plan
Processes, Requirements, And Plans
Incident Response, Disaster Recovery And Business Continuity Plans
Forensics Procedures And Incident Review Process
Conclusion

Any questions?
Check out the FAQs

Still have unanswered questions and need to get in touch?

ISACA Member: USD 535
ISACA Non-Member: USD 710

The net price for taking CISM certification test is between (US $415-US $465) for ISACA members. For the non-members, it is between (US $545- US $595). Net price does not include applicable taxes, vouchers, promotions you may have. Click here to get information on exam fees.

The CISM is administered by ISACA itself at testing centers worldwide. Click here to find a testing center near you.

The exam consists of liner and multiple choice questions.

ISACA has the following pre-requisites for CISM:

Attain and report an annual minimum of twenty (20) CPE hours. These hours must be appropriate to the currency or advancement of the CISM's knowledge or ability to perform CISM-related tasks. The use of these hours towards meeting the CPE requirements for multiple ISACA certifications is permissible when the professional activity is applicable to satisfying the job-related knowledge of each certification.
Submit annual CPE maintenance fees to ISACA International Headquarters in full.
Attain and report a minimum of one hundred and twenty (120) CPE hours for a three-year reporting period.
Submit required documentation of CPE activities if selected for the annual audit.
Comply with ISACA's Code of Professional Ethics.

The exam contains 200 questions.

240 minutes

450

(on a scale of 450-800)

CISM certification, ISACA's retake policy is:

A candidate receiving a score of less than 450 has not passed and can retake the exam by registering and paying the appropriate exam fee for any future exam administration.
A candidate receiving a score of less than 450 has is not considered to be passed and can retake the exam during any future exam administration. To assist with future study, the results letter each candidate receives will include a score analysis by content area. There are no limits to the number of times a candidate can take the exam.

CISM certification expires after three years from date of issue, after which the certification holder will need to renew their certification. Click here for more information.

Know more about the CISM