CISM Certification Course

CISM to boost Security Profile

Certified Information Security Manager (CISM) is a globally recognized certification issued by the Information Systems Audit and Control Association (ISACA). Earning CISM certification gives new opportunities for career-oriented security professionals who need to demonstrate their skills as information security professionals.

Certified CISM Certification professionals will earn the salary nearly between $52,402 to $243,610. With its raising demand in global market it’s said nearly more than 27,000 IT professionals are taking the certification every year.

Achieving your CISM certification exam is intended to demonstrate the applicant’s performance in creating, designing, and managing organizations’ information security programs. The CISM certification gives you expertise skills in information security governance, risk management, program development and incident management.

To earn CISM certification the candidates need to expertise their skills in the following four domains

  • Information Security Governance (24%)
  • Information Risk Management (30%)
  • Information Security Program Development and Management (27%)
  • Information Security Incident Management (19%)

Where all these modules in various disciplines in the field of information security proves the potential skills of CISM Certified candidates

Exam Details

Format – 150 Multiple Choice Questions
Pass – 450 marks
Time – 240 Minutes
Test Method – Test Center
Language – English, Japanese, Chinese, Spanish


  • Minimum 5 years’ experience in Information Security Management
  • Minimum 2 years’ substitute Experience is available based on work experience

Target Audience

  • Professionals involved in Information Security Management & Risk Management.


CISM Certifications are valid for 3 years and the candidates need to update their CPE hours throughout these 3 years to fit ISACA requirements to maintain CISM.

The candidates must get 20 hours CPE per year and 120 hours CPE for 3 years. Failure to maintain the CPE hours will result in certificate revocation.

Analytic Figures

  • 45k certification Holders
  • $115k Avg Salary
  • 42% hike in salary in managerial roles


Information Security Governance

  • Lesson 1: Information Security Governance Overview
  • Lesson 2: Effective Information Security Governance
  • Lesson 3: Information Security Concepts and Technologies
  • Lesson 4: Information Security Manager
  • Lesson 5: Scope and Charter of Information Security Governance
  • Lesson 6: Information Security Governance Metrics
  • Lesson 7: Information Security Strategy Overview
  • Lesson 8: Creating Information Security Strategy
  • Lesson 9: Determining Current State of Security
  • Lesson 10: Information Security Strategy Development
  • Lesson 11: Strategy Resources
  • Lesson 12: Strategy Constraints
  • Lesson 13: Action Plan to Implement Strategy

Information Risk Management

  • Lesson 1: Risk Management Overview
  • Lesson 2: Good Information Security Risk Management
  • Lesson 3: Information Security Risk Management Concepts
  • Lesson 4: Implementing Risk Management
  • Lesson 5: Risk Assessment
  • Lesson 6: Controls Countermeasures
  • Lesson 7: Recovery Time Objectives
  • Lesson 8: Risk Monitoring and Communication

Information Security Program Development

  • Lesson 1: Development of Information Security Program
  • Lesson 2: Information Security Program Objectives
  • Lesson 3: Information Security Program Development Concepts Part1
  • Lesson 4: Scope and Charter of Information Security Program Development
  • Lesson 5: Information Security Management Framework
  • Lesson 6: Information Security Framework Components
  • Lesson 7: Information Security Program Resources
  • Lesson 8: Implementing an Information Security Program
  • Lesson 9: Information Infrastructure and Architecture
  • Lesson 10: Information Security Program
  • Lesson 11: Security Program Services and Operational Activities

Information Security Incident Management

  • Lesson 1: Incident Management Overview Part1
  • Lesson 2: Incident Response Procedures Part1
  • Lesson 3: Incident Management Organization
  • Lesson 4: Incident Management Resources
  • Lesson 5: Incident Management Objectives
  • Lesson 6: Incident Management Metrics and Indicators
  • Lesson 7: Current State of Incident Response Capability
  • Lesson 8: Developing an Incident Response Plan
  • Lesson 9: BCP/DRP
  • Lesson 10: Testing Response and Recovery Plans