CISM (Certified Information Security Manager) training

CISM – one of the most requested (and best paying) certifications in information security

In this 4-day CISM training you will learn about an internationally recognized standard based on the CISM Body of Knowledge. The 4 CISM domains are extensively covered during the training and tested during the CISM exam, i.e.:

Domain 1 - Information Security Governance
Domain 2 - Information Security Risk Management
Domain 3 - Information Security Program
Domain 4 - Incident Management

The CISM training (and certification) focuses on the strategic side of information security and its relationship with business goals. This CISM training is more than just an exam training. Practical cases and getting started with CISM also play an important role in this training. During the training, the 4 CISM domains are covered in detail. For example, you will learn how to align information security with your organization's strategy and current laws and regulations. You will learn to think in terms of risks and you will learn how to limit these risks (such as security incidents) as much as possible for your organization. Become CISM certified and you will be able to assess risks, implement effective governance, and proactively respond to incidents.

What does ISACA's CISM title stand for?

CISM stands for Certified Information Security Manager and is a title of ISACA. CISM is internationally recognized as the most complete and comprehensive information security certification. The CISM training (and certification) is important to gain knowledge about management, organization, risk management, and change management techniques. Since its inception in 2002, more than 48,000 professionals worldwide have achieved the CISM title. CISM is now one of the most requested and one of the best paying certifications in information security!

For whom is the CISM certification important?

The CISM training is particularly important for (future) information security managers who want to obtain the globally recognized CISM title, as well as for professionals such as risk managers, CISOs, CIOs, information architects, IT auditors, and many other professionals who deal with the strategic side of information security. Take your expertise in information security to the next level and become CISM certified!

Language of communication

The language of communication during the CISM training is English. The CISM training is also organized in the Dutch language, please have a look at our Dutch website for the dates.

CISM certification requirements

The certification requirements that have been set for obtaining the CISM title are:

• You must have at least 5 years of work experience in information security in at least 3 CISM domains
• If you have a CISA or CISSP certification or a Bachelor in an information security related field, then 3 years of relevant work experience is sufficient
• You must subscribe and adhere to the ISACA Code of Professional Ethics

If you do not (yet) meet these requirements, you can become a CISM associate.

About the CISM exam

The CISM exam is a multiple-choice exam. You will have to answer 150 questions in a relatively short time (4 hours). The exam is taken by means of Computer-Based Testing (CBT) at a test center affiliated with ISACA. The costs of the CISM exam are determined by ISACA.

Exam success guarantee

In the unlikely event that you do not pass the CISM exam the first time, you can attend the CISM training again, free of charge (within one year)!

CISM recertification/CPE credits

The CISM title is a 3-year title. To continue your CISM title, you must obtain 120 CPE credits in 3 years.

Educational materials

To prepare for the training you will receive the official ISACA CISM Review Manual and access to the CISM Questions & Answers database.

About ISACA

ISACA (Information Systems Audit and Control Association) is an international professional, non profit association focused on IT, assurance, security, and governance. ISACA has more than 170,000 members in 188 countries and 225 chapters worldwide. ISACA issues multiple titles, including CISM, CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information Systems Control), CGEIT (Certified in the Governance of Enterprise IT), Cybersecurity Fundamentals, and CDPSE (Certified Data Privacy Solutions engineers).

CISM vs CISSP, CISA, CRISC and Cybersecurity Fundamentals

There are 2 globally recognized leaders in the field of (cyber)security certifications, namely:
ISACA and (ISC)2. The top certification of (ISC)2 is CISSP (Certified Information Systems Security Professional). ISACA offers 4 (cyber)security certifications: CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information Systems Control) and Cybersecurity Fundamentals. You can obtain all these certifications with us. The main difference between the certifications is:

• CISSP focuses on the operational side of information security and its technical aspects
• CISM focuses on the strategic side of information security and its relationship with business goals
• CISA is aimed at IT professionals who (want to) work in governance and audit-related roles
• CRISC is specifically aimed at professionals who (will) work in IT risk management at the enterprise level
• Cybersecurity Fundamentals is fully focused on technical security knowledge and skills and is therefore an extensive preparation/addition to the CISM certification