Home » Security Training and Tips » Certified Information Security Manager (CISM)

Certified Information Security Manager (CISM)

Along with CISSP, CISM (Certified Information Security Manager) is another important certification for information and computer security professionals. The CISM certification is administered and awarded by ISACA (Information Systems Audit and Control Association). This certification is meant for those who manage, design and oversee the Information Security processes and systems in organizations. While preparing for the CISM exam, candidates will learn international security compliance and implementation methods and Information Security management concepts. The CISM certification is also listed as an approved certification by the US Department of Defense (DoD) for the Information Assurance Workforce Improvement Program.

The CISM Certification Test Details

Interested individuals who want to take this examination must pay between $410 and $710. Members and non-members of the ISACA are charged differently with non-members having to pay about $100 more for the examination as compared to members. Also, members who register online well ahead of time and take advantage of the early bird offer only have to pay $410 to take up this examination. The CISM exam consists of 200 multiple choice questions, and candidates are allotted four hours to complete the test. The examination can be taken in June and December every year. However, this year, interested candidates can also take the examination in September.

The CISM Certification Requirements

To become a successful CISM certified professional, you need to:

  • Obtain a passing grade in the CISM examination. To pass this examination, candidates must earn a scaled score of 450 or higher out of a maximum scaled score of 800.
  • Accept and adhere to the Code of Ethics developed by the ISACA that acts as a guide for professional and personal conduct.
  • Have a minimum of five years of work experience in the field of Information Security. You must also have at least three of years of valid work experience in the Information Security management field. If you do not have the required work experience when taking the CISM exam, the certification will only be valid for five years. However, you can obtain the necessary work experience within five years of taking the exam to prevent the certification from being voided.
  • Follow up the certification with the continuing education program. You must earn and submit at least 20 contact hours of CPE every year and complete a minimum of 120 contact hours of CPE in a three year period. There is a maintenance fee for the continuing education policy.
  • Submit the completed application for CISM certification once you have obtained the necessary work experience and completed the examination successfully.

To learn more about the CISM program, contact Ashford Global IT today!

Tags: , , , ,

About this author:


Frank is a leading trainer in IT Security.

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.