This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Find out more here

United Kingdom

Select your regional store:


The CISM Campus

Complete resources to ensure you achieve and maintain CISM certification.

Established in 2002, the Certified Information Security Manager (CISM) qualification is awarded by ISACA® and is a globally accepted standard of achievement among information security, IS audit and IT governance professionals.

IT Governance offers a complete range of products, including study guides and training, which are designed to help you pass the CISM examination at the first attempt.

Studying for your Certified Information Security Manager (CISM) examination

Our complete range of CISM study guides and training services:

The CISM certification is awarded to candidates with at least five years of relevant work experience, who pass a rigorous written examination.

ISACA defines four CISM domains on which you will be examined:

  • Domain 1 - Information Security Governance (24% of exam)
  • Domain 2 - Information Risk Management and Compliance (33% of exam)
  • Domain 3 - Information Security Program Development and Mgmt (25% of exam)
  • Domain 4 - Information Security Incident Management (18% of exam)

For more information, please see the official CISM 'How to Become Certified' web page.


How do you pass the CISM exam at the first attempt?

We recommend the following actions:

  1. Check that you have the relevant five years of work experience to qualify
  2. Register and book your June, September or December exam direct with ISACA
  3. Purchase the official ISACA study guides and third-party textbooks
  4. Plan a self-study programme that covers all of the key knowledge domains
  5. Attend an exam preparation training course a few days before you sit the exam


Certified Information Security Manager (CISM) Training Course

The Certified Information Security Manager (CISM) Training Course is designed to ensure that you pass the ISACA CISM examination at the first attempt. This four-day course runs at our UK training centres and offers the perfect revision and preparation for the CISM exam scheduled in June, September and December of each year.

Full details of this course, together with dates and venues, can be found on the CISM Training Course page.


CISM Exam information

  • Registration opens – 10 November 2015
  • Early registration deadline – 10 February 2016
  • Final registration deadline – 8 April 2016
  • Examination date – 11 June 2016


Exam centre locations and registration

Registration for the CISA exam must be done through the ISACA website, which also details all the locations of the exam centres. After registration and payment, candidates are sent the Candidate's Guide to the CISM Exam document which provides a detailed outline of the subject areas covered in the examination, a suggested list of reference materials to review, a glossary of acronyms commonly used and a sample copy of the answer sheet used for the exam.


Essential CISM books and study guides available from IT Governance

As preparation is the essential ingredient to passing the CISM examination, we strongly recommend that all delegates purchase the CISM exam and study guides before taking the relevant course. IT Governance is the exclusive approved reseller of ISACA publications in the UK and all titles are available from our dedicated ISACA Certification Bookstore.

We particularly recommend that you purchase the Official CISM Exam Passport package, which contains copies of the CISM Review Manual, 14th Edition and the CISM Review Questions, Answers and Explanations Manual, 8th Edition.


Continuing Professional Education

There is a Continuing Professional Education (CPE) policy in respect of qualified CISM professionals. The goal of this policy is to ensure that all CISMs maintain an adequate level of current knowledge and proficiency in the field of information systems audit, control and security.

CISMs who successfully comply with the ‘continuing professional education policy will be better trained to assess information systems and technology and provide leadership and value to their organisations’. The responsibility for setting the CPE requirements rests with the CISM Certification Board which oversees the process and requirements to ensure their applicability.

Maintenance fees and a minimum of 20 contact hours of CPE are required annually. In addition, a minimum of 120 contact hours are required during a fixed three-year period. Please see the Maintain Your CISM page on ISACA’s website for further details.


CISM Review Manual 2014

CISM Review Manual 2015

Buy now


Information Security Qualifications: Fact Sheet

Download Now