Basket
United Kingdom
Select regional store:
GRC Solutions x Digital Trust Consulting. One partner for complete cyber resilience
IT Governance training courses Professional certification training CISM - Certified Information Security Manager

CISM® – Certified Information Security Manager Qualification

Develop your career with a qualification in IT

If you’re looking to advance your career as an IT professional and build on your skillset, then professional certification is for you. Speak to one of our training experts for more information on our range of certification courses.

What is CISM?

The CISM (Certified Information Security Manager) qualification is an international professional certification offered by ISACA. The certification recognises an individual's ability to design, implement and manage an information security programme.

CISM is globally recognised as one of the most prestigious certifications for information security managers. CISM-certified professionals are in high demand and the certification can help you progress in your career and earn higher salaries.

CISM Classroom Training Course

Book your place on the CISM training course today

The CISM Training Course is designed to ensure that you pass the ISACA CISM examination at the first attempt.

Delivered in just four days, this course has been designed to maximise time effectiveness and reduce any unnecessary time away from the office.

Book now

Which is better: CISM or CISSP?

There is no simple answer to this question as it depends on many factors, including work experience, job roles and personal preferences. Some people may prefer the CISM qualification as it focuses on information security management, while others may prefer the CISSP qualification for its more general information security coverage.

How difficult is CISM?

While the CISM exam is not easy, it can be a manageable challenge with the right amount of preparation.

The CISM exam covers a lot of ground, testing your knowledge of information security program development and management, risk management and incident response.

With a comprehensive study plan and access to quality study materials, you can give yourself the best chance of passing the CISM exam.

Is CISM worth it?

CISM is definitely worth considering for information security professionals. Earning your CISM demonstrates your commitment to information security and makes you an attractive candidate for management-level positions.

What are the requirements for the CISM qualification?

The CISM certification is awarded to candidates with at least five years of relevant work experience who pass a rigorous written examination.

ISACA defines four CISM job practice domains on which you will be examined:

  • Domain 1 – Information Security Governance (17% of exam)
  • Domain 2 – Information Security Risk Management (20% of exam)
  • Domain 3 – Information Security Program (33% of exam)
  • Domain 4 – Incident Management (30% of exam)

How do you pass the CISM exam at the first attempt?

We recommend the following actions:

  1. Check that you have the relevant five years of work experience to qualify.
  2. Book your training and exam here.
  3. Register and schedule your exam with ISACA.
  4. Plan a self-study programme that covers all the key knowledge domains.
  5. Attend our exam preparation training course 2 to 4 weeks before you sit the exam.

How to register for and schedule your CISM exam

The CISM exam is offered online or at a PSI exam centre all year round. All candidates must first register online directly with ISACA. They will then receive email instructions on how to schedule an exam appointment.

Does CISM expire?

CISM does not expire, but there is a CPE policy that aims to ensure that all CISMs maintain an adequate level of current knowledge and proficiency in the field of information systems audit, control and security.

CISMs who successfully comply with the CPE policy will be better trained to assess information systems and technology and provide leadership and value to their organisations. The responsibility for setting the CPE requirements rests with the CISM Certification Board, which oversees the process and requirements to ensure their applicability.

Maintenance fees and a minimum of 20 contact hours of CPE are required annually. In addition, a minimum of 120 contact hours are required during a fixed three-year period.

Frequently asked questions (FAQs)

What is CISM?

CISM (Certified Information Security Manager) is a globally recognised certification for professionals who manage, design and oversee enterprise information security programmes. It’s issued by ISACA.

What is CISM in cyber security?

In cyber security, CISM validates your ability to align security strategy with business goals. It focuses on governance, risk management, programme development and incident response.

What does CISM stand for?

CISM stands for Certified Information Security Manager.

How do you get CISM certified?

To get CISM certified, you must:

  1. Pass the CISM exam.
  2. Have at least five years’ work experience in information security, with three in management.
  3. Apply to ISACA for certification

How do you prepare for the CISM exam?

Preparation usually involves formal training courses, ISACA study guides, practice exams and hands-on experience in governance and risk management.

How do you register for the CISM exam?

You can register directly through the ISACA website. Exams are offered at authorised testing centres and via remote proctoring.

Is CISM hard?

Yes, the exam is challenging because it tests not only technical knowledge but also management-level decision-making. It requires preparation and practical experience.

Is CISM difficult compared to CISSP?

CISM is considered more management-focused, while CISSP is broader and includes more technical domains. Some professionals find CISSP harder, while others find CISM more challenging depending on their background.

Is CISM worth it?

Yes. CISM is highly valued for leadership and management roles in information security. It’s recognised worldwide and often linked to higher salaries and career advancement.

Is CISM a good certification?

CISM is an excellent certification if you are aiming for management, governance or risk-focused positions in information security. It’s particularly valuable for CISOs, risk managers and IT governance professionals.

Get in touch

If you are an IT professional looking to advance your career with the CISM qualification, call our training team on +44 (0)1474 556685, or request a call back using the form below. Our experts are ready and waiting with no-obligation advice and practical answers to your questions.

Contact us

Find the expert you need

Choose a service
Or choose a subject

If you need technical support please, contact us .

Fill in the form to request a callback