CISM Training Course

While there are no prerequisites to attend this training course, please be aware that this is an exam preparation course and all attendees are expected to have a basic understanding of the CISM job practice knowledge domains.

This course is designed for individuals developing a career in IT, as well as IT security directors and managers, auditors and consultants. CISM certification will also benefit CIOs (chief information officers), CISOs (chief information security officers), CEOs and CFOs (chief financial officers).

Four days.

Our classroom and Live Online courses provide the opportunity for you to interact with a live instructor. Our self-paced online training courses are recorded versions of our live courses, which you can stop and start to fit your learning needs, and have no opportunity to interact with a live instructor.

You can find out everything you need to know about booking and managing your courses online here.

Once you pass the exam, you have five years to submit your certification application. You must pay an application processing fee, adhere to ISACA’s Code of Professional Ethics and CPE (Continuing Professional Education) Policy by maintaining your knowledge and proficiency, and demonstrate the required minimum work experience. You can find out more about CISM certification on the ISACA website.

The CISM exam comprises 150 multiple-choice questions and lasts 4 hours. ISACA uses a scaled scoring system. The minimum score is 200 and the maximum is 800. To pass the exam, you must get a score of 450 or higher.

The application processing fee is currently US$20. You can pay it to ISACA here.

The CISSP and CISM complement each other rather than competing, so it is almost impossible to assess their comparative difficulty. If you are trying to decide which certification to pursue, you should consider what you want it for rather than which one is ‘harder’. CISM is solely management focused; the CISSP is about implementing, operating and maintaining secure information systems, so has broader professional application.

CISM covers information security governance, information risk management, information security programme development and management, and information security incident management. As such, it is suitable for any information security, information systems audit or IT governance professional.

To maintain your CISM certification you must earn and report a minimum of 120 CPE hours over a 3-year period, of which at least 20 hours must be earned each year. You must also pay an annual maintenance fee, comply with ISACA’s Code of Professional Ethics and, if selected, comply with an annual CPE audit. See the ISACA website for more details.

Yes. You can take the CISM exam in person at one of 1,300 locations around the world, or online with remote proctoring. You can find more information about the CISM exam on the ISACA website.