Certified Information Security Manager

What Does Certified Information Security Manager Mean?

Certified Information Security Manager (CISM) is a vendor-neutral security management certification granted by ISACA. This advanced certification provides employers and business partners with documentation that the certificate holder has the work experience and knowledge to manage an organization’s information and communication technology (ICT).

Advertisements

The exam for this certification is multiple-choice, has 150 questions and takes four hours to complete. Candidates for this advanced certification are encouraged to have a college degree or successfully complete an information security bootcamp before taking the exam, which evaluates knowledge in the following areas:

Techopedia Explains Certified Information Security Manager

ISACA’s Certified Information Security Manager (CISM) certification is intended for information technology professionals who have work experience in security and want to move into a managerial role.

While both CISSP and CISM certifications are geared toward information security professionals, CISM is often considered to be a more advanced certification because it requires the candidate to demonstrate their knowledge of cybersecurity best practices from an international, business point of view.

CISM certification is valid for five years if the recipient does the following:

  • Completes a minimum of 120 hours of continuing education within a three-year period, with a minimum of 20 hours of continuing professional education each year.
  • Submits verification of three or more years work experience management in infosec within five years of passing the exam. At least one year’s work has to focus on security management, one year has to focus on risk management and one year has to focus on information security program development.
  • Honors ISACA’s annual maintenance fees.

CISM certifications verify the certificate owner’s working knowledge of risk management, incident management, program development and information governance.

CISSP

CISM

Length of Exam

3 hours/100-150 items

4 hours/150 questions

Passing Score

700 out of 1,000

450 or higher

Exam Fee

U.S. $749

Members: U.S. $575

Nonmembers: U.S. $760

ISACA Membership

N/A

U.S. $135

Annual Fee

U.S. $125

Members: U.S. $45

Nonmembers: U.S. $85

Required Continuing Professional Education (CPE) Credits

120 credits over 3 years; minimum of 40 credits per year

120 hours over 3 years; minimum of 20 credits per year

Advertisements

Related Terms

Latest Cybersecurity Terms

Related Reading

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…