CISM - Certified Information Security Manager

• 100% Exam Coverage • Interactive E-Book • Pre-Assessment Test • 565 Practice Questions with Full Explanations • 115 Interactive Quizzes • Chapter by Chapter Study Guide & Notes • Articles, How Tos, Tips, Flash Cards • Test History and Performance Review and Powerful Analytics • Study Planner • Continuously Updated

The ISACA CISM certification is an industry recognized credential. The certification is proof of a person's competence across a spectrum of skills to design, build and manage enterprise information security. uCertify’s guaranteed certification prep for CISM is comprehensive and helps you not only earn your certification in the shortest time possible, but to also gain the knowledge required on the job. Here’s what to expect from your uCertify prepkit

Prepare for the following certification

The CISM exam is a standalone certification from ISACA with the exam code CISM.

The certification is targeted at professionals who manage designs, oversees and assesses an enterprise's information security. The CISM program is developed particularly for experienced information security managers and those who have information security management responsibilities. Individuals earning the CISM certification become part of a best peer network, attaining a one-of-a-kind credential. Those who hold this designation join a network of professionals known for their expertise in information security management, IT governance and risk management.

Skills Measured

  • Understand information security governance
  • Manage the risk related information
  • Develop the information security program
  • Manage the information security program
  • Responding to incident management

Related Certifications

CISM Course Duration

This is a self-paced, independent study program, so there are no minimum or maximum restrictions placed by uCertify. The amount of time you will take depends on your existing knowledge of the area and related experience, as well as your availability. We recommend at least 2-3 weeks if you have a reasonable amount of knowledge to design, build and manage enterprise information security and work experience.

Related Exams

CISM Course/Exam Objectives

  • Chapter 1: Information Security Governance
    • Security Strategy
    • Information Security Governance framework
    • Integrating security governance into corporate governance
    • Security Policies: standards, procedures, and guidelines
    • Business cases to support investments
    • Internal and external influences on information security strategy
    • Management and other stakeholder commitment
    • Roles and Responsibilities
    • Measuring the effectiveness of the information security strategy
  • Chapter 2: Information Risk Management and Compliance
    • Information asset classification
    • Risk management, assessments, vulnerability assessments and threat analyses
    • Risk treatment options
    • Manage risk of noncompliance
    • Information security controls
    • Current and desired risk levels: Gap analysis
    • Monitoring risk
  • Chapter 3: Information Security Program Development and Management
    • Alignment of IS program with information security strategy
    • Information security manager's role and responsibilities in alignment
    • Information security frameworks
    • Information security architectures
    • Evaluating the effectiveness and efficiency of the IS program
    • Integrating the IS program with IT processes
    • Integrating the IS program into contracts and activities of third parties
    • Controls and countermeasures
    • Security Program Metrics and Monitoring
  • Chapter 4: Information Security Incident Management
    • Organizational definition and severity hierarchy for security incidents
    • Incident response plan
    • Processes for timely identification
    • Testing and review
    • Investigating and documenting information security incidents
    • Integration of incident response plan, disaster recovery plan and business continuity plan

Career Prospects

An ISACA's CISM Certified Professional has several career opportunities open up to them, including:

  • Information Security Consultant
  • Information Security Manager
  • Senior Security Consultant
  • Senior Security Analyst


What certificate do I earn on passing the vendor certification?
If you pass ISACA's CISM exam you will get credit towards the following certification:
What is the exam registration fee?
  • ISACA Member: USD 535
  • ISACA Non-Member: USD 710

The net price for taking CISM certification test is between (US $415-US $465) for ISACA members. For the non-members, it is between (US $545- US $595). Net price does not include applicable taxes, vouchers, promotions you may have. Click here to get information on exam fees.

Where do I take the exam?
The CISM is administered by ISACA itself at testing centers worldwide. Click here to find a testing center near you.
What is the format of the exam?
The exam consists of liner and multiple choice questions.
What is the Pre-requisites of the exam?

ISACA has the following pre-requisites for CISM:

  • Attain and report an annual minimum of twenty (20) CPE hours. These hours must be appropriate to the currency or advancement of the CISM's knowledge or ability to perform CISM-related tasks. The use of these hours towards meeting the CPE requirements for multiple ISACA certifications is permissible when the professional activity is applicable to satisfying the job-related knowledge of each certification.
  • Submit annual CPE maintenance fees to ISACA International Headquarters in full.
  • Attain and report a minimum of one hundred and twenty (120) CPE hours for a three-year reporting period.
  • Submit required documentation of CPE activities if selected for the annual audit.
  • Comply with ISACA's Code of Professional Ethics.
How many questions are asked on the exam?
The exam contains 200 questions.
What is the duration of the exam?
240 minutes
What is the passing score?

(on a scale of 450-800)

What is the exam's retake policy?

In the event that you fail your first attempt at passing the CISM certification, ISACA’s retake policy is:

  • A candidate receiving a score of less than 450 has not passed and can retake the exam by registering and paying the appropriate exam fee for any future exam administration.
  • A candidate receiving a score of less than 450 has is not considered to be passed and can retake the exam during any future exam administration. To assist with future study, the results letter each candidate receives will include a score analysis by content area. There are no limits to the number of times a candidate can take the exam.
What is the validity of the certification?
CISM certification expires after three years from date of issue, after which the certification holder will need to renew their certification. Click here for more information.
Where can I find more information on this exam?
CISM Course Includes Free Buy
Chapters 1 4
Practice Tests 1 3
Total Questions (inc. quizzes) 15 565
Interactive Quizzes 0 115
Final Test No Yes