CISM - Certified Information Security Manager
This book incorporates the proven and successful approach taken by the authors in their other information security certification guides. The material is compiled and presented in a fashion that is conducive to assimilation of the essential knowledge. It eliminates divergent, unnecessary, and unrelated material that is found in general information security texts that tends to impede the learning process. This guide is focused on the critical information that ISACA has deemed appropriate for the CISM candidate to master and necessary to pass the CISM examination.
uCertify uses content from well known publishers, instructors, and subject matter experts. They have a minimum of 15 years of experience in their fields. uCertify brings these textbooks to life. It is full of interactive activities that keeps the learner engaged. uCertify brings all available learning resources for a topic in one place so that the learner can efficiently learn without going to multiple places. Challenge questions are also embedded in the chapters so learners can attempt those while they are learning about that particular topic. This helps them grasp the concepts better because they can go over it again right away which improves learning. Learners can do Flashcards, Exercises, Quizzes and Labs related to each chapter. At the end of every lesson, uCertify courses guide the learners on the path they should follow.
uCertify platform supports 50+ different types of interactive activities, connect the idea, or try it yourself lab activities embedded throughout its course. These interactive activities keeps learners engaged and makes learning fun.
Here's What You Get
Each lesson comes with Exercises, Flashcards & Quizzes. There is no limit to the number of times learners can attempt these. Exercises come with detailed remediation, which ensures that learners are confident on the topic before proceeding. Flashcards help master the key concepts while Glossary defines the key terms.
Here's What you will Learn
- Security Strategy
- Information Security Governance framework
- Integrating security governance into corporate governance
- Security Policies: standards, procedures, and guidelines
- Business cases to support investments
- Internal and external influences on information security strategy
- Management and other stakeholder commitment
- Roles and Responsibilities
- Measuring the effectiveness of the information security strategy
- Information asset classification
- Risk management, assessments, vulnerability assessments and threat analyses
- Risk treatment options
- Manage risk of noncompliance
- Information security controls
- Current and desired risk levels: Gap analysis
- Monitoring risk
- Alignment of IS program with information security strategy
- Information security manager's role and responsibilities in alignment
- Information security frameworks
- Information security architectures
- Evaluating the effectiveness and efficiency of the IS program
- Integrating the IS program with IT processes
- Integrating the IS program into contracts and activities of third parties
- Controls and countermeasures
- Security Program Metrics and Monitoring
- Organizational definition and severity hierarchy for security incidents
- Incident response plan
- Processes for timely identification
- Testing and review
- Investigating and documenting information security incidents
- Integration of incident response plan, disaster recovery plan and business continuity plan
Test Prep & Practice Questions
uCertify provides full length practice tests. These tests closely follow the exam objectives and are designed to simulate real exam conditions. Each course has a number of test sets consisting of hundreds of items to ensure that learners are prepared for the certification exam.
Here's What You Get
Each question comes with detailed remediation explaining not only why an answer option is correct but also why the incorrect answer options are incorrect.
Each test can be taken unlimited number of times until the learner feels they are prepared. Learner can review the test and read detailed remediation. Detailed test history is also available.
Each test set comes with learn, test and review modes. In learn mode, learners will attempt a question and will get immediate feedback and complete remediation as they move on to the next question. In test mode, learners can take a timed test simulating the actual exam conditions. In review mode, learners can read through one item at a time without attempting it.
The CISM exam is a standalone certification from ISACA with the exam code CISM.
The certification is targeted at professionals who manage designs, oversees and assesses an enterprise's information security. The CISM program is developed particularly for experienced information security managers and those who have information security management responsibilities. Individuals earning the CISM certification become part of a best peer network, attaining a one-of-a-kind credential. Those who hold this designation join a network of professionals known for their expertise in information security management, IT governance and risk management.
Prepare for the following certification
- Information Security Consultant
- Information Security Manager
- Senior Security Consultant
- Senior Security Analyst
- ISACA Member: USD 535
- ISACA Non-Member: USD 710
The net price for taking CISM certification test is between (US $415-US $465) for ISACA members. For the non-members, it is between (US $545- US $595). Net price does not include applicable taxes, vouchers, promotions you may have. Click here to get information on exam fees.
ISACA has the following pre-requisites for CISM:
- Attain and report an annual minimum of twenty (20) CPE hours. These hours must be appropriate to the currency or advancement of the CISM's knowledge or ability to perform CISM-related tasks. The use of these hours towards meeting the CPE requirements for multiple ISACA certifications is permissible when the professional activity is applicable to satisfying the job-related knowledge of each certification.
- Submit annual CPE maintenance fees to ISACA International Headquarters in full.
- Attain and report a minimum of one hundred and twenty (120) CPE hours for a three-year reporting period.
- Submit required documentation of CPE activities if selected for the annual audit.
- Comply with ISACA's Code of Professional Ethics.
(on a scale of 450-800)
CISM certification, ISACA's retake policy is:
- A candidate receiving a score of less than 450 has not passed and can retake the exam by registering and paying the appropriate exam fee for any future exam administration.
- A candidate receiving a score of less than 450 has is not considered to be passed and can retake the exam during any future exam administration. To assist with future study, the results letter each candidate receives will include a score analysis by content area. There are no limits to the number of times a candidate can take the exam.