ISACA Certified Information Security Manager® (CISM®)

One of the most sought-after courses we offer at Firebrand, our accelerated Certified Information Security Manager certification course teaches you to manage, design, oversee, and assess Enterprise Information Security, helping you become competent, confident, and certified in just 4 days.

Achieving CISM certification attests to your knowledge of information security programmes and their role in meeting business goals and objectives.

Through Firebrand's unique Lecture | Lab | Review method, you'll go through the four ISACA CISM Domains and retain information faster.

You will learn all about:

• Information Security Governance
• Information Risk Management and Compliance
• Certified Information Security Program Development and Management
• Information Security Incident Management

Achieve your CISM certification with an ISACA Accredited Training Organisation (ATO)

At Firebrand, we are proud to be an ISACA Accredited Training Organisation (ATO). While training with us, you'll get access to official ISACA courseware, be taught by certified ISACA instructors, and sit your CISM exam on the last day of your course, covered by our Certification Guarantee.

As a Premier ISACA Partner for EMEA and the US, we train more students in these regions than any other partner!

How can you take the CISM course?

We offer three study mode options with the same Firebrand quality.

You can take the accelerated CISM course at our distraction-free training facilities in the UK and Europe, online, through live instructor-led training, or in the centre of London and Manchester.

Regardless of study mode, all our courses include:

• Official courseware, labs and practice exams
• The official CISM certification exam
• For residential courses, accommodations, meals, and snacks

Who should take this course?

ISACA CISM training is ideal for Network Architects, Information Security Managers, and anyone responsible for Information Security at their company.

This in-depth certification course helps you become an expert across the four CISM Domains:

• Domain 1 - Information Security Governance (24%)
• Domain 2 - Information Risk Management and Compliance (33%)
• Domain 3 - Information Security Program Development and Management (25%)
• Domain 4 - Information Security Incident Management (18%)

There are no formal prerequisites for attending the CISM course and sitting the exam. In fact, this is a practice accepted and encouraged by ISACA.

Achieving CISM

In order to become CISM certified, you must meet the following requirements:

• Pass the CISM exam
• Adhere to ISACA's Code of Professional Ethics
• Agree to comply with the Continuing Education Policy
• Accumulate enough work experience in the field of information security.
• Submit an Application for CISM Certification within 5 years of passing the exam - see below

CISM prerequisites

The CISM certification is built for information security professionals, managers and other assurance providers. In order to be eligible, you must be able to submit verified evidence of a minimum of five years of information security work experience, with a minimum of three years of information security management work experience in three or more of the job practise analysis areas. The work experience must be gained within the 10-year period preceding the application date for certification or within 5 years from the date of originally passing the exam.

CISM experience requirements

If you have any of the below, you can get 1 to 2 years waivered and will only need to prove 3-4 years of experience.

You can get 2 years waivered if you have:

• ISACA Certified Information Systems Auditor (CISA) in good standing
• ISC2 Certified Information Systems Security Professional (CISSP) in good standing
• Post-graduate degree in information security or a related field (e.g., business administration, information systems, information assurance)

You can get 1 year waivered if you have:

• One full year of information systems management experience
• One full year of general security management experience
• Skill-based security certifications (e.g., SANS or GIAC, Microsoft Certified Solutions Expert (MCSE), CompTIA Security +, Disaster, Recovery Institute Certified Business Continuity Professional (CBCP), ESL IT Security Manager)
• Completion of an information security management program at an institution aligned with the Model Curriculum

The experience substitutions will not satisfy any portion of the 3-year information security management work experience requirement.

Experience Exceptions

Two years as a full-time university instructor teaching the management of information security can be substituted for every 1 year of information security experience.

You'll sit the official CISM exam at the Firebrand Training Centre, covered by your Certification Guarantee:

• Duration: 4 hours
• Number of questions: 150 multiple choice
• Languages: English, Chinese Simplified, Japanese, Korean and Spanish

The exam tests knowledge in the following domains:

• Domain 1 - Information Security Governance (24%)
• Domain 2 - Information Risk Management (30%)
• Domain 3 - Information Security Program Development and Management (27%)
• Domain 4 - Information Security Incident Management (19%)