Security Manager (CISM) Certification is an audit professional certification
sponsored by the Information Systems Audit and Control Association (ISACA). A
CISM Certification is offered to professionals who prove their exceptional
skill and judgment in IS audit, control and security profession in the CISM
CISM Exam Eligibility
Candidates for the CISM
certification must adhere to ISACA’s Code of Professional Ethics, and submit
evidence of five years’ work experience in the field of information security.
Work experience must be gained within the 10-year period preceding the
application date for certification or within five years from the date of
initially passing the exam. Three of the five years of work experience must be
gained performing the role of an information security manager.
The CISM Exam is offered
twice a year in the months of June and December every year. The CISM Exam
consist 200 multiple-choice questions and is a four hour duration exam.
Candidates are tested on the grounds of four functional areas of information
CISM Exam Syllabus
security governance – 24%
risk management and compliance – 33%
security program development and management – 25%