First, what are the benefits of CISM certification?
- Confirms your knowledge and experience
- Quantifies and markets your expertise
- Demonstrates that you have gained and maintained the level of knowledge required to meet the dynamic challenges of a modern enterprise
- Is globally recognized as the mark of excellence for the IS audit professional
- Combines the achievement of passing a comprehensive exam with recognition of work and educational experience, providing you with credibility in the marketplace.
- Increases your value to your organization
- Gives you a competitive advantage over peers when seeking job growth
- Helps you achieve a high professional standard through ISACA’s requirements for continuing education and ethical conduct
The CISM certification process includes a 150-question multiple-choice exam that is scored using 200-800 scaled scoring method. This allows performance comparisons to be made among candidates. 450 is a passing score, indicating that the individual meets a minimum consistent standard of knowledge set by the ISACA Certification Committee.
The exam covers four content areas:
- Domain 1 – Information Security Governance (24%)
- Domain 2 – Information Risk Management (30%)
- Domain 3 – Information Security Program Development and Management (27%)
- Domain 4 – Information Security Incident Management (19%)
To qualify for the exam, applicants must have five years of verified experience in the infosec field, with a minimum of three years of infosec management experience in three or more of the CISM content areas. Experience must be gained within a 10-year period preceding the application date or within five years from the date of passing the exam. Thinking of becoming a CISA? Read our other post here.
To maintain CISM certification, individuals must sustain an adequate level of knowledge and proficiency in the field of information systems security management, complete 20 continuing professional education (CPE) hours annually and follow ISACA's Code of Professional Ethics. Are you ready to start your career in cybersecurity? Start by understanding the value of a cyber security professional.
