How to become a CISM

How to Become a Certified Information Security Manager (CISM)

How to Become a Certified Information Security Manager (CISM) 864 486 CyberVista now N2K

The following information is a guide for those people who are interested in finding out how to become a Certified Information Security Manager (CISM). The CISM certification is an option that is a part of the ISACA (Information Systems Audit and Control Association) offerings.

In order for you to obtain CISM certification you must complete the following steps.

Step 1: Pass the CISM Exam

The CISM exam is a computer-based exam consisting of 150 multiple-choice questions. You have 4 hours to complete the exam, and scores are calculated on a 200–800 point scale. To pass, you must score at least 450 points. If you are an ISACA member, taking the exam will cost you $575. Non-members will have to pay $760. The exam covers four domains of security knowledge:

  • Information Security Governance (24%)
  • Information Risk Management (30%)
  • Information Security Program Management and Development (27%)
  • Information Security Incident Management (19%)

To ensure your success on the exam, consider purchasing a CISM exam prep course. Practice exams and e-Learning products can go a long way toward helping you pass.

Step 2: Comply with the Code of Professional Ethics

ISACA has developed a Code of Professional Ethics designed to guide the conduct of association members and certificants. If you fail to comply, ISACA may investigate your conduct, which could lead to disciplinary measures.

Step 3: Participate in the Continued Professional Education (CPE) Program

This entails paying a maintenance fee and keeping a minimum of 20 contact hours of CPE annually. Additionally, candidates must also ensure they complete a minimum of 120 contact hours over a period of 3 years to keep in compliance with ISACA requirements.

Step 4: Meet the Minimum Experience Requirement

You must submit verified evidence that you have worked a minimum of five years in the field of information security, with a minimum of three years in information security management in at least three of the job practice analysis areas. You can learn more about the work experience requirement on the ISACA website.

Step 5: Submit Application to ISACA

The final step in your certification process is submitting your application. You can do that online at the ISACA website. You must pay a $50 application processing fee before submitting your application.

Posted by: Troy McMillan