A Certified Information Security Manager (CISM) course is offered by the Information Systems Audit and Control Association (ISACA). This course enhances an individual’s expertise and knowledge of how information security programs and processes tie in with broader business targets. This certification is proof that a candidate has applied experience in developing, implementing and managing security programs for the information generation processes in an enterprise
This certification is particularly useful for individuals who have considerable hands-on experience in dealing with the development and management processes of information security programs. It covers a total of four domains and is an ideal course for students and professionals alike. At the base of it, this is a professional audit certification. Professionals who are dealing with or want to venture into information security audit and control programs will benefit from this course.
CISM certification validates a professional’s commitment to understanding and integrating technical competence, business processes, and strategic targets. Given how valuable it is, it not hard to understand why companies are clamoring to hire people with this certification.
New threats and vulnerabilities are emerging every day. This is shifting the focus of information security from protection to prediction. As companies look to tighten information security while predicting threats, their biggest risk comes not from outside, but inside – lack of professionals skilled to handle the shift.
CISM certification stands out over other courses by ISACA because it is more management-oriented. It was introduced to promote international security practices while managing an enterprise’s information security programs.
Also Read: Top Paying IT Certifications |
There is no set of rules that dictate whether you should get this certification or not. There are stringent testing criteria and heavy work experience requirements. Before you delve into the world of information security, you need to analyze whether you can spend a considerable period of a career in this field. This course is generally ideal for
Recommended Articles:
How to Get a Certified in Risk and Information Systems Control (CRISC)
A Step by Step Guide on How to Get a CISSP Certification
To become a security manager, there are some CISM certification requirements. They are
The CISM exam is conducted twice a year – in June and December. The exam itself contains 200 questions that are multiple-choice and multiple-answer questions. The total duration of the exam is four hours. Candidates are generally tested in four different domains. For candidates to pass the exam, they need to earn a scaled score of 450 or higher. These four domains are
The percentages denote weightage in the exam. These weights and the domains themselves could be changed to keep abreast of the changing tides in information security. However, major changes that have a huge impact on the examination taking are rare.
The pass percentage for the CISM exam hovers between 40% – 60%. This pass percentage is average compared to the other exams in the same area. If someone comes from a background of information security, the pass percentage can be higher.
For those individuals who don’t have the experience of working in an information security role, the pass percentage would be slightly lower. So, stating objectively why the percentage is low, is an incorrect statement to make.
CISM costs vary depending on whether you’re a member of ISACA or not. Apart from the $50 application fee, you can expect to pay anywhere between $415 to $595. If you’re not a member, then the early registration fee would be $545, while it would be $415 for members.
The final application fee for members would be $465 and $595 for non-members of ISACA. After you’ve cleared the exam, you have to pay a continuing education fee as well in line with their CPE policy
The life of a CISM certification is 3 years. You’re expected to earn 20 continuing professional education hours the year you complete your exam. By the end of 3 years, you’re expected to show 120 continuing professional education hours to qualify for the renewal of your certification. After showing that minimum experience, you have to pay a fee, and your certificate gets renewed. These credit hours must be completed in a job where you can apply the principles of your certification directly.
As a CISM professional, you would be recognized for your ability, technical competence, and knowledge of how to integrate business objectives with the information security requirements in an enterprise. It is easy to stride ahead with this certification because of its global recognition.
Because of the time and financial investment required, completing this certification shows commitment to the course. This certification, along with ISACA membership, will add value to your professional network through idea exchange, thus opening up new job avenues for you.
Some roles that CISM professionals can get into are
Apart from this, there are a lot of positions open for professionals at each level of management. There is no dearth of job opportunities for them. Case in points – in 2018, more than 8500 jobs were posted that needed CISM qualification. The salary for CISM professionals in various capacities ranging from $75000 to $243000. However, the average salary(1) is about $150000.
ISACA has access to a lot of online practice guides, study materials, practice questions, mock exams, and other material required to do well in the exam. Apart from that, there are a lot of other third parties who provide practice studies for the exam.