Skip to main content

Certified Information Security Manager (CISM®) course

Pass the CISM® exam on the first attempt

About

Pass the CISM® exam on the first attempt

With a growing demand for people with Information Security (IS) Management skills, CISM has become a leading international IS certification designed for those who manage, design, oversee or assess an organisation’s information security. With a growing demand for people with Information Security (IS) Management skills, achieving CISM status will provide you with wider recognition in the marketplace, as well as increased influence at the executive level. Launched in 2002, CISM is internationally recognised and held by over 45,000 IT professionals worldwide.

The CISM Exam Preparation course is an on-demand four-day instructor-led classroom session that provides a comprehensive revision programme for the key job practice knowledge domains and exam preparation exercises designed to ensure that delegates pass the exam on the first attempt. The course provides intensive revision for the challenging CISM exam, moving you closer to achieving the known benefits of CISM certification such as higher earning potential and career advancement.

“The CISM certification promotes international practices and provides executive management with assurance that those earning the designation have the required experience and knowledge to provide effective security management and consulting services.” (ISACA)

  • Length: 4 days
  • Level: Advanced
CISM Exam Prep agenda

CISM core curriculum

This course provides the core CISM competencies required by professionals planning to sit the CISM exam and prepares you for the exam systematically and comprehensively. The program mirrors the examination structure and covers the four CISM job practice domains:

  • Domain 1: Information Security Governance (17%)
  • Domain 2: Information Security Risk Management (20%)
  • Domain 3: Information Security Program (33%)
  • Domain 4: Incident Management (30%)

The percentages indicate the emphasis of questions on the exam paper. During the course, you will cover the following aspects for each Domain:

  • Definition
  • Objectives
  • Task and knowledge statements
  • Practice exam questions

The study program includes:

  • An initial CISM knowledge assessment
  • Classroom presentations of key topics
  • Individual/team exercises and discussion sessions
  • Final exam preparation with example practice questions

Who should attend?

  • CSOs, CISOs and CIOs
  • Security professionals with front-line experience
  • Security auditors
  • Information security staff
  • Compliance personnel
  • Information security managers
  • Information security assurance providers
  • Risk managers
Team meeting in Asseco Poland S.A.

The CISM exam

To earn a CISM certification, candidates must pass the CISM test with a score of at least 450 (out of a possible 800) and have at least five years of professional experience in information security and IT security management, assurance, or control. The previous experience requirement must have been within the last ten years preceding the application date for certification.

The CISM examination runs a multiple-choice format and consists of a long, 4-hour session (240 minutes) with 150 questions. The examination tests the candidate’s knowledge of Information System Security, Information Security, Information Security Management principles and practices, as well as technical content areas.

ISACA uses and reports scores on a common scale from 200 to 800.
  • A candidate must receive a score of 450 or higher to pass.
  • A score of 800 represents a perfect score with all questions answered correctly.
  • A score of 200 represents the lowest score possible and signifies only a small number of questions were answered correctly.

CISM Exam

The exam is not taken during this training course. Exam session needs to be booked directly using the ISACA website. My personal training experience shows that delegates have the highest chance of success if they sit the exam approximately two to four weeks after completing the training course.

Contact me (trainer) directly using below form

    Your Name and Surname (required)

    Your Email (required)

    Subject (required)

    Your Message (required)

     

    ISACA certifications recognized by the U.S. Department of Defence; DoD Directive 8140 (8570)

    CISA® credentials were recognized in DoD Directive 8140 (8570) for:

    • Information Assurance Technical (IAT) Level III
    • Cyber Security Service Provider (CSSP) Auditor

    CISM® credentials were recognized in DoD Directive 8140 (8570):

    • Information Assurance Management (IAM) Level II & III
    • Cyber Security Service Provider (CSSP) Manager

    Department of Defense (DoD) – United States Department of Defense – a federal agency of the United States responsible for coordinating and overseeing government agencies and functions related to national security and the armed forces. The Department of Defense coordinates the work of three branches:

    • Department of the Army (U.S. Army), responsible for land forces
    • Department of the Navy (U.S. Navy), responsible for naval forces
    • Department of the Air Force (U.S. Air Force), responsible for air forces

    Seal of the United States Department of the Army

    Seal of the United States Department of the Navy

    Seal of the United States Department of the Air Forces

    Additional materials

    null

    Exam Simulator

    After 20 years in IT, and more than 10 years since I passed the CISM® exam, I’ve decided to give something back to the community. I hope you will find this free exam simulator valuable when studying for the CISM® exam.
    Simulator
    null

    Review Manual

    A copy of the current CISM® Review Manual is essential (in theory) for any exam candidate. Unless you already have your copy, you can purchase the CISM® Review Manual on the official ISACA CISM website.
    ISACA store
    null

    CISM® QAE

    The “Questions, Answers & Explanations (QAE) Manual” was publicly available a few years ago (definitely, when I was taking the CISM® exam). Its purpose was to guide and assist question writers, making them more skilled in writing exam questions.
    CISM QAE
    null

    The ISACA Glossary

    People taking the ISACA exam are generally quite experienced, so it may sound like a joke or an easy way to “fill the gaps” on the website, so UX design is better 🙂

    However, believe me, after passing more than 200 exams, I can say that each organization/certification body has its “flavours” and sometimes slightly different definitions of common topics. So it’s valuable to at least take a glimpse at a glossary once.

    ISACA Glossary

    Mind map

    For self-learning

    Mind Map

    Testimonials

    I can recommend Mirek for both his great devotion and passion to his instructor work, and professional and technical knowledge related to all aspects (...)

    Jacek Jackowski
    Jacek Jackowski ★ SCJP 5
    IT System Designer at Polkomtel Sp. z o.o.

    At last week I went through training conducted by Miroslaw. Training topics were related to Scrum. I am impressed by the Miroslaw's knowleage and (...)

    Robert Zieliński
    Robert Zieliński ★ PMP
    Business Development Manager at Arvato Services Poland

    Świetnie przeprowadzone szkolenie ITIL, oparte na żywych przykładach i rozwiązaniach a nie tylko na twardych regułkach umożliwiło mi dużo szybsze (...)

    Jakub Ochwat
    Jakub Ochwat ★ ITIL
    Key Account Manager w IT Punkt

    The training with Miroslaw it was a pleasure. His knowledge is very good and it is not only "book knowledge" but with many real life examples. He has (...)

    Krzysztof Maryniak
    Krzysztof Maryniak ★ PRINCE2, ITIL
    IT Manager at Hellmann Worldwide Logistics

    Odwaga w podejmowaniu wyzwań i umiejętność pracy w ciężkich warunkach a w szczególności pod ogromną presją czasu.

    Paweł Leszczuk
    Paweł Leszczuk ★ PRINCE2
    Director of Wind Power Department at ENERIA

    Świetne szkolenie odpowiednio przygotowujące do egzaminu z PRINCE2. Bardzo dobre materiały, oraz sposób wykładania tematu. Zdecydowanie najmocniejszym (...)

    Maciej Bartłomiejczyk
    Maciej Bartłomiejczyk ★ PRINCE2
    Senior Java Software Engineer at HEUTHES sp. z o.o.

    Uczestniczyłem w szkoleniach prowadzonych przez Mirosława. Szeroką i szczegółową wiedzę popartą doświadczeniem Mirek przekazał w przystępny i (...)

    Artur Klimek
    Artur Klimek
    Low-level IT Manager w Izbie Administracji Skarbowej w Opolu

    I participated in an 80-hour Java programming course led by Mirosław, and I wholeheartedly recommend him as an outstanding trainer. Mirosław possesses (...)

    Amadeusz Szewczyk
    Amadeusz Szewczyk
    🇪🇺 EU Funds Expert | Project Manager

    Mirek has great knowledge on topics that he is teaching. Trainings are well prepared both in materials and real life examples. If you have possibility (...)

    Maciej Mordaka
    Maciej Mordaka ★ PMP, PRINCE2, P3O, ITIL, PSM-I
    Team Manager at Atos

    This course is part of our ISACA Examination Preparation Programme which designed to provide an intensive and complete preparation to help delegates pass the CISA, CISM, CGEIT or CRISC exams.

    Subscribe To Our Newsletter

    Subscribe To Our Newsletter

    Join our mailing list to receive the latest news and updates from our team.

    GDPR EN

    You have Successfully Subscribed!

    Administratorem danych, które tu wpisujesz będzie Mirosław Dąbrowski, ul. Czorsztyńska 10A/9, 01-410 Warszawa; NIP: PL8442144929. Dane będą przetwarzane w celu marketingu bezpośredniego naszych produktów i usług. Podstawą prawną przetwarzania jest uzasadniony interes Administratora. Masz m.in. prawo do żądania dostępu do danych, sprostowania, usunięcia oraz zgłoszenia sprzeciwu na marketing produktów i usług Administratora, jak również skorzystać z innych praw opisanych szczegółowo w polityce prywatności. Odbiorcami Twoich danych czyli podmiotami, którym będziemy mogli przekazać Twoje dane zgodnie z obowiązującym prawem będą podmioty pomagające Nam w działaniach związanych z opisanym wyżej marketingiem bezpośrednim produktów i usług własnych oraz inne podmioty uprawnione do uzyskania danych na podstawie obowiązującego prawa.