Skip to main content


Pass the CISM® exam on the first attempt

With a growing demand for people with Information Security (IS) Management skills, CISM has become a leading international IS certification designed for those who manage, design, oversee or assess an organisation’s information security. With a growing demand for people with Information Security (IS) Management skills, achieving CISM status will provide you with wider recognition in the marketplace, as well as increased influence at the executive level. Launched in 2002, CISM is internationally recognised and held by over 45,000 IT professionals worldwide.

The CISM Exam Preparation course is an on-demand four-day instructor-led classroom session that provides a comprehensive revision programme for the key job practice knowledge domains and exam preparation exercises designed to ensure that delegates pass the exam on the first attempt. The course provides intensive revision for the challenging CISM exam, moving you closer to achieving the known benefits of CISM certification such as higher earning potential and career advancement.

“The CISM certification promotes international practices and provides executive management with assurance that those earning the designation have the required experience and knowledge to provide effective security management and consulting services.” (ISACA)

  • Length: 4 days
  • Level: Advanced
CISM Exam Prep agenda

CISM core curriculum

This course provides the core CISM competencies required by professionals planning to sit the CISM exam and prepares you for the exam systematically and comprehensively. The program mirrors the examination structure and covers the four CISM job practice domains:

  • Domain 1: Information Security Governance (17%)
  • Domain 2: Information Security Risk Management (20%)
  • Domain 3: Information Security Program (33%)
  • Domain 4: Incident Management (30%)

The percentages indicate the emphasis of questions on the exam paper. During the course, you will cover the following aspects for each Domain:

  • Definition
  • Objectives
  • Task and knowledge statements
  • Practice exam questions

The study program includes:

  • An initial CISM knowledge assessment
  • Classroom presentations of key topics
  • Individual/team exercises and discussion sessions
  • Final exam preparation with example practice questions

Who should attend?

  • CSOs, CISOs and CIOs
  • Security professionals with front-line experience
  • Security auditors
  • Information security staff
  • Compliance personnel
  • Information security managers
  • Information security assurance providers
  • Risk managers
Team meeting in Asseco Poland S.A.

The CISM exam

To earn a CISM certification, candidates must pass the CISM test with a score of at least 450 (out of a possible 800) and have at least five years of professional experience in information security and IT security management, assurance, or control. The previous experience requirement must have been within the last ten years preceding the application date for certification.

The CISM examination runs a multiple-choice format and consists of a long, 4-hour session (240 minutes) with 150 questions. The examination tests the candidate’s knowledge of Information System Security, Information Security, Information Security Management principles and practices, as well as technical content areas.

ISACA uses and reports scores on a common scale from 200 to 800.
  • A candidate must receive a score of 450 or higher to pass.
  • A score of 800 represents a perfect score with all questions answered correctly.
  • A score of 200 represents the lowest score possible and signifies only a small number of questions were answered correctly.


The exam is not taken during this training course. Exam session needs to be booked directly using the ISACA website. My personal training experience shows that delegates have the highest chance of success if they sit the exam approximately two to four weeks after completing the training course.

Contact me (trainer) directly using below form

    Your Name and Surname (required)

    Your Email (required)

    Subject (required)

    Your Message (required)


    ISACA certifications recognized by the U.S. Department of Defence; DoD Directive 8140 (8570)

    CISA® credentials were recognized in DoD Directive 8140 (8570) for:

    • Information Assurance Technical (IAT) Level III
    • Cyber Security Service Provider (CSSP) Auditor

    CISM® credentials were recognized in DoD Directive 8140 (8570):

    • Information Assurance Management (IAM) Level II & III
    • Cyber Security Service Provider (CSSP) Manager

    Department of Defense (DoD) – United States Department of Defense – a federal agency of the United States responsible for coordinating and overseeing government agencies and functions related to national security and the armed forces. The Department of Defense coordinates the work of three branches:

    • Department of the Army (U.S. Army), responsible for land forces
    • Department of the Navy (U.S. Navy), responsible for naval forces
    • Department of the Air Force (U.S. Air Force), responsible for air forces
    Seal of the United States Department of the Army

    Seal of the United States Department of the Army

    Seal of the United States Department of the Navy

    Seal of the United States Department of the Navy

    Seal of the United States Department of the Air Force

    Seal of the United States Department of the Air Forces

    Additional materials


    Exam Simulator

    After 20 years in IT, and more than 10 years since I passed the CISM® exam, I’ve decided to give something back to the community. I hope you will find this free exam simulator valuable when studying for the CISM® exam.

    Review Manual

    A copy of the current CISM® Review Manual is essential (in theory) for any exam candidate. Unless you already have your copy, you can purchase the CISM® Review Manual on the official ISACA CISM website.
    ISACA store


    The “Questions, Answers & Explanations (QAE) Manual” was publicly available a few years ago (definitely, when I was taking the CISM® exam). Its purpose was to guide and assist question writers, making them more skilled in writing exam questions.

    The ISACA Glossary

    People taking the ISACA exam are generally quite experienced, so it may sound like a joke or an easy way to “fill the gaps” on the website, so UX design is better 🙂

    However, believe me, after passing more than 200 exams, I can say that each organization/certification body has its “flavours” and sometimes slightly different definitions of common topics. So it’s valuable to at least take a glimpse at a glossary once.

    ISACA Glossary

    Mind map

    For self-learning

    Mind Map


    An experienced DSDM / Agile PM trainer and evangelist having good analytical and technical skills. Agalyst by nature with solid and broad knowledge in (...)

    Sebastian Wencel
    Sebastian Wencel ★ AgilePM

    Brałam udział w prowadzonym przez Mirka pierwszym w Polsce warsztacie Playing Lean, a także w Management 3.0. Mirek klarownie tłumaczy, zaraża pasją, (...)

    Mirek is an example of very good prepared trainer. He was a teacher of Oracle OO226 course at Warsaw's Oracle University.
    He was very good prepared (...)

    Paweł Janusz
    Paweł Janusz ★ PRINCE2, OCM JavaEE 5 Enterprise Architect

    Uczestniczyłem w szkoleniu na temat metodyki AGILEPM, które poprowadził Mirek i z całym przekonaniem mogę polecić go jako trenera.

    Mirek (...)

    I had a pleasure to meet Mirosław at the CareerCon IT Conference and Job Fair in Lodz, Poland, where he gave an enlighting presentation on Agile (...)

    Mirek szkolił mnie do egzaminu AgilePM. Powiem tak, nie tylko wiedza przydała się na egzaminie, ale również w pracy IT Project Managera.

    Marta Markiewicz
    Marta Markiewicz ★ PMP, AgilePM

    Jestem kolejną osobą, która miała przyjemność zobaczyć i posłuchać Mirosława. Zdecydowanie zaciekawił mnie swoim wykładem i zainspirował do (...)

    I had a pleasure to attend in course JavaSE,which was conducted by Mirosław. Mirosław is an excellent trainer with deep knowledge of Java, design (...)

    Piotr Szwed
    Piotr Szwed ★ OCA JavaSE 7

    Miałem przyjemność uczestniczyć w szkoleniu M_o_R, które prowadził Mirek. Jeszcze nigdy nie trafił mi się tak proaktywny i zaangażowany prowadzący. (...)

    Grzegorz Mazur
    Grzegorz Mazur ★ PRINCE2 Practitioner, MSP, M_o_R

    This course is part of our ISACA Examination Preparation Programme which designed to provide an intensive and complete preparation to help delegates pass the CISA, CISM, CGEIT or CRISC exams.

    Subscribe To Our Newsletter

    Subscribe To Our Newsletter

    Join our mailing list to receive the latest news and updates from our team.


    You have Successfully Subscribed!