Certified Information Security Manager (CISM)

Select your learning method

Overview Learning objectives What you'll learn Key facts FAQs What our customers say Get in touch

Learn essential skills

Course overview

Ready to step into a leadership role in information security? Our Certified Information Security Manager (CISM) training helps you master risk management, incident response, and security governance. Globally recognised, it’s perfect for advancing your career and protecting what matters most to your organisation.

Implement essential security systems to ensure robust protection against evolving threats with CISM

A globally recognised qualification for enterprise security professionals, this course teaches you advanced knowledge of information security management. It equips you with the expertise to manage, design, and oversee information security systems in line with organisational goals and continually evolving threats that affect businesses in today’s digital and data-driven world.

Learning objectives

By the end of course, you will be able to:

Manage and review information security activities and infrastructure
Plan and perform information security requirements effectively
Apply life-cycle risk management practices and principles
Manage risks during events affecting security baselines
Analyse techniques to mitigate risks to acceptable levels

What you'll learn

Gain in-depth training on managing enterprise security frameworks that helps you create governance policies that support business goals, assess and mitigate risks to protect sensitive data, and build effective security programs. The course also covers incident management techniques, enabling quick responses and minimal disruption to operations. Ensuring you’re prepared to manage complex security challenges.

Information security management activities

In the ISACA CISM course, information security management activities encompass essential tasks that safeguard organisational data and systems. You’ll learn to plan, implement, and monitor security measures, establish policies aligned with business goals, assess and manage risks, and ensure compliance. These activities help maintain a resilient security posture, protecting sensitive information in today’s dynamic threat landscape.

Life-cycle-based risk management practices and principles

Learn about the risk management practices and principles that focus on identifying, assessing, and managing security risks throughout the entire life span of an information system. These practices are essential in today’s complex business environment, where evolving threats require continuous oversight. By applying risk management at each stage, from planning and development to implementation and maintenance, you can proactively address vulnerabilities, adapt to regulatory requirements, and ensure resilient security strategies that support long-term business goals.

Risk management guidance

The ISACA CISM guidance outlines several risk management steps for handling events that could impact your organisation. These include identifying and assessing potential threats, evaluating vulnerabilities and their business impact, and developing response strategies. In addition, CISM emphasises continuous monitoring and regular reviews of existing information security controls, to ensure they are still effective at mitigating internal and external factors.

What's included

Three months online access to 40 hours of CISM eLearning
ISACA kit and exam included
Official review manual from ISACA
Official CISM review questions & explanations database

Key facts

Certification

Certified Information Security Manager (CISM)

Who it’s for

CISM is specifically for experienced security managers and those in information security (IS) roles including IS Managers, IT Managers, IT Directors, CISOs, Chief Compliance Officers, Chief Risk Officers, Chief Privacy Officers.

Prerequisites

There are no prerequisites to do this course or to take the exam. However, there are prerequisites to earning the CISM certification. See FAQs for more details.

Exam information

240 minutes (four hours), 150 multiple choice questions. See FAQs for more details about the exam booking process and pass mark.

Optional extras

There are no optional extras to accompany this course.

Pre-course

There is no pre-course work for this training course.

FAQs

Delivered in partnership with Simplilearn, the CISM course prepares professionals to design and manage enterprise security systems, covering governance, risk management, and compliance standards.

What criteria do I have to meet to become fully CISM certified?

To become fully certified, you must pass the CISM exam; complete five years of work experience in the described CISM job practice areas, within the 10-year period after completing your application form; gain 120 Continuing Professional Education (CPE) hours during a three-year reporting period, earning a minimum of 20 CPE hours per year; and adhere to ISACA’s Code of Professional Ethics. If you’ve taken the exam before meeting the other criterion, you have five years from the pass date to apply for the certification. For full details visit the ISACA site.

When is the ISACA CISM exam conducted?

CISM exam appointments are only available 90 days in advance, for more information and guidance on how to book your exam, visit the ISACA website. You can download the Exam Candidate Guide from the ISACA website.

What is the pass mark for the ISACA CISM exam?

ISACA examining board uses a 200–800-point scale for calculating the marks. A minimum score of 450 or higher is mandatory to obtain the certification.

What are the benefits of completing the CISM course and passing the exam?

The CISM course provides in-depth knowledge of information security management, equipping you with essential skills to manage security programmes, mitigate risks, and ensure compliance. In today’s digital landscape where cyber threats are ever increasing, these skills empower you to protect organisational data effectively and strengthen overall business resilience. CISM is a globally recognised certification that’ll help you progress your career in this critical field. By passing the exam, you meet one of the criteria for achieving the certification.

What our customers say

"Absolutely fantastic and outstanding! So kind, super helpful and forthcoming. A very pleasant experience. THANK YOU!"

Helliana Berner – ILX learner

"Excellent courses, services and support."

Antonio Liccardo – ILX learner