<
p class=””>The Certified Information Systems Manager (CISM) qualification is provided by ISACA, and roughly on a par with it’s CISA IT audit qualification.
It is a certification for IT security managers, and like CISA tries to strike a balance between technical IT knowledge and business understanding, with a focus on information risk management, information security governance, incident management, and developing and managing an information security program.
It requires a four hour multiple choice exam and five years relevant experience in an information security management role, although part of this can e waived for other relevant experience. Holders can use the post-nominal letters ‘CISM’, and their status can be verified on ISACA’s web site.
How can I obtain a CISM qualification?
There are two things you need to do to qualify: Pass a multiple choice exam, and demonstrate relevant experience. As with other ISACA qualifications, you can get a year or two off the experience requirement from relevant degrees and qualifications. You will also need to:
-
Adhere to the Code of Professional Ethics: – Agree to adhere to the ISACA Code of Professional Ethics, which sets the standards for professional behaviour and competence.
-
Submit the CISM Application: – After passing the exam, submit your CISM application, verifying your work experience and adherence to the Code of Professional Ethics.
-
Adhere to Continuing Professional Education (CPE) Requirements: – Maintain your CISM certification by earning and reporting CPE hours annually, ensuring you stay updated on the latest developments in information security.
What does it cover?
The syllabus is split into four domains. You need to do well in all areas to pass the exam, but just like CISA, some areas are more important than others:
<
ol>
Information Security Governance (17%)
This domain will provide you with a thorough insight into the culture, regulations and structure involved in enterprise governance, as well as enabling you to analyse, plan and develop information security strategies.
Any wider information sec
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.