ISACA's Certified Information Security Manager (CISM) certification indicates and individual's expertise within the field of Information security governance, program development and management, incident management and risk management. Take your career out of the technical realm to management!
Every year, ISACA publishes an updated version of its candidate guide. It provides lots of practical information for the CISM exam. The latest version is freely available from the ISACA website.This should be used to review important topics such as exam registration, deadlines and key details for exam-day administration. It even contains valuable information such as the exam domains, the number of exam questions, exam length and languages. No candidate should take the CISM exam without reading this guide.
The CISM Review Manual 15th Edition is designed to help you prepare for the CISM exam. This comprehensive, easy-to-navigate manual is organized into chapters that correspond to the four job practice areas covered in the CISM exam. The CISM Review Questions, Answers & Explanations Manual 9th Edition consists of 1,000 multiple-choice study questions, answers and explanations, which are organized according to the CISM job practice domains.
The CISM exam contains 150 questions and covers four information security management areas, each of which is further defined and detailed through Task & Knowledge statements.
Get the best of both worlds: personal interaction with expert instructors and the convenience of an online classroom. Expand your understanding of everything from audit and assurance to information security, cybersecurity, and managing reporting on risk. Our expert training will guide you through the critical concepts needed to master the CISM exam.
CISM primarily is designed for professionals with work exposure in Information Security. CISM in simple terms is 30,000-foot view through deep concentration on the strategic dimension of information security governance, program development and management to control probable impact on the organizational success. It can assist you in gaining higher quality for a new position or a raise or employment at a new organization or at your company, besides other benefits. As compared to other exams in the niche, it isn't considered particularly very tough to crack. If we talk about the exam content and syllabus, the exam consists of only 150 questions, which is a lighter one that most aspirants and successful professionals would agree to. It covers basic knowledge on a wide range of topics versus the specific knowledge in a particular topic. It depends on your learning style and previous experience; it could be both easy and tough. Interestingly, since this certification requires 5 years of experience and therefore is not intended for that information on the exam that is easier and for someone who is just starting their career.
So, when talking about the job profiles for those who are starting out, it is always easier for those who have a couple of years experience than people who have no relevant experience in the field. It is known for a fact, that people who take CISM have already been working in the industry for 5 years and their perception or experience of the exam will vary. So, in the CISM exam also, it is completely a subjective matter. Although, it is known that they have increased the difficulty level over the years has been increased with the evolving times and standards in the industry and hence the opinions can vary significantly.
It has been observed that individuals with technical background constantly encounter complications in understanding the concepts of governance and auditing, as they concentrate more on the technical aspects. This is a strong reason for not being able to perform as an individual must also look at the holistic approach to thinking from a manager’s or an auditor’s perspective.
And on the other hand, it becomes difficult for an individual with auditing and accounting background to understand the technical topics. Such students/candidates need to work on the core concepts and objective of a technology being developed.
Whereas, the most experienced professionals try to apply their own techniques which turn out to be unreliable. It is recommended for you to solely consider ISACA’s techniques as these are globally accepted, practical and is standardized.