CISM Certification Overview

 

This overview will give you the groundwork to begin your journey into the elite ranks of Certified Information Security Managers. Whether you have an IT Security management background or you have a strong background in Auditing management the CISM certification is perfect for you.

 

 The best place for information is at the source. So check out ISACA at www.isaca.org/cisa. As the sponsors of this certification ISACA provides some great insights into the CISA certification.

 

Requirements to become CISM certified:


Take a look at the requirements to become CISM certified.
1. Pass the CISM Exam, which is only offered twice a year.
2. Submit an application and prove you have five years of IS auditing, control or security work experience or have valid substitutes (explained later) with a minimum of 3 years security management experience.
3. Agree to Code of Professional Ethics.
4. Pay yearly fee and Minimum of 20 hours CPE (Continuing Education Program) and 120 CPEs every three years.

 

If you have IT certifications like higher level Microsoft, Cisco, or CISSP Certifications you will already have 50% of the knowledge needed. Conversely if you have security management experience you will have the other 50% of knowledge needed. However you will need some additional tools to pass. I recommend checking out Pass IT Exams questions and the CISM Prep Guide just check CISABooks.com for the best prices. 
 

I would also recommend that if you do not have a lot of experience an instructor led class like CISMTraining.com offers. Unfortunately in my area Washington DC their are only 3 or 4 options for an instructor led class so you may need to travel to take it. If the company will pay for it or re-imburse your expense for the class then definelty take the class. If nothing else it forces you to take the time to study for the exam. Classes can cost around $3,500 and the exam was $350 last I checked.

 

 

Registering for CISM Exam:

 

Register for CISM Exam and pass the exam. Please note that the CISM exam is only offered twice a year and you must register almost 2.5 months ahead of the test date. Registration can be done through the ISACA.org web site. The exam is 4 hours and has 200 multiple choice questions you must score at least a 450 out of a scale of 200-800. Unfortunately, you will not know your score until 2 months later.

 

Passed the Exam now what:

Once you have passed the exam you will need to fill out an application

that includes a detailed list of your experience to meet the 5 year requirement information security experience with 3 years of information security management experience. The experience must be in the preceding 10 years or the work experience must be gained within five years from the date of originally passing the exam.

However you can substitute years for the following areas:
1. CISA in good standing fill in for 2 years experience
2. CISSP in good standing fill in for 2 years experience
3. Post Graduate degree in an Information Security field fill in for 2 years experience.
4. 1 year of Information Security Management experience fill in for 1 year of experience.
5. Following certifications: MCSE, GIAC, Security+, CBCP, and ESL IT Security Manager fill in for 1 year of experience.

 

I am now CISM Certified, now what?

 

You passed the test, applied for membership and have now been accepted.  What is left to do, just maintain your professional standing by  paying yearly fee and completing a Minimum of 20 hours CPE (Continuing Education Program) and 120 CPEs every three years.  Finally just ask your boss for the raise you have been looking for. Good Luck and enjoy it.

 

 

Advice and Things to Watch Out for:

Add sites to your favorites folder if you find them useful, for example CISABooks.com (just a hint)
Remeber that ISACA has an will change the requirements; so make sure to review them beore signing up for the exam.

 

Resources for CISA Certification:

 

 

Sponsored Links