A Quick Glance

  • black-arrow

    Comprehensive guidance with CISM Exam Application Process

  • black-arrow

    Understand how to design and manage enterprise information security

  • black-arrow

    Prove knowledge of information security best practices to employers

  • black-arrow

    Taught by experienced and charismatic trainers

CISM certification is a program made for information security executives, information security experts and persons who are planning a career in information security management.

Our CISM training thoroughly prepares delegates for CISM certification, which combines the achievement of passing an internationally-respected exam with recognition of the knowledge, skills and experience required to work effectively within Information Security Management. 

This training course looks at the four main domains of information security management as covered by the CISM exam, with an eye to passing first time and achieving this highly-respected certification.

Who should take this course

  • Information Security Managers
  • Aspiring Information Security Managers 
  • IS/IT Consultants


There are no prerequisites to attend the course or take the CISM exam. However, full CISM certification has an experience requirement of a minimum of five years of information security work experience, with a minimum of three years of information security management work experience in three or more of job practice areas covered by the exam.


What Will You Learn

  • Demonstrate understanding of the relationship between information security and business strategy
  • Prove your knowledge and experience of information security management
  • Join a network of global information security experts 

What's included

  Course Overview

The ISACA Certified Information Security Manager (CISM) exam is intended to certify the competency of security professionals to manage, design, oversees and assess an enterprise’s information security.

Our 4-day CISM course provides a thorough look at the requirements of the CISM exam, covering in-depth the four information security management domains which the exam measures capability in. These are:

  • Information Security Governance
  • Information Risk Management and Compliance
  • Information Security Program Development and Management
  • Information Security Incident Management


CISM Exam:

  • Exam Type: Multiple-choice
  • Duration: 4 hours
  • Closed Book Exam

  Course Content

Introduction to Certified Information Security Manager (CISM)

  • Objectives and Expectations
  • What is Information Security?
  • The Goals of Information Security
  • Principles for Information Security Professionals


Domain 1 – Information Security Governance

  • Outline
  • Knowledge Statements
  • Introduction to Information Security Governance
  • Effective Information Security Governance
  • Governance and Third Party Relationships
  • Information Security Metrics
  • Information Security Governance Metrics
  • Information Security Strategy
  • Information Security Strategy Development
  • Strategy Resources and Constraints
  • Other Frameworks
  • Compliances
  • Action Plans to Implement Strategy
  • Governance of Enterprise IT


Domain 2 – Information Risk Management and Compliance

  • Information Risk Management
  • Task and Knowledge Statements
  • Risk Management Overview
  • Risk Assessment
  • Information Asset Classification
  • Assessment Management
  • Information Resource Valuation
  • Recovery Time Objectives
  • Security Control Baselines
  • Risk Monitoring
  • Training and Awareness
  • Information Risk Management Documentation


Domain 3 – Information Security Program Development and Management

  • Task and Knowledge Statements
  • Information Security Program Management Overview
  • Information Security Program Objectives
  • Information Security Program Concepts
  • Information Security Program Technology Resources
  • Information Security Program Development
  • Information Security Program Framework
  • Information Security Program Roadmap
  • Enterprise Information Security Architecture (EISA)
  • Security Program Management and Administration
  • Security Program Services and Operational Activities
  • Controls
  • Security Program Metrics and Monitoring
  • Measuring Operational Performance
  • Common Information Security Program Challenges


Domain 4 – Information Security Incident Management

  • Task and Knowledge Statements
  • Incident Management Overview
  • Incident Management Procedures
  • Incident Management Resources
  • Incident Management Objectives
  • Incident Management Metrics and Indicators
  • Defining Incident Management Procedures
  • Business Continuity and Disaster Recovery Procedures
  • Post Incident Activities and Investigation
  • ISACA Code of Professional Ethics
  • Laws and Regulations
  • Policy Versus Law Within an Organization
  • Ethics and the Internet IAB
  • Certification requirements
  • CISM in the Workplace
  • The CISM Priorities
  • Understand How Questions Are Structured
  • Preparing for the Examination
  • Recommended Reading for the CISM Exam
  • Exam Favourites

CISM Certified Information Security Manager Schedules

Course Name Duration Dates Price
CISM Certified Information Security Manager 4 Days Cardiff
CISM Certified Information Security Manager 4 Days Virtual
CISM Certified Information Security Manager 4 Days Manchester
CISM Certified Information Security Manager 4 Days Virtual
CISM Certified Information Security Manager 4 Days London