The CISM Exam: What to expect?

GRC Lab

15 Mar 202517:46

Summary

TLDRIn this video, we explore the Certified Information Security Manager (CISM) certification, a top-tier credential for leaders in information security. The CISM focuses on management and leadership skills, setting it apart from more technical certifications like CISSP. The video covers the certification's benefits, the exam format, and the requirements to earn and maintain it, including passing the exam, demonstrating professional experience, adhering to a code of ethics, and completing ongoing professional development. The CISM is a valuable asset for advancing careers in information security management, offering opportunities for leadership roles and competitive salaries.

Takeaways

😀 CISM (Certified Information Security Manager) is a top-tier certification focusing on leadership and management in information security, rather than technical aspects.
😀 Unlike other certifications like CISSP, CISM emphasizes skills in governance, risk management, and security incident management.
😀 The CISM certification is globally recognized and valued, with over 65,000 professionals holding the credential worldwide.
😀 In 2020, CISM won the SC Award for Best Professional Certification Program, highlighting its prestige and value in the industry.
😀 The CISM exam consists of 150 multiple-choice questions, covering four key domains: Information Security Governance, Risk Management, Program Development & Management, and Incident Management.
😀 To become certified, candidates need at least 5 years of experience in Information Security Management, with some flexibility to substitute relevant experience.
😀 CISM certification holders are required to adhere to ISACA's Code of Professional Ethics, ensuring integrity and high standards in their professional conduct.
😀 Continuous Professional Education (CPE) is mandatory to maintain the CISM certification, requiring 20 CPE hours annually and 120 hours over three years.
😀 The CISM exam can be taken remotely or at designated testing centers, with remote testing offering more flexibility but requiring a quiet, distraction-free environment.
😀 After passing the exam, CISM professionals have up to 5 years to fulfill all certification requirements, offering flexibility in case of life changes or job rotations.

Q & A

What is the main focus of the CISM certification?
-The CISM certification focuses on developing leadership and management skills in information security, rather than just technical knowledge. It helps professionals manage and assess risks, govern security practices, and align security strategies with broader business goals.
How long has the CISM certification been around, and what is its global recognition?
-The CISM certification has been around for almost 20 years and is globally recognized. It is highly regarded in the information security field and has been awarded the prestigious SC Award for best professional certification program in 2020.
What is the average salary for CISM-certified professionals in the United States?
-CISM-certified professionals in the United States earn an average salary of around $150,000 annually, making it one of the highest-paying certifications in the information security industry.
What are the four key domains covered in the CISM exam?
-The four key domains covered in the CISM exam are: Information Security Governance, Information Security Risk Management, Information Security Program Development and Management, and Information Security Incident Management.
What is the required passing score for the CISM exam?
-The required passing score for the CISM exam is at least 450 on a scale from 200 to 800.
What are the experience requirements for becoming a CISM-certified professional?
-To become CISM-certified, you need at least 5 years of professional experience in Information Security Management, with experience in at least three of the four job practice domains. However, substitutions and waivers for up to 2 years of experience are allowed through other certifications or post-graduate degrees.
Can you take the CISM exam remotely?
-Yes, the CISM exam is available through remote proctoring, allowing candidates to take the exam from home. There is also the option to take the exam at a designated testing center, which is known as on-site testing.
What is required to maintain CISM certification after passing the exam?
-To maintain CISM certification, you must earn at least 20 CPE credits annually and 120 CPE credits over a 3-year certification cycle. You also need to adhere to the ISACA Code of Professional Ethics and report these activities to remain in good standing.
What are some activities that qualify for Continuing Professional Education (CPE) credits?
-Activities that qualify for CPE credits include attending conferences, seminars, and training courses, giving presentations, publishing articles, or even volunteering for professional organizations.
How much time do you have to take the CISM exam after registration?
-After registration, you have up to a year to take the CISM exam, giving you ample time to prepare and schedule according to your availability.