CISM Certification Training | Certified Information Security Manager Course

Select Language

Select Country

ENQUIRE NOW

cism certification

Certified and experienced Subject Matter Experts with experience of conducting over 500 Information Security and CISA/CISM Bootcamps

ISACA-approved and quality assured CISM training material and Exclusive access to Vinsys Learning Labs

Success Ratio close to 97.6% of clearing the exam in the 1st attempt

Flexible training schedules, tailor-made programs, classroom-training in a tech-enabled learning environment, excellent quality study material, practice tests, quality courseware, and more.

Overview Who Should Attend Prerequisite Outline

CISM Certification | Become a Strategic Enterprise Security Leader

The CISM Certification Training Program at Vinsys ensures that you grasp the core theory and principles of Information Security Strategy development and management along with Information Security Governance, and clear the CISM exam in your first attempt. This CISM Certification builds a great base for your future as an Information Security Manager.

ISACAs CISM Certification is largely acknowledged worldwide which can really make your profile visible to organizations all around the world. The CISM Certification is one of the most in-demand accreditations around the globe that not just showcases your proficiency in the area, but also makes you more confident and adept as a team leader.

So, demonstrate your expertise as an Information Security Management professional and be prepared for global opportunities coming your way. Get your tailor-made CISM Certification Training in your city today!

After the completion of the CISM Training Program at Vinsys, the participants would be able to:

Understand, define and design a Security architecture for your organizations IT operations
Develop a working knowledge of the four domains prescribed by

Audience

The CISM Certification course is designed for those with five years of experience in Information Security. It is necessary that candidates should have minimum of three years of actual work experience in the field and in addition, three or more years of experience in Information Security practice analysis areas. Professionals with the following designations who meet ISACA’s criteria may apply for a CISM Certification Training and CISM Exam.

Professionals, Security Consultants/ Managers involved in Information Security Management
IT Directors and IT Managers
Security Auditors and Architects
Security Systems Engineers
Security Analysts
Security Engineers and Specialists
Chief Information Security Officers (CISOs)
Information Security Managers
IS/ IT consultants
Chief Compliance/ Privacy/ Risk Officers

Eligibility Criteria

ISACA has set rules and regulations for experienced security professionals who wish to apply for CISM Certification Training and Exam.

To successfully qualify the CISM Certification, professionals are required to consider and abide by these important four ‘E’ aspects:

Education - The policy of continuing professional education (Please refer to the CPE Policy listed below as per ISACA.)
Experience – Verified experience of a minimum of five years in Information Security with a minimum of three years in Information Security Management, and all of this in at least three of the total four job practice areas.
Ethics - Acknowledgement of ISACA’s Code of Professional Ethics
Exam - CISM Examination

CPE Policy as per ISACA:

The CISM CPE policy requires the attainment of CPE hours over an annual and three-year certification period. CISMs must comply with the following requirements to retain certification:

Attain and report an annual minimum of twenty (20) CPE hours. These hours must be appropriate to the currency or advancement of the CISM’s knowledge or ability to perform CISM-related tasks. The use of these hours towards meeting the CPE requirements for multiple ISACA certifications is permissible when the professional activity is applicable to satisfying the job-related knowledge of each certification.
Submit annual CPE maintenance fees to ISACA International Headquarters in full.
Attain and report a minimum of one hundred and twenty (120) CPE hours for a three-year reporting period.
Submit required documentation of CPE activities if selected for the annual audit.
Comply with ISACA’s Code of Professional Ethics.

Code of Professional Ethics as per ISACA:

ISACA sets forth this Code of Professional Ethics to guide the professional and personal conduct of members of the association and/or its certification holders.

Members and ISACA certification holders shall:

Support the implementation of, and encourage compliance with, appropriate standards and procedures for the effective governance and management of enterprise information systems and technology, including audit, control, security and risk management.
Perform their duties with objectivity, due diligence and professional care, in accordance with professional standards.
Serve in the interest of stakeholders in a lawful manner, while maintaining high standards of conduct and character, and not discrediting their profession or the Association.
Maintain the privacy and confidentiality of information obtained in the course of their activities unless disclosure is required by legal authority. Such information shall not be used for personal benefit or released to inappropriate parties.
Maintain competency in their respective fields and agree to undertake only those activities they can reasonably expect to complete with the necessary skills, knowledge and competence.
Inform appropriate parties of the results of work performed including the disclosure of all significant facts known to them that, if not disclosed, may distort the reporting of the results.
Support the professional education of stakeholders in enhancing their understanding of the governance and management of enterprise information systems and technology, including audit, control, security and risk management.

(Failure to comply with this Code of Professional Ethics and CPE Policy can result in an investigation into a member's or certification holder's conduct and, ultimately, in disciplinary measures.)

Resources: https://www.isaca.org/Certification/CISM-Certified-Information-Security-Manager/Maintain-Your-CISM/Pages/default.aspx

Course Outline

Domain 1: Information Security Governance

1.1 Introduction
1.2 Priorities for the CISM
1.3 Priorities for the CISM Review Questions
1.4 Corporate Governance
1.5 Evaluating the Security Environment
1.6 Information Security Program
1.7 Security Strategy
1.8 Roles and Responsibilities
1.9 Reporting and Compliance
1.10 Code of Ethics

Domain 2: Information Risk Management

2.1 Risk Management
2.2 Risk Identification
2.3 Information Security Program Basics
2.4 Administrative Controls
2.5 Asset Threats and Vulnerabilities
2.6 Risk Register
2.7 Information Security Architecture
2.8 Risk Scenarios
2.9 Risk Assessment
2.10 Risk Analysis Techniques
2.11 BCP and DRP
2.12 Risk Mitigation Reduction and Avoidance
2.13 Risk Mitigation Transference and Acceptance
2.14 Selecting a Mitigation Strategy
2.15 Types of Mitigating Controls
2.16 Risk and Control Monitoring and Reporting
2.17 KRIs
2.18 Tools for Risk Monitoring

Domain 3: Information Security Program Development and Management

3.1 Information Security Program and Development
3.2 Information Security Program Concepts
3.3 Information Security Program Requirements
3.4 Essential Elements of an Information Security Program
3.5 Security Frameworks
3.6 Purpose of Architecture
3.7 Information Security Frameworks
3.8 Security Operations Event Monitoring
3.9 Secure Engineering and Threat Modeling
3.10 Protecting the Network-Segmentation
3.11 Protecting the Network-Wireless Security
3.12 Protecting the Network-Services
3.13 Protecting the Network
3.14 Data and Endpoint Security
3.15 Identity and Access Management
3.16 Third-Party Governance
3.17 Policies Procedures Standards and Guidelines
3.18 Certification and Accreditation

Domain 4: Information Security Incident Management

4.1 BCP (Business Continuity Plan) and DRP (Disaster Recovery Plan)
4.2 Incident Management Processes
4.3 Roles and Responsibilities
4.4 Making the case for incident response
4.5 Developing the Incident Response Plan-Capability Assessment
4.6 Incident Response Planning Processes
4.7 Incident Detection Devices
4.8 BCP introduction and steps
4.9 BIA
4.10 BCP Roles and Responsibilities
4.11 DRP basics
4.12 Revision

Choose Your Preferred Mode

ONLINE TRAINING

Instructor led Online Training
Experienced Subject Matter Experts
Approved and Quality Ensured training Material
24*7 leaner assistance and support

Enroll Now

CORPORATE TRAINING

Customized Training Across Various Domains
Instructor Led Skill Development Program
Ensure Maximum ROI for Corporates
24*7 Learner Assistance and Support

Enroll Now

FAQ’s

What does the CISM Certification stand for?

CISM Certification is an acronym for Certified Information Security Manager.

What is the CISM Certification?

The Certified Information Security Manager (CISM) is an industry-recognized certification. CISM is an asset that will distinguish your profile in the job market and enhance your credibility and effectiveness working in the IT Security domain. CISM is a key certification for information security professionals who manage, design, oversee and assess enterprise information security.

What is the duration of CISM Certification training?

Training duration is 3 days (23 Contact Hours).

Do you provide certificates on successfully completing the course?

Yes, at the end of the program, every participant receives a soft copy of the facilitation course completion certificate on your email which states that you have successfully completed the course.

Where and when are the sessions conducted?

All open house sessions are conducted only on weekends for the convenience of working professionals who wish to attend.

At Vinsys, we create our schedules as per your preferences of location and time. You can put in a request to arrange a training program in your organization and we will be there to provide you with the best corporate training experience of your life!

What are the fees for the CISM Certification Training Course at Vinsys?

At Vinsys, we offer the most cost-effective, professional IT training programs. If you are an individual or a working professional, please do check our updated course calendar for CISM Certification Training Program here.

For our Tailor-made (as per your team’s availability and convenience) and specially scheduled CISM programs, write to us on enquiry@vinsys.com or fill out the inquiry form.

What is included in the CISM Certification Training course fees?

Along with the training sessions, we provide the required course material, a set of practice questions for your exam preparation and access to our tech-enabled Learning Labs to create a dynamic learning experience for you.

What is the CISM Certification Cost?

Following is the CISM Certification cost as per ISACA which may be subject to change. Please get in touch with us for queries.

For Early registration:
ISACA Member: US $525
Non-member: US $710

For Final registration:
ISACA Member: US $575
Non-member: US $760

Who conducts the CISM Certification Training sessions?

Training sessions at Vinsys are conducted by certified experts who have practical working experience as well as training experience. Our facilitators hold 20+ years of experience in Information Security Management and are recognized globally for their expertise in the field of Information Security Management.

What areas are covered in the CISM Certification Training Program?

In this training program, you will gain a thorough understanding of CISM IT Security and Governance including the techniques, frameworks and tools. Grasping the CISM fundamentals will be the perfect foundation for you to work efficiently as an Information Security Manager.

Why choose Vinsys for CISM Certification Training?

Experiential and project-based learning
Guidance from experienced Industry Experts
ISACA approved training organization & examination centre
ISACA approved Quality course material
Post-training support
Professional career consultation, learning and exam guidance, access to learning labs, and more.

What is the format of the CISM Certification Exam?

It is a multiple-choice question exam paper and has 200 questions in it. The duration to solve the paper is 4 hours.

What are the passing marks for the CISM Certification Exam?

Clearing the exam requires you to secure the score of at least 450 marks out of 800, which means the candidates need to achieve at least 65% to pass the exam.

Is CISM Certification Exam a closed book test?

Yes, it is a closed book test.

How is the CISM Certification Exam carried out?

Vinsys follows a high integrity exam procedure wherein everything is supervised by ISACA accredited personnel.

Can I take a paper-based exam for CISM?

No, CISM is a computer-based exam.

What is CISM Exam Cost ?

CISM Exam Cost or CISM Fees details are below

Exam Name	Certified Information Security Manager (CISM)
CISM Exam Cost	For ISACA Members USD 575 and Non-Members USD 760
Exam Format	Multiple Choice
Total Questions	150 Questions
Passing Score	400 out of 800

How often can I re-take the CISM exam? OR Explain CISM exam retake policy?

With the launch of continuous testing exam administration in June 2019, ISACA has implemented the following CISM exam retake policy.

Individuals can take an exam four times in a rolling year (the initial attempt and three retakes - the 365 rolling calendar date is from the date of the first exam attempt).

Please note: Individuals retaking an exam are required to purchase a new exam registration for each exam attempt.

After taking and not passing the exam (attempt 1):

Retake 1 (attempt 2): Customers must wait 30 days from the date of the first attempt
Retake 2, (attempt 3): Customers must wait 90 days after the date of the second attempt
Retake 3 (attempt 4): Customers must wait 90 days after the date of the third attempt
You can learn more about Continuous Testing by downloading the Exam Candidate Guide.
https://www.isaca.org/credentialing/exam-candidate-guides