1800 419 8722

CISM Course Features/USP/Highlights

Certified and Experienced Instructors

Session recording access

Study materials and exam prep questions

CISM Practice Questions


Target Audience of CISM Certification 


  • IT Managers
  • Cybersecurity Analysts/Consultants


Prerequisites of CISM Certification Training


CISM Exam and Certification information 


The Certified Information Security Manager (CISM) exam consists of 150 questions covering 4 job practice domains, all testing your knowledge and ability on real-life job practices leveraged by expert professionals. 


  • Duration – 4 hours 
  • Questions – 150 MCQ type 
  • Passing score – 450 or above (The exam scores on a scale between 200 and 800) 
  • Exam Location - The PSI testing location is either a testing center or online remoted proctored. 


CISM Certification Journey 



Course Outline

Domain 1: Information Security Governance


  • Organizational Culture 
  • Legal, Regulatory and Contractual Requirements 
  • Organizational Structures, Roles and Responsibilities 


  • Information Security Strategy Development 
  • Information Governance Frameworks and Standards 
  • Strategic Planning (e.g., Budgets, Resources, Business Case) 
Domain 2: Information Security Risk Management


  • Emerging Risk and Threat Landscape 
  • Vulnerability and Control Deficiency Analysis 
  • Risk Assessment and Analysis 


  • Risk Treatment / Risk Response Options 
  • Risk and Control Ownership 
  • Risk Monitoring and Reporting 
Domain 3: Information Security Program


  • Information Security Program Resources (e.g., People, Tools, Technologies) 
  • Information Asset Identification and Classification 
  • Industry Standards and Frameworks for Information Security 
  • Information Security Policies, Procedures and Guidelines 
  • Information Security Program Metrics 


  • Information Security Control Design and Selection 
  • Information Security Control Implementation and Integrations 
  • Information Security Control Testing and Evaluation 
  • Information Security Awareness and Training 
  • Management of External Services (e.g., Providers, Suppliers, Third Parties, Fourth Parties) 
  • Information Security Program Communications and Reporting 
Domain 4: Incident Management


  • Incident Response Plan 
  • Business Impact Analysis (BIA) 
  • Business Continuity Plan (BCP) 
  • Disaster Recovery Plan (DRP) 
  • Incident Classification/Categorization 
  • Incident Management Training, Testing and Evaluation 


  • Incident Management Tools and Techniques 
  • Incident Investigation and Evaluation 
  • Incident Containment Methods 
  • Incident Response Communications (e.g., Reporting, Notification, Escalation) 
  • Incident Eradication and Recovery 
  • Post-Incident Review Practices 

Frequently Asked Questions.

CISM Certification Typically

CISM certification FAQs typically address exam content, eligibility, and career impacts. Candidates inquire about the four domains: information risk management, governance, program development, and incident management. Common questions include the exam format, scoring, and study materials. Eligibility requires five years of work experience in information security management, with possible waivers for some educational achievements. The certification is valuable for advancing careers in IT security management and consulting. Additional FAQs cover registration fees, maintaining certification through continuing professional education (CPE), and the benefits of ISACA membership for resources and networking opportunities.

You offer an exam pass guarantee. How does it work?

Yes, we offer an exam pass guarantee for our CISM Certification training program. Here's how it works: • Attend all training sessions and complete all assigned coursework. • Take the CISM exam within 30 days of completing the training. • If you do not pass the exam on your first attempt, provide us with your exam score report. • We will evaluate your performance and provide personalized support and resources to help you prepare for a second attempt. • If you do not pass the exam on your second attempt, we will refund your course fee or provide additional training at no extra cost, depending on the terms of our guarantee.

What is the structure of the CISM certification exam?

The CISM (Certified Information Security Manager) exam consists of 150 multiple-choice questions. These questions are divided into four domains: • Information Security Governance (24%) • Information Risk Management (30%) • Information Security Program Development and Management (27%) • Information Security Incident Management (19%) Candidates have four hours to complete the exam.

What certification will I receive after completing the training?

• Upon successfully completing the CISM (Certified Information Security Manager) training and passing the CISM exam, you will receive the CISM certification. • The CISM certification is globally recognized and demonstrates your expertise in information security management, governance, and risk assessment. • It signifies your ability to design, implement, and manage effective information security programs that align with organizational goals and objectives. • The CISM certification enhances your credibility and career prospects in roles such as Information Security Manager, Security Consultant, Chief Information Security Officer (CISO), and other senior-level positions in the field of information security.

What is the date of the next CISM exam?

The specific dates for the CISM (Certified Information Security Manager) exam vary each year, as it is typically offered multiple times throughout the year by ISACA (Information Systems Audit and Control Association). ISACA generally schedules exams in June, September, and December, with specific dates subject to change. To determine the exact date of the next CISM exam, it's recommended to visit the ISACA website or contact your local ISACA chapter for the most up-to-date information on exam dates, registration deadlines, and any other relevant details regarding the exam administration process.

Can I defer my exam?

Yes, ISACA (Information Systems Audit and Control Association) allows candidates to defer their CISM (Certified Information Security Manager) exam registration to a future exam date. • However, there may be specific guidelines and deadlines for deferring an exam, and it typically incurs an administrative fee. • Candidates should review the ISACA exam deferral policy and procedures provided on the ISACA website or contact ISACA directly for assistance with deferring their exam registration. • It's essential to plan and communicate any changes to exam registration well in advance to avoid potential issues or penalties.

Do you provide assistance for the exam application process?

Yes, we offer assistance for the CISM (Certified Information Security Manager) exam application process. • Our support team can guide you through the exam application process, including registration on the ISACA (Information Systems Audit and Control Association) website, payment of exam fees, and scheduling your exam. • We provide resources and instructions to help you navigate the application process smoothly and efficiently. • Additionally, our team is available to address any questions or concerns you may have regarding exam eligibility, requirements, or documentation. • Contact us for personalized assistance with your CISM exam application.

Student feedback

Course Rating

Write a Review

What is the experience of taking a course like?