Certified and experienced Subject Matter Experts with experience of conducting over 500 Information Security and CISA/CISM Bootcamps
ISACA-approved and quality assured CISM training material and Exclusive access to Vinsys Learning Labs
Success Ratio close to 97.6% of clearing the exam in the 1st attempt
Flexible training schedules, tailor-made programs, classroom-training in a tech-enabled learning environment, excellent quality study material, practice tests, quality courseware, and more.
The CISM Certification course is designed for those with five years of experience in Information Security. It is necessary that candidates should have minimum of three years of actual work experience in the field and in addition, three or more years of experience in Information Security practice analysis areas. Professionals with the following designations who meet ISACA’s criteria may apply for a CISM Certification Training and CISM Exam.
- Professionals, Security Consultants/ Managers involved in Information Security Management
- IT Directors and IT Managers
- Security Auditors and Architects
- Security Systems Engineers
- Security Analysts
- Security Engineers and Specialists
- Chief Information Security Officers (CISOs)
- Information Security Managers
- IS/ IT consultants
- Chief Compliance/ Privacy/ Risk Officers
ISACA has set rules and regulations for experienced security professionals who wish to apply for CISM Certification Training and Exam.
To successfully qualify the CISM Certification, professionals are required to consider and abide by these important four ‘E’ aspects:
- Education - The policy of continuing professional education (Please refer to the CPE Policy listed below as per ISACA.)
- Experience – Verified experience of a minimum of five years in Information Security with a minimum of three years in Information Security Management, and all of this in at least three of the total four job practice areas.
- Ethics - Acknowledgement of ISACA’s Code of Professional Ethics
- Exam - CISM Examination
CPE Policy as per ISACA:
The CISM CPE policy requires the attainment of CPE hours over an annual and three-year certification period. CISMs must comply with the following requirements to retain certification:
- Attain and report an annual minimum of twenty (20) CPE hours. These hours must be appropriate to the currency or advancement of the CISM’s knowledge or ability to perform CISM-related tasks. The use of these hours towards meeting the CPE requirements for multiple ISACA certifications is permissible when the professional activity is applicable to satisfying the job-related knowledge of each certification.
- Submit annual CPE maintenance fees to ISACA International Headquarters in full.
- Attain and report a minimum of one hundred and twenty (120) CPE hours for a three-year reporting period.
- Submit required documentation of CPE activities if selected for the annual audit.
- Comply with ISACA’s Code of Professional Ethics.
Code of Professional Ethics as per ISACA:
ISACA sets forth this Code of Professional Ethics to guide the professional and personal conduct of members of the association and/or its certification holders.
Members and ISACA certification holders shall:
- Support the implementation of, and encourage compliance with, appropriate standards and procedures for the effective governance and management of enterprise information systems and technology, including audit, control, security and risk management.
- Perform their duties with objectivity, due diligence and professional care, in accordance with professional standards.
- Serve in the interest of stakeholders in a lawful manner, while maintaining high standards of conduct and character, and not discrediting their profession or the Association.
- Maintain the privacy and confidentiality of information obtained in the course of their activities unless disclosure is required by legal authority. Such information shall not be used for personal benefit or released to inappropriate parties.
- Maintain competency in their respective fields and agree to undertake only those activities they can reasonably expect to complete with the necessary skills, knowledge and competence.
- Inform appropriate parties of the results of work performed including the disclosure of all significant facts known to them that, if not disclosed, may distort the reporting of the results.
- Support the professional education of stakeholders in enhancing their understanding of the governance and management of enterprise information systems and technology, including audit, control, security and risk management.
(Failure to comply with this Code of Professional Ethics and CPE Policy can result in an investigation into a member's or certification holder's conduct and, ultimately, in disciplinary measures.)
Virtual Instructor-Led Training
- Instructor led Online Training
- Experienced Subject Matter Experts
- Approved and Quality Ensured training Material
- 24*7 leaner assistance and support
- 1.1 Introduction
- 1.2 Priorities for the CISM
- 1.3 Priorities for the CISM Review Questions
- 1.4 Corporate Governance
- 1.5 Evaluating the Security Environment
- 1.6 Information Security Program
- 1.7 Security Strategy
- 1.8 Roles and Responsibilities
- 1.9 Reporting and Compliance
- 1.10 Code of Ethics
- 2.1 Risk Management
- 2.2 Risk Identification
- 2.3 Information Security Program Basics
- 2.4 Administrative Controls
- 2.5 Asset Threats and Vulnerabilities
- 2.6 Risk Register
- 2.7 Information Security Architecture
- 2.8 Risk Scenarios
- 2.9 Risk Assessment
- 2.10 Risk Analysis Techniques
- 2.11 BCP and DRP
- 2.12 Risk Mitigation Reduction and Avoidance
- 2.13 Risk Mitigation Transference and Acceptance
- 2.14 Selecting a Mitigation Strategy
- 2.15 Types of Mitigating Controls
- 2.16 Risk and Control Monitoring and Reporting
- 2.17 KRIs
- 2.18 Tools for Risk Monitoring
- 3.1 Information Security Program and Development
- 3.2 Information Security Program Concepts
- 3.3 Information Security Program Requirements
- 3.4 Essential Elements of an Information Security Program
- 3.5 Security Frameworks
- 3.6 Purpose of Architecture
- 3.7 Information Security Frameworks
- 3.8 Security Operations Event Monitoring
- 3.9 Secure Engineering and Threat Modeling
- 3.10 Protecting the Network-Segmentation
- 3.11 Protecting the Network-Wireless Security
- 3.12 Protecting the Network-Services
- 3.13 Protecting the Network
- 3.14 Data and Endpoint Security
- 3.15 Identity and Access Management
- 3.16 Third-Party Governance
- 3.17 Policies Procedures Standards and Guidelines
- 3.18 Certification and Accreditation
- 4.1 BCP (Business Continuity Plan) and DRP (Disaster Recovery Plan)
- 4.2 Incident Management Processes
- 4.3 Roles and Responsibilities
- 4.4 Making the case for incident response
- 4.5 Developing the Incident Response Plan-Capability Assessment
- 4.6 Incident Response Planning Processes
- 4.7 Incident Detection Devices
- 4.8 BCP introduction and steps
- 4.9 BIA
- 4.10 BCP Roles and Responsibilities
- 4.11 DRP basics
- 4.12 Revision
Senior Business Analyst
CISM Certification is an acronym for Certified Information Security Manager.
The Certified Information Security Manager (CISM) is an industry-recognized certification. CISM is an asset that will distinguish your profile in the job market and enhance your credibility and effectiveness working in the IT Security domain. CISM is a key certification for information security professionals who manage, design, oversee and assess enterprise information security.
Training duration is 3 days (23 Contact Hours).
Yes, at the end of the program, every participant receives a soft copy of the facilitation course completion certificate on your email which states that you have successfully completed the course.
All open house sessions are conducted only on weekends for the convenience of working professionals who wish to attend.
At Vinsys, we create our schedules as per your preferences of location and time. You can put in a request to arrange a training program in your organization and we will be there to provide you with the best corporate training experience of your life!
At Vinsys, we offer the most cost-effective, professional IT training programs. If you are an individual or a working professional, please do check our updated course calendar for CISM Certification Training Program here.
For our Tailor-made (as per your team’s availability and convenience) and specially scheduled CISM programs, write to us on firstname.lastname@example.org or fill out the inquiry form.
Along with the training sessions, we provide the required course material, a set of practice questions for your exam preparation and access to our tech-enabled Learning Labs to create a dynamic learning experience for you.
Following is the CISM Certification cost as per ISACA which may be subject to change. Please get in touch with us for queries.
For Early registration:
ISACA Member: US $525
Non-member: US $710
For Final registration:
ISACA Member: US $575
Non-member: US $760
Training sessions at Vinsys are conducted by certified experts who have practical working experience as well as training experience. Our facilitators hold 20+ years of experience in Information Security Management and are recognized globally for their expertise in the field of Information Security Management.
In this training program, you will gain a thorough understanding of CISM IT Security and Governance including the techniques, frameworks and tools. Grasping the CISM fundamentals will be the perfect foundation for you to work efficiently as an Information Security Manager.
- Experiential and project-based learning
- Guidance from experienced Industry Experts
- ISACA approved training organization & examination centre
- ISACA approved Quality course material
- Post-training support
- Professional career consultation, learning and exam guidance, access to learning labs, and more.
It is a multiple-choice question exam paper and has 200 questions in it. The duration to solve the paper is 4 hours.
Clearing the exam requires you to secure the score of at least 450 marks out of 800, which means the candidates need to achieve at least 65% to pass the exam.
Yes, it is a closed book test.
Vinsys follows a high integrity exam procedure wherein everything is supervised by ISACA accredited personnel.
No, CISM is a computer-based exam.
CISM Exam COS Format or CISM Fees details are below
|Exam Name||Certified Information Security Manager (CISM)|
|CISM Exam Cost||For ISACA Members USD 575 and Non-Members USD 760|
|Exam Format||Multiple Choice|
|Total Questions||150 Questions|
|Passing Score||400 out of 800|