{"id":20027,"date":"2018-06-08T15:50:36","date_gmt":"2018-06-08T20:50:36","guid":{"rendered":"http:\/\/www.kaptest.com\/blog\/prep\/?p=20027"},"modified":"2020-09-11T20:42:00","modified_gmt":"2020-09-11T20:42:00","slug":"what-is-the-cism-certification","status":"publish","type":"post","link":"https:\/\/wpapp.kaptest.com\/study\/cybersecurity\/what-is-the-cism-certification\/","title":{"rendered":"What is the CISM Certification?"},"content":{"rendered":"<p><span style=\"font-weight: 400\">CISM, which stands for Certified Information Security Manager, is a certification provided by ISACA (Information Systems Council Audit and Control Association) that indicates the ability of an individual to merge information security with the business goals of a company. It emphasizes how management skills relate to IT security. It\u2019s perfect for anyone in the infosec with an interest in the managerial aspects of information security, as opposed to the technical aspects. This could include IT managers, consultants, auditors, and any chief financial officer, as well as anyone hoping to attain one of these positions in the future.<\/span><br \/>\n&nbsp;<br \/>\n<div  style='padding-bottom:10px; ' class='av-special-heading av-special-heading-h3    avia-builder-el-0  el_before_av_heading  avia-builder-el-first  '><h3 class='av-special-heading-tag '  itemprop=\"headline\"  >Why Become a CISM?<\/h3><div class='special-heading-border'><div class='special-heading-inner-border' ><\/div><\/div><\/div><br \/>\n<span style=\"font-weight: 400\">There are a few key reasons why it\u2019s worth it to become a CISM if you\u2019re involved or want to be involved in the information security programs of a country. <\/span><i><span style=\"font-weight: 400\">First, <\/span><\/i><span style=\"font-weight: 400\">it gives you a foundational knowledge of ITS and managerial concepts. <\/span><i><span style=\"font-weight: 400\">Second<\/span><\/i><span style=\"font-weight: 400\">, it often comes with a pay raise. According to <\/span><a href=\"http:\/\/certmag.com\/salary-survey-plus-cybersecurity-certs-big-money\/\"><span style=\"font-weight: 400\">Certification Magazine\u2019s most recent data<\/span><\/a><span style=\"font-weight: 400\">, the average pay for a CISM is $127,063, at the top of a list of 163 different security certifications. <\/span><i><span style=\"font-weight: 400\">Third<\/span><\/i><span style=\"font-weight: 400\">, employers love it&#8211; and for good reason:<\/span><\/p>\n<ul>\n<li>It\u2019s a good way to screen potential employees. If someone is a CISM, it generally means that they have the foundational knowledge to make smart information security and managerial decisions.<\/li>\n<li><span style=\"font-weight: 400\">Having CISMs on board lends security credibility to the company.<\/span><\/li>\n<li><span style=\"font-weight: 400\">CISMs are able to assess company practices and policies and make changes that lead to more secure information practices.<\/span><\/li>\n<li><span style=\"font-weight: 400\">It leads to customer retention because having CISMs as part of the team demonstrates real commitment to security.<\/span><\/li>\n<\/ul>\n<p><div  style='padding-bottom:10px; ' class='av-special-heading av-special-heading-h3    avia-builder-el-1  el_after_av_heading  el_before_av_heading  '><h3 class='av-special-heading-tag '  itemprop=\"headline\"  >How do You Become a CISM?<\/h3><div class='special-heading-border'><div class='special-heading-inner-border' ><\/div><\/div><\/div><br \/>\nThere are four main steps to becoming a CISM: the CISM exam, work experience, agreement to a code of ethics, and continuing education.<br \/>\n<div  style='padding-bottom:10px; ' class='av-special-heading av-special-heading-h4    avia-builder-el-2  el_after_av_heading  el_before_av_promobox  '><h4 class='av-special-heading-tag '  itemprop=\"headline\"  >The CISM Exam<\/h4><div class='special-heading-border'><div class='special-heading-inner-border' ><\/div><\/div><\/div><br \/>\n<span style=\"font-weight: 400\">The CISM Exam consists of 150 multiple-choice questions covering the following topics: <\/span><\/p>\n<ul>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Information Security Governance<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Information Risk Management<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Information Security Program Development and Management<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Information Security Incident Management<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400\">You have 4 hours to take the exam, and in order to pass you have to earn a score of at least 450 out of 800. Click here f<\/span><span style=\"font-weight: 400\">or <a title=\"CISM exam prep\" href=\"https:\/\/www.cybervista.net\/certify\/cism\/?utm_source=kaptest&amp;utm_medium=web\">CISM exam prep options<\/a>.<\/span><br \/>\n\t<div   class='av_promobox  avia-button-yes   avia-builder-el-3  el_after_av_heading  el_before_av_heading '>\t\t<div class='avia-promocontent'><p>\nTo learn more about the anatomy of the CISM exam, download this comprehensive guide to the exam. It includes info about the exam structure, content, application process, and general reasons as to why you should consider getting this in-demand certification.<\/p>\n<\/div><div  class='avia-button-wrap avia-button-right ' ><a href='https:\/\/start.cybervista.net\/cism-anatomy-guide-download?utm_source=kaptest&amp;utm_medium=web'  class='avia-button  avia-color-theme-color   avia-icon_select-no avia-size-large avia-position-right '   ><span class='avia_iconbox_title' >Free Guide<\/span><\/a><\/div><\/div><br \/>\n<div  style='padding-bottom:10px; ' class='av-special-heading av-special-heading-h4    avia-builder-el-4  el_after_av_promobox  el_before_av_heading  '><h4 class='av-special-heading-tag '  itemprop=\"headline\"  >Work Experience<\/h4><div class='special-heading-border'><div class='special-heading-inner-border' ><\/div><\/div><\/div><br \/>\n<span style=\"font-weight: 400\">In order to become a CISM, you have to report at least five years of work experience in the information securities field. Three of these years have to span three of the following job practice areas, which you\u2019ll notice are the same as the CISM exam topics: <\/span><\/p>\n<ul>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Information Security Governance<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Information Risk Management<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Information Security Program Development and Management<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Information Security Incident Management<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400\">These five years of job experience have to come either in the ten years before you take the CISM exam, or within five years after you take the exam. <\/span><br \/>\n<div  style='padding-bottom:10px; ' class='av-special-heading av-special-heading-h4    avia-builder-el-5  el_after_av_heading  el_before_av_heading  '><h4 class='av-special-heading-tag '  itemprop=\"headline\"  >Code of Ethics<\/h4><div class='special-heading-border'><div class='special-heading-inner-border' ><\/div><\/div><\/div><br \/>\nISACA provides a strict <a title=\"CISM code of ethics\" href=\"http:\/\/www.isaca.org\/Certification\/Code-of-Professional-Ethics\/Pages\/default.aspx\">CISM code of ethics<\/a> that CISMs are expected to follow.<br \/>\n<div  style='padding-bottom:10px; ' class='av-special-heading av-special-heading-h4    avia-builder-el-6  el_after_av_heading  el_before_av_promobox  '><h4 class='av-special-heading-tag '  itemprop=\"headline\"  >Continuing Education<\/h4><div class='special-heading-border'><div class='special-heading-inner-border' ><\/div><\/div><\/div><br \/>\n<span style=\"font-weight: 400\">To ensure that CISMs are up to date with the latest technology, security practices, etc., ISACA requires CISMs to complete a certain number of continuing education hours every year. This allows the ISACA to make sure that their certifications are producing qualified CPEs.<\/span><br \/>\n<span style=\"font-weight: 400\">Once you\u2019re certified, in order to maintain your CISM you have to attain and report a minimum of 120 CISM continuing education hours within three years, starting on 1 January after your certification. Additionally, every year following these three years CISMs have to attain and report at least 20 CISM continuing education hours, counting from 1 January, and pay an annual maintenance fee.<\/span><br \/>\n<span style=\"font-weight: 400\">ISACA says of these continuing education hours, \u201c<\/span><span style=\"font-weight: 400\">This training must be directly applicable to the management, design or assessment of an enterprise\u2019s information security or the improvement of those skills.\u201d <\/span><span style=\"font-weight: 400\">These continuing education hours can come in a number of forms, but a few examples are as follows: <\/span><\/p>\n<ul>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">ISACA-sponsored conferences and courses <\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">University or self-paced courses relating to the management of security information systems<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Publication of articles or books in this field<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Exam question development or review<\/span><\/li>\n<\/ul>\n\t<div   class='av_promobox  avia-button-yes   avia-builder-el-7  el_after_av_heading  avia-builder-el-last '>\t\t<div class='avia-promocontent'><p>\nFor more information about the CISM exam, click here!<\/p>\n<\/div><div  class='avia-button-wrap avia-button-right ' ><a href='https:\/\/www.kaptest.com\/study\/cybersecurity\/whats-tested-on-the-cism-exam\/'  class='avia-button  avia-color-theme-color   avia-icon_select-no avia-size-large avia-position-right '   ><span class='avia_iconbox_title' >What is Tested on the CISM Exam?<\/span><\/a><\/div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>CISM, which stands for Certified Information Security Manager, is a certification provided by ISACA (Information Systems Council Audit and Control Association) that indicates the ability of an individual to merge information security with the business goals of a company. It emphasizes how management skills relate to IT security. It\u2019s perfect for anyone in the infosec [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":28694,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[421],"tags":[420],"_links":{"self":[{"href":"https:\/\/wpapp.kaptest.com\/study\/wp-json\/wp\/v2\/posts\/20027"}],"collection":[{"href":"https:\/\/wpapp.kaptest.com\/study\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wpapp.kaptest.com\/study\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wpapp.kaptest.com\/study\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/wpapp.kaptest.com\/study\/wp-json\/wp\/v2\/comments?post=20027"}],"version-history":[{"count":2,"href":"https:\/\/wpapp.kaptest.com\/study\/wp-json\/wp\/v2\/posts\/20027\/revisions"}],"predecessor-version":[{"id":35567,"href":"https:\/\/wpapp.kaptest.com\/study\/wp-json\/wp\/v2\/posts\/20027\/revisions\/35567"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/wpapp.kaptest.com\/study\/wp-json\/wp\/v2\/media\/28694"}],"wp:attachment":[{"href":"https:\/\/wpapp.kaptest.com\/study\/wp-json\/wp\/v2\/media?parent=20027"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wpapp.kaptest.com\/study\/wp-json\/wp\/v2\/categories?post=20027"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wpapp.kaptest.com\/study\/wp-json\/wp\/v2\/tags?post=20027"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}