This document provides information about the Certified Information Security Manager (CISM) certification. It discusses what a CISM is, the benefits of becoming certified, where CISM professionals work, what makes the CISM unique, its target market, the job practice areas covered, and how to prepare and study for the certification exam. The CISM certification demonstrates expertise in managing information security programs and applying security best practices. It is intended for those who design, implement, and manage enterprise security programs.
3. What is a CISM?
• Demonstrate your information
security management expertise.
The uniquely management-
focused CISM certification
promotes international security
practices and recognizes the
individual who manages designs,
and oversees and assesses an
enterprise’s information security.
4. What is a CISM?
(continued)
• Demonstrates your understanding of the relationship between an
information security program and broader business goals and objectives
• Distinguishes you as having not only information security expertise, but
also knowledge and experience in the development and management of
an information security program
• Puts you in an elite peer network
• Is considered essential to ongoing education, career progression and value
delivery to enterprises.
5. Why Become a CISM?
Enhanced Knowledge and Skills
• To demonstrate your willingness to improve your technical
knowledge and skills
Career Advancement
• To demonstrate to management your commitment toward
organizational excellence
• To obtain credentials that employers seek
• To enhance your professional image
Worldwide Recognition
• To be included with other professionals who have gained
worldwide recognition
6. CISM in the Workplace
• Almost 700 are employed in organizations as the CEO, CFO or equivalent
executive position.
• More than 200 serve as chief audit executives, audit partners or audit
heads.
• Over 2,000 serve as CIOs, CISOs, or chief compliance, risk or privacy
officers.
• More than 7,100 are employed as security directors, managers or
consultants and related staff.
• Over 3,000 are employed as IT directors, managers, consultants and
related staff.
• Nearly 2,300 serve as audit directors, managers or consultants and related
staff.
• More than 2,400 are employed in managerial, consulting or related
positions in IT operations or compliance.
7. CISM Uniqueness
What makes CISM unique?
• Designed exclusively for information security managers
• Criteria and exam developed from job practice analysis
validated by information security managers
• Experience requirement includes information security
management
8. CISM Target Market
What is the CISM Target Market?
• Individuals who design, implement and manage an
enterprise’s information security program
– Security managers
– Security directors
– Security officers
– Security consultants
9. CISM Job Practice
(Effective June 2012)
1. Information Security Governance (24%) - Establish and maintain an information
security governance framework and supporting processes to ensure that the
information security strategy is aligned with organizational goals and objectives,
information risk is managed appropriately and program resources are managed
responsibly.
2. Information Risk Management and Compliance (33%) - Manage information risk to an
acceptable level to meet the business and compliance requirements of the
organization.
3. Information Security Program Development and Management (25%) – Establish and
manage the information security program in alignment with the information security
strategy.
4. Information Security Incident Management (18%) – Plan, establish and manage the
capability to detect, investigate, respond to and recover from information security
incidents to minimize business impact.
For more details visit www.isaca.org/cismjobpractice
11. How to Develop a
CISM Study Plan
A proper study plan consists of several steps:
Self-appraisal
Determination of the type of study program
Having an adequate amount of time to prepare
Maintaining momentum
Readiness review
Become involved in your local chapter and explore
networking opportunities and study groups.
12. How to Study for
the Exam
• Read the Candidate’s Guide thoroughly
• Study the review Manual
• Work through the Review Questions, Answers &
Explanations Manual, Supplement and CD
• Participate in an ISACA Chapter Review Course
• Read literature in areas where you need to strengthen
skills
• Join or organize study groups
13. Ačiū už dėmesį!
Daugiau informacijos apie organizuojamus ISACA sertifikacijų mokymus rasite
www.bka.lt
Susisiekite telefonu 8 5 2780502 arba el.paštu mokymai@bka.lt