Certified Information Security Manager April 15 - 26, 2024

CISM certification indicates expertise in information security governance, program development and management, incident management and risk management. The CISM certification promotes international practices and validates your knowledge and experience around effective security management and consulting. The four CISM domains include:

Security governance: To effectively address the challenges of protecting an organization’s assets, senior management must define the desired outcomes of the information security program.

Risk management: Asset classification and valuation is an essential part of an effective risk management program — the greater the value, the greater the impact, the greater the risk.

Information security program development and management: The purpose of this area is to implement management’s governance strategy — the “due diligence” and “due care” of protecting the corporation’s assets.

Information security incident management: This area focuses on effectively managing unexpected (and expected) events, which may or may not be disruptive, and can be summed up in five words: identify, protect, detect, respond and recover.