| VERY USEFUL |
| COMMUNICATE |
| FREE STUFF |
Certified Information Systems Security Manager
| 
| 
The management-focused CISM is a unique certification for individuals who design, build and manage enterprise information security programs. The CISM certification promotes international practices and individuals earning the CISM become part of an elite peer network, attaining a one-of-a-kind credential.
The CISM certification program is developed specifically for experienced information security managers and those who have information security management responsibilities.
The CISM Certification Committee oversees the development of the exam and ensures the currency of its content. Questions for the CISM exam are developed through a comprehensive process designed to ensure the ultimate quality of the exam. The process includes a Test Enhancement Subcommittee (TES) that works with item writers to develop and review questions before they are submitted to the CISM Certification Committee for review.
A job practice serves as the basis for the exam and the experience requirements to earn the CISM certification. This job practice is periodically updated and consists of five content areas (domains). The domains and the accompanying tasks and knowledge statements were the result of extensive research and feedback from subject matter experts around the world.
The tasks and knowledge statements depict the tasks performed by CISMs and the knowledge required to perform these tasks. Exam candidates will be tested based on their practical knowledge associated with performing these tasks.
The current job practice analysis contains the following domains and percentages:
- Information Security Governance (23%)
- Information Risk Management (22%)
- Information Security Program Development (17%)
- Information Security Program Management (24%)
- Incident Management and Response (14%)
