Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.


Certified Information Security Manager (CISM)

via Cybrary


The CISM certification by ISACA was uniquely designed for information security management. This certification ensures that global cybersecurity and information assurance managers are equipped to prepare their organization with security and assurance best practices throughout all reaches of the organization that interact with any data systems. The CISM is ANSI accredited and has a global position as a leader in the field of information assurance management. ISACA intentionally limits the CISM certification to specific date ranges and certain locations per year. This helps to protect the certification's exclusivity.

More information about the CISM certification and exam can be found on the ISACA website.

In this CISM online training, you will be prepared by a popular subject matter expert instructor,Kelly Handerhan, to understand the core concepts and prepare for the CISM certification exam. This online course assures that you have experience in the field of information assurance management. It is designed for management-level security professionals or people with experience in the CISM job practice areas.

About Our CISM Online Training

The Certified Information Security Manager is a highly coveted certification within the IT field and can often bring higher pay and faster advancement within an organization. The CISM develops, manages, and oversees information security systems and is responsible for developing an enterprise's information security strategy.

Cybrary's CISM course is a great fit for IT and cybersecurity professionals looking to move up in their organization and advance their careers to a more managerial position and/or current CISM professionals looking to learn about the latest trends in the IT industry.

Key topics in our online CISM training course include:

  • Information Security Governance
  • Information Risk Management and Compliance
  • Information Security Program Development and Management
  • Information Security Incident Management

CEU / CPE: 10 Total Clock Hours: 7 hrs, 9 min

What Does the CISM Online Training Course Entail?

The Certified Information Security Manager (CISM) online training course prepares students for certification to become a CISM, which is a highly-regarded credential in the IT industry. With the certification, employees often earn a higher salary and have more opportunities for career advancement within their organizations.

Once completed, you will have all the tools and knowledge to successfully pass the CISM certification examination, which ensures that you will be equipped to provide your company with security and assurance best practices in all areas of the business that involve data systems.

This course is taught by a subject matter expert instructor who will teach you how to become a management-level security professional. You will receive a Certificate of Completion upon finishing the training course.

All of our courses are online and self-paced, allowing you to practice and work on your CISM exam prep on your own schedule. You can learn the skills needed for CISM certification anytime and anywhere you have an Internet connection.

What are the Prerequisites for the CISM Training?

While there are not any prerequisites for the CISM training, it is required that you have five years of security experience and the appropriate education to obtain CISM certification. The five years must include at least three years of information security management work experience in three or more job practice analysis areas. It is also required that you agree to the CISM Code of Professional Ethics.

Who Should Take this CISM Course?

The CISM online class is designed for professionals like network engineers, network administrators, IT auditors, IT managers, and any other individuals in the information technology field who want to learn more about the information security management framework. Advance your career in IT security by earning a CISM certification.

What Does someone who is CISM certified do?

Many corporations and government agencies now require that their information security and information technology professionals have a CISM certification. Ultimately, someone who is CISM certified is responsible for ensuring that the organization's information security strategies are aligned with the business objectives. Certified Information Security Managers are often required to:

  • Provide guidance, leadership, and training to information security employees
  • Review, implement, document, and update policies and procedures related to information security for the organization
  • Manage security incidents and lead the incident response
  • Manage security audits and threat and vulnerability assessments
  • Direct responses to any network or system intrusions
  • Ensure that all legal and contractual information security is compliant with rules and regulations and communicating with executive management via compliance reports and audit findings
  • Detecting and preventing intrusion
  • Implement and manage strategies to protect network security overall
  • Manage the information security team and their everyday job expectations
  • Evaluate costs and budget for technology changes
  • Hire new staff and obtain new resources for future technology requirements and projects

Specific responsibilities may differ depending upon the organization, its size, and its security needs.

What Is Involved in the CISM Exam?

The CISM certification exam is offered by the Information Systems Audit and Control Association (ISACA) in three testing windows throughout the year. Candidates for certification must prove at least five years of applicable work experience within the last 10 years (you can view exceptions for work experience on the ISACA website).

The four-hour-long exam consists of 150 questions about the four CISM domains:

  1. Information Security Governance
  2. Information Risk Management and Compliance
  3. Information Security Program Development and Management
  4. Information Security Incident Management

To successfully pass the CISM exam, you must score at least 450 on a 200-800 point scale. This is not a percentage or numeric percentage; the score is a conversion of your raw score to a common scale.

Once you have passed the CISM exam, you can apply for certification if all other requirements are met. Your certification is valid for three years and can be renewed through Continuing Professional Education (CPE) credits.


  • Introduction
    • Is CISM for me
    • Welcome and Intro
  • Information Security Governance
    • Introduction
    • Priorities for the CISM
    • Priorities for the CISM Part 2
    • Priorities for the CISM Review Questions
    • Corporate Governance
    • Evaluating the Security Environment
    • Information Security Program
    • Security Strategy
    • Roles and Responsibilities
    • Reporting and Compliance
    • Code of Ethics
    • Summary and Review
  • Information Risk Management and Compliance
    • Risk Management Intro
    • Risk Identification
    • Information Security Program Basics
    • Administrative Controls
    • Asset Threats and Vulnerabilities
    • Risk Register
    • Frameworks
    • Information Security Architecture
    • Risk Scenarios
    • Risk Scenarios Continued
    • Risk Assessment Introduction
    • Examples of Risk Analysis Techniques
    • Risk Assessment
    • BCP and DRP
    • Creation of BCP and DRP
    • Risk Mitigation Reduction and Avoidance
    • Risk Mitigation Transference and Acceptance
    • Selecting a Mitigation Strategy
    • Types of Mitigating Controls
    • Risk and Control Monitoring and Reporting
    • KRI's
    • Tools for Risk Monitoring
  • Information Security Program Development and Management
    • Information Security Program and Development
    • Information Security Program Concepts
    • Information Security Program Requirements
    • Essential Elements of an Information Security Program
    • Security Frameworks
    • Purpose of Architecture
    • Information Security Frameworks
    • Security Operations Event Monitoring
    • Secure Engineering and Threat Modeling
    • Protecting the Network-Segmentation
    • Protecting the Network-Wireless Security
    • Protecting the Network-Services
    • Protecting the Network through Detection and Network Access Control
    • Data and Endpoint Security
    • Identity and Access Management
    • Third Party Governance
    • Policies Procedures Standards and Guidelines
    • Certification and Accreditation
    • Domain 3 Wrap-up
  • Information Security Incident Management
    • BCP and DRP
    • Incident Management Processes
    • Roles and Responsibilities
    • Making the case for incident response
    • Developing the Incident Response Plan-Capability Assessment
    • Incident Response Planning Processes
    • Incident Detection Devices
    • BCP steps
    • BCP Intro
    • BCP Step 1
    • Business Impact Analysis Step 2
    • BCP Step 3
    • BCP Step 4
    • Analyze and Update a Company BCP/BIA/DRP/CIRP
    • BCP Roles and Responsibilities
    • BCP subplans
    • Testing the Plan
    • ISACA CISM - Certified Information Security Manager

Taught by

Kelly Handerhan


4.0 rating, based on 1 Class Central review

Start your review of Certified Information Security Manager (CISM)

  • Gilberto Antonio
    Was very great to participate in this course, will help me to understand some security issues happening in my organization,
    Now, Iam ability to understand and make part of all cycle life’s process to information security in my organization.

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.