ISACA CISM Exam Prep

Provided by

Overview

This official ISACA Certified Information Security Manager (CISM) self-study e-learning course is designed to develop expertise in information security governance, risk management, program development, and incident management. Recognised globally, CISM certification demonstrates a deep understanding of security operations, compliance, and enterprise-wide security strategy.

Learners must book onto the QA ISACA CISM Exam Prep event to receive access to the e-learning materials. Within 48 hours of booking, they will receive 12 months of digital courseware, study resources, and an official ISACA CISM exam voucher. Attendance at the instructor-led event is not mandatory, but booking is required. Learners have the flexibility to reschedule their prep event if needed.

These monthly sessions, hosted by an ISACA-authorised instructor, provide guidance on study techniques, navigation of ISACA;s learning platform, and exam preparation strategies.

CISM is a DoD 8570 Baseline Certification and meets DoD 8140/8570 training requirements, making it highly valuable for professionals in cybersecurity and risk management roles.

+

Prerequisites

There are no formal prerequisites for taking this course. However, to obtain CISM certification, learners must:
  • Pass the CISM examination
  • Submit a certification application and pay a $50 ISACA application fee
  • Adhere to ISACA;s Code of Professional Ethics
  • Commit to Continuing Professional Education (CPE) requirements
  • Comply with ISACA;s Information Security Standards
The CISM exam is open to anyone interested in information security, but certification requires at least five years of professional experience in information systems security, auditing, or risk management.
Target audience

This course is ideal for professionals looking to advance their careers in information security, governance, and risk management. Suitable roles include:
  • Information security managers
  • IT security professionals
  • Security consultants and auditors
  • Cybersecurity officers and risk managers
  • Compliance and governance professionals
+

Delegates will learn how to

By completing this course, learners will be able to:
  • Understand the principles of information security governance and compliance
  • Implement risk management frameworks and security controls
  • Develop and manage enterprise security programs
  • Establish effective incident management and response strategies
  • Align security programs with organisational goals and business objectives
+

Outline

Introduction to Certified Information Security Manager (CISM)
  • Course objectives and expectations
  • Understanding information security fundamentals
  • Goals and principles of information security
Domain 1: Information security governance (17%)
  • Introduction to information security governance
  • Developing an effective security governance framework
  • Managing third-party security relationships
  • Defining security strategy, metrics, and compliance requirements
  • Aligning security governance with business objectives
Domain 2: Information risk management and compliance (20%)
  • Risk management principles and frameworks
  • Conducting risk assessments and impact analysis
  • Asset classification and valuation
  • Security control baselines and compliance requirements
  • Implementing risk monitoring and mitigation strategies
  • Security awareness training and documentation
Domain 3: Information security program development and management (33%)
  • Developing a comprehensive security program
  • Establishing security program objectives and frameworks
  • Integrating security controls and enterprise architecture
  • Managing security operations and compliance
  • Measuring security performance and operational effectiveness
  • Addressing common security program challenges
Domain 4: Information security incident management (30%)
  • Incident response planning and execution
  • Defining incident management procedures and objectives
  • Business continuity and disaster recovery planning
  • Investigating and reporting security incidents
  • Legal and regulatory considerations
  • Adhering to the ISACA Code of Professional Ethics
Exams and assessments

This course includes an online ISACA CISM exam voucher. Learners will complete the exam independently and must meet ISACA;s certification requirements for official accreditation.

+

Related article

The Cyber Pulse is QA's new portal to free Cyber content, including on-demand webinars, articles written by leading experts,