In this video, Marc Menninger describes the CISM certification. Learn how this certification can be important to your IT security career. Discover topics you can expect to see on the exam and if there are any experience requirements to take it. Explore which jobs often require the CISM certification and resources to help you prepare for it.
- [Instructor] The Certified Information Systems Manager, or CISM certification, offered by ISACA validates your knowledge of IT security management principles. You will be tested on your understanding of how to manage, design, oversee, and assess an organization's information security program. The CISM is an advanced certification for experienced IT security professionals. In order to take the exam you need to have five years of information security work experience with a minimum of three years of information security management work experience.
Your work experience must be gained within ten years prior to applying for the CISM certification or within five years of passing the exam. A waiver for up to three years of the work experience requirement is available based on previous employment or educational history. Topics you can expect to see on the exam include Information security governance, Information risk management and compliance, Information security program development and management, and Information security incident management.
IT security job listings that often require the CISM certification include IT security managers, directors, consultants, auditors, architects, and engineers. All the resources you need to study for the CISM are available from the ISACA website. The CISM Review Manual is the official ISACA reference manual for the exam. CISM Review Questions, Answers & Explanations is a collection of 950 exam questions.
And the CISM exam study community gives you the chance to study with other security professionals preparing for the exam. For links to these resources and other related information please see the handout for this video. Once you have the CISM certification, it's valid for three years. You can retain it for longer by obtaining 120 CPEs every three years. Check the ISACA website for more details about getting CPEs. Getting the CISM certification is great for aspiring IT security managers and other security professionals who want to demonstrate their ability to manage information security programs.
Marc closes with a few pieces of career advice specific to the world of information security, which will help you succeed in this dynamic and high-demand industry.
- IT security key concepts
- The job marketplace (government vs. healthcare, etc.)
- IT security success traits
- Career specializations
- IT security certifications
- Getting experience
- Marketing yourself