Certified Information Security Manager, CISM®

  • Home
  • /
  • Courses
  • /
  • Certified Information Security Manager, CISM®
Private in-house training
Apart from public, instructor-led classes, we also offer private in-house trainings for organizations based on their needs. Call us at +852 2116 3328 or email us at [email protected] for more details.
About the Certification
  • Awarded by Information Systems Audit and Control Association (ISACA)
  • Designed for those who manage, design, oversee and assess an enterprise’s information security function
  • Official Website: http://www.isaca.org/
Training Outlines
  • Domain 1 — Information Security Governance (17%)
  • Domain 2 — Information Risk Management (20%)
  • Domain 3 — Information Security Program Development and Management (33%)
  • Domain 4 — Information Security Incident Management (30%)
Training Highlights
  • 21-hour intensive examination preparation workshop
  • Conducted by renowned, experienced industrial expert
  • Real case study will be adopted with experience sharing
  • Eligible for 21 units of PDU / CPE
Examination Highlights
  • The CISM® exam is based on 200 questions and the maximum allotted time for candidates to complete it is 4 hours
  • CISM® uses what is known as a 800-point maximum scale, with scaled score of 450 being the lowest passing score
Chartered Requirements
  • Pass the CISM® examination
  • Five (5) or more years of experience in information security management. Experience waivers are available for a maximum of two (2) years
  • After passing the exam, candidates require to pay the US$50 application processing fee
  • CISM Chartered holders need to pay annual maintenance fee of US$45 for ISACA members and US$85 for ISACA non-member
  • Recertification is required every three years. CISM® Charter holders are required to earn 120 Continuing Professional Education (CPE) credits every 3 years, with a minimum 20CPEs earned each year after certification
  • More details: https://www.isaca.org/credentialing/cism/get-cism-certified


  • Experiences in providing regulatory compliance, internal control, incident assessment and IT risk and security consultation services for numerous local and international financial institutions
  • Act as Technology Risk and Assurance leader in government authority and providing regulatory and supervisory services
  • Collaborating with the banking industry and other organizations (such as SFC and IA) in various technology risk management or fintech initiatives

Search for a course