Certified Information Security Manager [CISM] is a certification meant for professionals involved in IT security management and governance. The certification is offered by Information Systems Council Audit and Control Association [ISACA], a global organization involved in imparting the best practice for information systems management. Earning of CISM credential leads to career advancement because the CISM is ranked as one of the sought after IT certifications with the highest pay scale. The certification is accredited by the ISO/IEC 17024:2003 and promotes the best international security practices and provides recognition for the concerned individual. Let us investigate more about this certification and know its benefits, exam details, and pay scale.


Benefits of CISM Certification:

  • It enables the professionals to develop and manage the Information Security Program.
  • Moreover, the professionals can customize the practices specific to a company.
  • The professionals can work anywhere across the globe as it is recognized by multinational clients and organization.
  • The firm hiring the professionals' gains and retains more customers owing to the deployment of the stringent security system.

Why Employers seek CISMs?

The employers at enterprises and the government agencies are behind CISMs and expect their existing professionals to hold the certification because the CISM employees are able to

  • Identify the critical issues and customize the practices that are specific to the company
  • Bring credibility to the organization as you can support and govern the information security
  • Demonstrate to the customers about the company’s commitment to security, and integrity
  • Contribute to compliance issues and attract customers and retain existing customers as well
  • Enhance the organization’s security program and related objectives

Exam Details of CISM:

CISM Exam envelopes 4 Information Security Management Areas recognized as domains.

  • Domain 1: Information Security Governance (24%)
  • Domain 2: Information Risk Management (30%)
  • Domain 3: Information Security Program Development and Management (27%)
  • Domain 4: Information Security Incident Management (19%)

Exam Hours: The duration of exam is about 4 hours comprising of 150 multiple-choice questions.

Exam Score: As per the rules, the candidate must receive a scaled score of 450 or higher to pass the exam

Uniqueness of CISM Certification

It directly caters to the job profile of the Information Security Manager.

Eligibility to take CISM exam:

The professionals who are in the realm of service as mentioned below are eligible to take the exam.

  • IS/IT Auditor
  • IS/IT Consultants
  • IS/IT Audit Managers
  • Security Professionals
  • Non-IT Auditors

Applying for the Exam:

The latest news about CISM exam is available on the official website. The exam registration dates, latest criteria, prerequisites, and all necessary details for registration, the creation of the account, or availing of student membership is available on the site.

Renewal of CISM Certification:

The certification could be renewed by submitting the required CPE hours and specified fees.


CISM is the most sought-after IT credential as the course is designed according to the job profile of the Information Security Manager. It is one of the highest paying IT certifications.The median salary for CISM is Rs 1,546,786 [Source: PayScale]The differentiating factor of this certification lies in the fact that it merges the IT auditing role with information security implementation. The certification is accepted across the world as it manages the strategies for security, assesses the policies and procedures according to the business needs.

Start learning with Cybrary

Create a free account

Related Posts

All Blogs