While becoming a Certified Information security Manager requires a substantial investment in time and money, alumni can potentially earn six-figure salaries.
Summary: While eligible candidates will need to pay up to $760 to take a Certified Information Security Manager (CISM) exam, the accreditation requires a significant investment in time to prepare properly. To be eligible for entering the exam, candidates must provide verified evidence to prove a minimum of five years of work in information security.
The Certified Information Security Manager (CISM) accreditation is one of the most recognized in the cybersecurity space. Unlike more technically orientated certifications like CCSP or CISSP, it deals specifically with the governance and management of information security strategies. As such, it ties in heavily with business leadership, making it highly sought-after for aspiring Chief Information Security Officers (CISOs) and other management positions.
While preparing for the exam, candidates learn how information security governance and management tie into broader business objectives. The framework deals heavily with the alignment between security and business leadership, thus paving the way towards a range of high-level job roles and titles. Despite not being as popular as the similar CISSP accreditation, there are many good reasons to pursue CISM.
How much experience do candidates need to have?
Candidates can take the CISM exam any time they want, though they should only do so when confident they are ready to pass. However, passing the exam alone does not mean automatic certification. Candidates also need to have a minimum of five years of relevant work experience. They will need to detail their past work experiences and verify them with necessary documentation when applying for the certification after passing the exam.
How much does it cost to enroll in the CISM exam?
Most people will pay $760 to register for the exam. However, existing members of ISACA, the nonprofit organization that grants and maintains the certification, will only have to pay $575. When registering for the exam, candidates must make the payment and take the exam within the following 12-month eligibility period. If they fail to schedule the exam or miss it during this time, they will forfeit the fee and have to pay again should they wish to proceed. It is not possible to defer or extend eligibility under any circumstances.
How much does it cost to maintain a CISM certification?
To maintain a CISM certification, candidates must report at least 20 continuing professional education (CPE) credits each year and a total of at least 120 CPE credits over the three-year reporting cycle. It is possible to earn CPE credits through ongoing training or, more likely, through relevant work experience. This is necessary to maintain the relevance of the certification in the constantly evolving field that is information security.
Candidates also need to pay an annual maintenance fee of $85 for non-members. Members of the ISACA only have to pay $45. For those who hold more than two ISACA certifications, the maintenance costs of any subsequent ones are reduced to $50 for non-members and $25 for members.
Failure to meet these requirements will result in the certification being invalidated. In this case, it will be necessary to take the exam again and pay the usual fee.
How much does it cost to prepare for the exam?
Aside from the time investment required to accrue the necessary professional experience, it is likely that candidates will spend more money on training than on the exam itself. Fortunately, there are many ways to prepare for the exam. Employers may consider investing in their teams by paying for training programs themselves since it offers a proven way to overcome the ongoing information security skills shortage.
At the very least, candidates should invest in the official CISM study materials. While they can assess their current knowledge with a free ISACA account, doing so really only scratches the surface. ISACA’s official review manual costs $135, while the CISM All-in-One Exam Guide costs $40. There are also plenty of unofficial guides available. That being said, official study materials make an ideal accompaniment to formal training programs.
By far, the most expensive pre-exam training options are traditional in-person seminars and boot camps. Employers often pay for these, but they lack flexibility. A better option for most candidates, particularly in remote work, is a self-paced online course. These courses often involve hands-on learning activities that emulate real-world scenarios of the sort that CISMs are likely to encounter in their day-to-day roles. Furthermore, many online courses also offer live webinars and group-focused learning activities, which are also valuable given the highly collaborative nature of information security leadership today.
Cybrary for Teams is an all-one-one workforce development platform that helps organizations develop stronger cybersecurity skills, prepare for new certifications, and track team progress. Enroll your team in our CISM course today!