Certified Information Security Manager
CISM (Certified Information Security Manager ) is an IT security certification. It should be given to experienced managers and professionals the opportunity to show their skills in planning, implementation and control and monitoring of IT security concepts.
Subjects
The CISM exam determines the core competencies of an information security manager and sets internationally recognized standards that IT security professionals need to take into account.
In CISM exam the expertise of the following subjects is queried and evaluated:
- Information security control (Information Security Governance, 21 % share)
- Risk Management ( Risk Management, 21 % share)
- Information Security Program Management (Information Security Program Management, 21 % share)
- Information Security Management ( Information Security Management, 24 % share)
- Response management ( Response Management, 21 % share)
Target group
The exam is intended for IT security professionals who have acquired a solid professional experience through comprehensive activities in the field of occupational safety information.
Requirements
To obtain the certification, a binding proof of at least five years of professional experience in the field of information security has to be provided. Of these five years, at least a three-year activity must be demonstrated in at least three of the subjects listed above.
In addition, the following certifications in the field of information security are considered sufficient professional experience in information security:
- Two years? Certified Information Systems Auditor ( CISA )
- Certified Information Systems Security Professional ( CISSP )
- Academic degree in information security or a related field (eg business administration, information systems, information assurance)