| Certified Information Security Manager (CISM®) Program |
CISM certification promotes international practices and provides executive management with assurance that those earning the designation have the required experience and knowledge to provide effective security management and consulting services. Individuals earning the CISM certification become part of an elite peer network, attaining a one-of-a-kind credential. The CISM job practice also defines a global job description for the information security manager and a method to measure existing staff or compare prospective new hires. Although certification may not be mandatory for you at this time, a growing number of organizations are requiring or recommending that employees become certified. To help ensure success in the global marketplace, it is vital to select a certification program based on universally accepted information security management practices. CISM delivers such a program. WHY DOES ISACA OFFER AN INFORMATION SECURITY CERTIFICATION?ISACA's name (Information Systems Audit and Control Association)® reflects its obligation to offer products, services and benefits not only to the information systems audit profession, but to those who play a vital role in information systems control as well. More than 20 years ago ISACA pioneered the Certified Information Systems Auditor (CISA) credential and has developed and offered training programs to information systems auditors, information security practitioners and those involved in information technology governance. Most recognized in the industry are a series of ISACA conferences that are known as CACS (computer audit, control and security). These programs are held each year worldwide and meet the educational needs of a wide variety of information systems professionals. In recent years, ISACA has undertaken other information security and IT control activities: increased focus on security in the Information Systems Control Journal, creation of the IT Governance Institute, and development of research of particular interest and benefit to security management professionals. The maturity of ISACA membership and CISAs and their requested need for an information security credential that goes beyond the practitioner level has led ISACA to the development the CISM credential. WHO IS ELIGIBLE TO BECOME CISM CERTIFIED AND WHAT MAKES CISM UNIQUE?CISM is unique in the information security credential marketplace because it is designed specifically and exclusively for individuals who have experience managing an information security program. Experience requirements and the CISM exam are based on the experience required to competently perform the duties and responsibilities of an information security manager. These requirements and the tasks and knowledge that are tested were developed by information security leaders and later validated by subject matter experts and information security managers. The requirements are designed to measure an individual's management experience in information security situations, not general practitioner skills. CISM differs from the many other security certifications by virtue of its experience requirements and focus on the job performed by an information security manager. Other security certifications are characterized by a focus on technical skills or platform- or product-specific knowledge, or they are aimed at the practitioner in the earlier years of their career. Only CISM targets the information security manager-the individual who has progressed beyond the practitioner focus, whose emphasis is no longer technical or specialist skills, and who has moved on to the management of an enterprise's information security program. CISM is for the individual who must manage and oversee the enterprise's information security effort, including the practitioners, many of whom may hold other certifications the field offers. The focus on management that makes CISM unique is demonstrated in its experience requirement, which calls for a minimum of three years in information security management, and in its exam focus that is based on the practices performed by information security managers. CISM EXAMINATION AND STUDENT REGISTRATIONThough CISM is sponsored by ISACA, one need not register with ISACA to be able to pay for CISM examination. But you can enjoy substantial cost saving on exam fees and study materials by joining ISACA. Registration forms can be downloaded at www.isaca.org The CISM exam is offered annually during the months of June and December. The CISA and CISM exams will be held simultaneously; therefore, they cannot be taken on the same day. A candidate is given 4 hours to complete a 200 multiple-choice question exam. The materials purchased for the December 2007 exam can be used in preparation for the December 2008 exam. Registration for the December 2008 exam opened in July. DECEMBER EXAM 2008 KEY DATES Registration: ISACA Member US $ 375 24 Sept: Final Registration Deadline Candidates can save US $50 on the exam registration fee by registering online. QUALIFICATIONS TO EARN THE CISM CREDENTIAL |
