CISM certification program was developed by the Information Systems Audit and Control Association (ISACA) for experienced Information security management professionals with work experience in developing and managing information security programs and who understand the relationship of the program with the overall business goals. The CISM exam is offered three times a year (June, September, and December), The American National Standards Institute (ANSI) has accredited the CISM certification program under ISO/IEC 17024:2003, General Requirements for Bodies Operating Certification Systems of Persons.

In-depth coverage of the four domains required to pass the CISM exam:

1. Information Security Governance

2. Information Risk Management and Compliance

3. Information Security Program Development and Management

4. Information Security Incident Management

PREREQUISITES

To apply for CISM certification, you must have five or more years of work experience in information

security management, with at least three years of that experience in three or more of the job practice analysis areas - or domains - listed below. At the discretion of ISACA, you may use some security-

related certifications and information systems management experience to satisfy up to two years of the required five years of experience.

About the Exam

Number of Questions -Domain 1 - 150

- Domain 2 - 150

- Domain 3 - 150

- Domain 4 - 150

Types of questions - Multiple choice and performance-based

Length of test - 200 minutes for each domain

Passing Marks - 75% for each Set