CISM Course Overview

5-DAY also Online


The CISM (Certified Information Security Manager) certification is the primary certification for information security professionals who manage, design, oversee and/or assess an enterprise’s information security.

In comparison to other certifications, CISM covers a wide body of knowledge. It is therefore recommended by the sponsoring organization, ISACA, that those sitting for the CISM certification attend a training session.

InfoSec Instituteoffers the most comprehensive CISM review course in 5 day boot camp format for those wishing to thoroughly prepare for the CISM exam. Every student attending the CISM Boot Camp progresses through a number of skill checks to ensure knowledge is retained. The instructors for the CISM Boot Camp are certified with the CISM designation, and many of them serve on local ISACA boards. Check with an account representative for instructor credentials. 
InfoSec Institute helps you achieve the prestigious CISM certification via our highly popular 5 day CISM Boot Camp. Our bootcamp is specifically designed to cover the new material that will be on the 2012 exams.




Attention DoD Information Assurance Workers:The InfoSec Institute CISM Boot Camp meets 8570.1 compliance mandate.

  • 93.5% Pass Rate!
  • The Industry-recognized leader!
  • Massive Review Session
"...provides a very direct and focused review of and provides a framework for understanding how to approach the exam, unlike any other in the industry. "

Rob Carey
President, ISSA S.FL

What You'll LEARN & DO

 Upon the completion of our CISM Boot Camp, students will know how to:

  • Information Security Governance
  • An information security steering group function
  • Legal and regulatory issues associated with Internet businesses, global transmissions and transborder data flows
  • Common insurance policies and imposed conditions
  • Information security process improvement
  • Recovery time objectives (RTO) for information resources
  • Cost benefit analysis techniques in assessing options for mitigating risks threats and exposures to acceptable levels.
  • Security metrics design, development and implementation.
  • Information security management due diligence activities and reviews of the infrastructure.
  • Events affecting security baselines that may require risk reassessments
  • Changes to information security requirements in security plans, test plans and reperformance
  • Disaster recovery testing for infrastructure and critical business applications.

  • The requirements for collecting and presenting evidence; rules for evidence, admissibility of evidence, quality and completeness of evidence.
  • External vulnerability reporting sources
  • The key components of cost benefit analysis and enterprise migration plans
  • Privacy and tax laws and tariffs, data import/export restrictions, restrictions on cryptography, warranties, patents, copyrights, trade secrets, national security
  • CISM information classification methods
  • Life-cycle-based risk management principles and practices.
  • Cost benefit analysis techniques in assessing options for mitigating risks threats and exposures to acceptable levels.
  • Security baselines and configuration management in the design and management of business applications and the infrastructure.
  • Acquisition management methods and techniques
  • Evaluation of vendor service level agreements, preparation of contracts)
  • CISM question and answer review

Dates & Locations

The best in the world come train with us

See what our students are saying

  • Ryan Argomaniz

    CISSP, Bank of America

    "test reflected the study materials well"

    "I think the amount of time was appropriate, the information was relevant and well-summarized, and the test reflected the study materials well. My instructor did a great job. My Training Sales Representative has also been very helpful and I am glad that he had taken a great interest to follow up during class to with the students. I am very pleased with InfoSec lnstitute and the entire process."

    Find out more
  • Rob Carey
    CISSP, President South Florida Chapter of ISSA

    "unlike any other in the industry"

    "This boot camp provides a very direct and focused review and provides a framework for understanding how to approach the exam, which is unlike any other in the industry. Provided that you follow their program closely, including advance study of the materials they provide as a part of their comprehensive package, this camp will be a week very well spent."

    Find out more
  • Kevin Boland

    Bentley Systems, Inc.

    "I never had a better instructor teach a class. I do mean ever."

    "The instructor was superb. I never had a better instructor teach a class. I do mean ever. He kept it entertaining as well as informational. He was able to apply theory along with real world examples. He stayed late to teach us on topics and discuss. He was truly top notch. ... I will be taking another class from your school in the future. Along with recommending my friends to your school"

    Find out more
  • " ability to make material interesting and fun is rare"

    "As I mentioned before-the instructor's ability to make material interesting and fun is rare. He truly motivates you to not only pass the certification but, to become an IT security "Jedi" & live by the warrior code."

    Find out more
CISM Boot Camp Review By Brian Potvin, Deputy Chief, Common Data Link Systems at United States Air Force
Rating: 5 out of 5.
Great instructor. He was extremely knowledgable, and knew when it was time to relax and have a laugh. I really enjoyed this class.

Certifications & Compliance

Get CISM Certified!

The Certified Information Security Manager® (CISM®) certification program is developed specifically for experienced information security managers and those who have information security management responsibilities. The CISM certification is for the individual who manages, designs, oversees and/or assesses an enterprise’s information security (IS).

The CISM certification promotes international practices and provides executive management with assurance that those earning the designation have the required experience and knowledge to provide effective security management and consulting services. Individuals earning the CISM certification become part of an elite peer network, attaining a one-of-a-kind credential.

The CISM job practice also defines a global job description for the information security manager and a method to measure existing staff or compare prospective new hires.


Pricing for our CISM Training Course


1 required exam: CISM Exam, offered June/Dec. Must score 450 out of 800 to pass the CISM.

Experience: A minimum of 5 years of professional information security experience

Agreement with a Code of Professional Ethics

CPE: 20 continuing education credits required annually


Call (866)-471-0059 or fill out this short form for current pricing


  • Intensive immersion!

    During the five day program, our instructors give you 100% of their time and dedication to ensure that your time is well spent. You will receive an all-inclusive immersion experience including most meals during your training experience, therefore you eat, sleep and train at the learning facility with no distractions!

  • In-class exam prep. 90%+ pass-rate

    InfoSec Institute's practice questions

    Signing up for InfoSec Institute's CISM Boot Camp means more than just attending a five day program. The program starts, with quality, targeted prep books shipped directly to you prior to the start of class.

  • Exam-pass guarantee.
    Opportunity to re-sit a classroom-based course for up to one year if you fail the exam. We have a 93.5% pass-rate, so you will most likely NOT get to enjoy this benefit!!


Other Related Tools & Resources For Our Students

We have compiled a collection of CISM information at InfoSec Resources. Some of the articles and features that may be of interest include:

  • ISACA Changes CISM Exam for 2012
  • 04/23/2012

    According to ISACA, the CISM certification is changing to reflect the new CISM job practice analysis. (Source: ISACA’s CISM Review Manual 2012 p. iii) ISACA has reformatted the CISM changing it from five domains to four domains. They have combined the Information Security Program Development and Information Security Program Management domains into one domain entitled […]

    The post ISACA Changes CISM Exam for 2012 appeared first on InfoSec Resources.

InfoSec Institute has an excellent instructor and this is the best IT security class I have ever taken. His knowledge and method of teaching are unsurpassed.