Course essentials
Boot camp at a glance
-
Method
Online, in-person, team onsite
-
Duration
5 days
-
Experience
5 years+
-
Average salary
$129,000
-
Meets 8570.1
DoD Information Assurance requirements
What you'll learn
Training overview
At our CISM Boot Camp, we explore and develop your essential skills and knowledge in the following domains:
- Domain 1: Information security governance
- Domain 2: Information security risk management
- Domain 3: Information security program
- Domain 4: Incident management
By the end of our CISM Boot Camp, you will have the knowledge, skills and confidence to excel in information security management and pass the CISM exam with flying colors.
ISACA Accredited Training Organization (ATO)
Infosec is one of a select number of ISACA accredited Elite+ Partners in the world. When you enroll in an Infosec CISM Boot Camp, you can rest assured you are receiving the most effective and up-to-date certification prep available, including official ISACA training materials and instruction that has been independently assessed to meet ISACA’s quality standards.
Award-winning training you can trust
What's included
Everything you need to know
- 90-day extended access to Boot Camp components, including class recordings
- 12-Month subscription to the ISACA Official Question, Answer & Explanation (QAE) database
- 100% Satisfaction Guarantee
- Exam Pass Guarantee
- Exam voucher
- Free 90-day Infosec Skills subscription (access to 1,400+ additional courses and labs)
- Knowledge Transfer Guarantee
- Pre-study learning path
- Unlimited practice exam attempts
Before your boot camp
Prerequisites
To become a CISM, you must submit verified evidence of:
- A minimum of five years of information security work experience
- A minimum of three years of information security management work experience in three or more of the job practice analysis areas
The work experience must be gained within the ten-year period preceding the application date for certification or within five years from the date of originally passing the exam.
Syllabus
Training schedule
Preparation (before the boot camp starts)
CISM prep course
Day 1
Information security governance
- Information security concepts
- Relationship between information security and business operations
- Techniques used to secure senior management commitment and support of information security management
- Methods of integrating information security governance into the overall enterprise governance framework
Information security governance continued
- Understand the importance of information security governance and its integration into enterprise governance
- Learn techniques to secure senior management commitment and support for information security management
- Gain insights into the development of an information security steering group and its role in driving effective security governance
- Explore legal and regulatory issues associated with internet businesses, global transmissions, and transborder data flows
- Learn about common insurance policies and imposed conditions related to information security
Optional group & individual study
Schedule may vary from class to class
Day 2
Risk management
- Information resources used in support of business processes
- Information resource valuation methodologies
- Information classification
- The principles of development of baselines and their relationship to risk-based assessments of control requirements
Risk management continued
- Master the principles and practices of life-cycle-based risk management
- Identify threats, vulnerabilities, and exposures associated with information resources’ confidentiality, integrity, and availability
- Learn quantitative and qualitative methods for determining the sensitivity and criticality of information resources
- Understand risk mitigation strategies and cost-benefit analysis techniques to manage risks effectively
- Gain insights into managing and reporting the status of identified risks in the organization
Optional group & individual study
Schedule may vary from class to class
Day 3
Information security program development and management
- Methods to develop an implementation plan that meets security requirements identified in risk analyses
- Project management methods and techniques
- The components of an information security governance framework for integrating security principles, practices, management and awareness into all aspects and all levels of the enterprise
Information security program development and management continued
- Learn methodologies for developing and implementing information security policies, procedures and guidelines
- Understand information security architectures and technologies to ensure the secure design and management of business applications and infrastructure
- Explore acquisition management methods and techniques for evaluating vendor service level agreements and preparing contracts
- Gain knowledge of security metrics design, development and implementation for measuring and improving security effectiveness
- Learn about information security management, due diligence activities, infrastructure reviews and compliance with standards
Optional group & individual study
Schedule may vary from class to class
Day 4
Information security program development and management continued
- How to interpret information security policies into operational use
- Information security administration process and procedures
- Methods for managing the implementation of the enterprise’s information security program through third parties, including trading partners and security services providers
- Continuous monitoring of security activities in the enterprise’s infrastructure and business applications
Information security program development and management continued
Optional group & individual study
Schedule may vary from class to class
Day 5
Information security incident management
- Components of an incident response capability
- Information security emergency management practices (e.g., production change control activities, development of computer emergency response team)
- Disaster recovery planning and business recovery processes
- Disaster recovery testing for infrastructure and critical business applications
Information security incident management continued
- Develop a comprehensive understanding of the components of an incident response capability
- Learn best practices for information security, emergency management and disaster recovery planning
- Explore intrusion detection policies and processes and help desk procedures for identifying and managing security incidents
- Understand the requirements for collecting and presenting evidence in the context of information security incidents
- Gain insights into post-incident reviews and follow-up procedures for continuous improvement
Schedule may vary from class to class
Guaranteed results
Our boot camp guarantees
Exam Pass Guarantee
If you don’t pass your exam on the first attempt, get a second attempt for free. Includes the ability to re-sit the course for free for up to one year (does not apply to CMMC-AB boot camps).
100% Satisfaction Guarantee
If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.
Knowledge Transfer Guarantee
If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.
Unlock team training discounts
If you’re like many of our clients, employee certification is more than a goal — it’s a business requirement. Connect with our team to learn more about our training discounts.
FAQ
Frequently asked questions
What's the job outlook for CISM professionals?
The demand for skilled information security professionals is rapidly increasing as organizations recognize the importance of robust security measures. According to the Bureau of Labor Statistics, employment of information systems managers is projected to grow 16% from 2021 to 2031. CISM-certified individuals are well-positioned to capitalize on these opportunities and pursue rewarding careers in information security.
What is the average CISM salary?
CISM-certified professionals earn a wide range of competitive salaries due to their specialized expertise, with an average $129,000. Visit our salary information page to access the latest data on CISM salaries and gain insights into this field’s earning potential.
How does the CISM examination process work?
The CISM exam consists of multiple-choice questions that assess your knowledge and application of information security management concepts. It is administered by ISACA and follows a rigorous evaluation process to ensure the integrity and validity of the certification. Read our CISM exam details article for more information.
What are some tips for preparing for the CISM?
Being well-prepared and rested is critical to success in the CISM exam. Here are a few tips to enhance your study approach:
Create a study schedule and allocate dedicated time for each domain.
Utilize resources such as study guides, practice exams and online forums.
Engage in practical exercises and real-world scenarios to strengthen your problem-solving skills.
Join study groups or seek guidance from experienced professionals to gain additional insights.
Stay focused, practice time management and review all domains comprehensively.
Get plenty of sleep. You won’t perform your best if you stay up all night cramming for the CISM exam, so be sure you are well-rested the night before.
Meets 8570.1 requirements
Attention DoD Information Assurance workers! This boot camp helps meet U.S. Department of Defense Directive 8570.1 requirements for department employees or contractors engaged in work related to information security.
You're in good company
I really appreciate that our instructor was extremely knowledgeable and was able to provide the information in a way that could be understood. He also provided valuable test-taking strategies that I know not only helped me with this exam but will help in all exams I take in the future.
Michelle Jemmott, Pentagon
Our instructor had a vast background and related the materials to real life. Much better than just teaching the materials to pass an exam... but he did that as well. He went out of his way in class. The extra materials really benefited us when we returned to our real jobs! Great experience!
John Peck, EPA
Very impressed with Infosec. My instructor did a great job delivering the information strategically and in a way for all to understand. I would definitely take another class/certification prep course.
Sylvia Swinson, Texeltek
Enroll in a boot camp
Explore our top boot camps
More learning opportunities
-
Most popularBoot camp
CompTIA Security+ Training Boot Camp
Infosec’s CompTIA Security+ Boot Camp teaches you information security theory and reinforces that theory with hands-on exercises to help you learn by doing. You’ll learn how to configure and operate many different technical security controls — and leave prepared to pass your Security+ exam.
Learn More
-
#1 FOR BEGINNERSBoot camp
Cisco CCNA Associate & CyberOps Associate Training Boot Camp with Dual Certification
Infosec’s authorized CCNA Dual Certification Boot Camp helps you build your knowledge of networking and provides hands-on experience installing, configuring and operating network devices — all while preparing you to earn two Cisco certifications.
Learn More
-
Most requestedBoot camp
(ISC)² CISSP® Certification Training and Boot Camp
Take your career to the next level by earning one of the most in-demand cybersecurity certifications. Infosec’s CISSP training provides a proven method for mastering the broad range of knowledge required to become a Certified Information Systems Security Professional.
Learn More