Study any time, from any device.

Become a Certified Information Security Manager (CISM)

The Certified Information Security Manager (CISM) certification path is designed for individuals that oversee, design or assess an enterprise's information security. You'll learn about information security governance, risk management, program development and incident management.

14 courses  //   59 videos  //   4 hours of training

Certified Information Security Manager (CISM) training

This learning path provides you with the knowledge and skills necessary to pass the Certified Information Security Manager (CISM) exam. As you progress through 14 courses, you’ll build your knowledge around the four primary CISM domains, including information security governance, risk management, program development and incident management. Upon completion you’ll be prepared to earn your CISM certification and validate your security management knowledge.

Learning path components

CISM Custom Practice Exam
Practice Exam
CISM Custom Practice Exam

CISM Custom Practice Exam

Prepare for your CISM exam and test your domain knowledge.

Number of questions: 931

Introduction to IS Governance
Course
Introduction to IS Governance

Introduction to IS Governance

Three videos provide an introduction to information security governance, including the use of governance and why it is important for an organization.

3 videos
11 minutes of training

IS Roles and Responsibilities
Course
IS Roles and Responsibilities

IS Roles and Responsibilities

Refresh your knowledge of information security roles and responsibilities with three videos on key roles and responsibilities, risk management and associated topics.

3 videos
6 minutes of training

Information Security Strategy
Course
Information Security Strategy

Information Security Strategy

Five videos take you through the core tenets of information security strategy, including strategy elements and metrics.

5 videos
21 minutes of training

IS Resources and Constraints
Course
IS Resources and Constraints

IS Resources and Constraints

Information security resources and constraints are examined in this two-video course covering personnel, organizational structure and more.

2 videos
13 minutes of training

Implementation Action Plan
Course
Implementation Action Plan

Implementation Action Plan

Two videos help you review action plan types, action plan implementation strategies and information security program objectives.

2 videos
12 minutes of training

Strategy and Implementation
Course
Strategy and Implementation

Strategy and Implementation

Take a fresh look at risk management strategy and implementation. Includes vocabulary, phases and tips for effective information risk management.

5 videos
17 minutes of training

Risk Assessment
Course
Risk Assessment

Risk Assessment

Two videos take you through risk assessment methodologies, vocabulary and examples.

2 videos
17 minutes of training

Asset Classification and Operational Considerations
Course
Asset Classification and Operational Considerations

Asset Classification and Operational Considerations

Review asset classification and operational considerations in five videos, covering vocabulary, diagrams, key terms and important takeaways.

5 videos
10 minutes of training

Monitoring and Communication
Course
Monitoring and Communication

Monitoring and Communication

Enhance your risk management skills with three videos on risk monitoring and communication.

3 videos
7 minutes of training

Security Program Architecture
Course
Security Program Architecture

Security Program Architecture

Information security program architecture is reviewed and dissected in ten videos. Controls, objectives, program elements and more provide a strong foundation for an aspiring security manager.

10 videos
22 minutes of training

Security Program Activities
Course
Security Program Activities

Security Program Activities

Explore security program activities with two videos on business case development, program development, documentation and more.

2 videos
20 minutes of training

Controls, Metrics and Monitoring
Course
Controls, Metrics and Monitoring

Controls, Metrics and Monitoring

Take a closer look at what tools you have with this course on controls, metrics and monitoring for security managers.

3 videos
17 minutes of training

Effective Incident Management
Course
Effective Incident Management

Effective Incident Management

Review effective incident management with eight videos on metrics, response procedures and more.

8 videos
26 minutes of training

IR, BC and DR Planning and Procedures
Course
IR, BC and DR Planning and Procedures

IR, BC and DR Planning and Procedures

The fundamentals of incident response, business continuity and disaster recovery are explored in six videos.

6 videos
28 minutes of training

 

What you’ll learn.

The CISM certification exam covers four primary domains:

  • Information security governance
  • Information risk management
  • Information security program development and management
  • Information security incident management

Who is this for?

To become a CISM, you need to both pass the CISM exam and submit verified evidence of a minimum of five years of information security work experience, with a minimum of three years of experience in three or more of the job practice analysis areas.

This certification path is designed for:

  • Information security managers
  • Information security and technology consultants
  • Chief information officers
  • Anyone with a desire to get certified in security management!

You're in good company

"Comparing Infosec to other vendors is like comparing apples to oranges. My instructor was hands-down the best I’ve had." 

James Coyle

FireEye, Inc.

"I knew Infosec could tell me what to expect on the exam and what topics to focus on most."

Julian Tang

Chief Information Officer

"I’ve taken five boot camps with Infosec and all my instructors have been great."

Jeffrey Coa

Information Security Systems Officer