ISACA Certified Information Security Manager (CISM) (2022 Update) Learning Path

This path will introduce you to the ISACA CISM certification exam. The Certified Information Security Manager is for information security professionals and managers who want to gain the knowledge and skills to oversee, design, or assess an information security program within an organization.

18 hours, 24 minutes

Quick facts

About this learning path

  • courses

    100% online

  • Duration

    18 hours, 24 minutes

  • Assessment


About ISACA Certified Information Security Manager (CISM) (2022 Update)

In this learning path, an instructor will lead you through the four domains of the CISM exam, covering enterprise governance, information security risk assessment, information security program development and information security incident management. The instructor will describe the concepts of each domain through videos and written study materials and walk you through review questions and activities in each section of the four domains.



ISACA CISM Practice Exam

Assessment - 75 questions

The practice exam includes 75 questions from the four Domains of the CISM certification exam that model the weighting of each domain and types of questions a security manager will encounter on the ISACA CISM exam.
Domain 1: Enterprise governance

Course - 03:39:00

CISM Domain 1 covers enterprise governance. It begins with defining enterprise governance and other information security concepts and dives into such topics as such as how organizational culture, structures, roles and responsibilities impact governance; the roles and responsibilities of an organization's stakeholders in enterprise governance; the legal and regulatory requirements for an organization regarding information security; strategies for designing and implementing governance; and common frameworks and standards for building enterprise governance structures.
Domain 2: Information security risk assessment

Course - 03:26:00

CISM Domain 2 covers information security risk assessment and dives into such topics such as the risk and threat landscape; risk identification and risk analysis; threat vulnerability and control deficiencies; risk assessment and evaluation concepts; risk response, reporting and communication; and business impact analysis.
Domain 3: Information Security Program Development and Management

Course - 05:57:00

CISM Domain 3 covers information security program development beginning with what resources are needed to develop an effective program and moving into current standards and frameworks; creating a road map; measuring effectiveness with metrics; awareness and training; effective program communications; program performance review; and more.
Domain 4: Information Security Incident Management

Course - 04:45:00

CISM Domain 4 covers topics related to information security incident management, such as creating incident management and response plans; identifying and classifying incidents; tools and techniques for incident management; incident investigation, evaluation, containment and communication; incident eradication, recovery and review; business impacts and continuity; disaster recovery planning; and training, testing and evaluation of the incident response plan.

The details

Learning path insights

How to claim CPEs

Should you complete this learning path, you’ll be able to download a certificate of completion. Use this to claim your CPEs or CPUs.

No software. No set up. Unlimited access.

Skip the server racks and spin up a realistic environment with one click. Infosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every Infosec Skills subscription so your team can skill up however they learn best.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo