The Basics: CISM Learning Path

The Basics: CISM learning path serves as a stepping stone to your CISM training by providing foundational knowledge of key concepts, and assessing your current levels of proficiency within the CISM learning objectives.

4 hours, 8 minutes

Quick facts

About this learning path

  • courses

    100% online

  • Duration

    4 hours, 8 minutes

  • Assessment


About The Basics: CISM



Domain 1: Information Security Governance

Course - 01:09:00

The first module of the CISM course walks student's through Domain 1 which comprises 24% of the exam. This domain is all about Information Security Governance and has four sections related to it. The first section of the domain is titled "Designing a Strategy & Governance Framework". Section two of the domain is "Gaining Management Support/Approval" and focuses on getting upper management support for information security. The third section is "Implementing the Security Strategy" and is about putting your security plan into action.
Domain 2: Information risk management

Course - 01:21:00

The second module of the CISM exam walks students through Domain 2. This domain is the largest of all the domains in the CISM course and compromises 30% of the exam and is all about Information Risk Management. The first section of domain 2, "Risk Identification", is the about the process of identifying risks in an enterprise environment. Section 2, "Risk Analysis and Treatment", focuses on the treatement of identified risks. The final section, "Risk Monitoring and Reporting", finishes the domain by walking a student through the risk monitoring process as well as reporting requirments for risk.
Domain 3: Information security program development and management

Course - 01:06:00

The third module of the CISM exam focuses on Domain 3 of the exam and compromises 27% of the exam. The first section of domain 3 is titled "Alignment & Resource Management" and teaches a student the process of aligning resources to your security plan. The second section, "Standards, Awareness & Training" is about the standards of security as well as training your organization on the right security practices. The third section "Building Security Into Processes and Practices" is straightforward and focueses on building good security principles into an organizations policies and practices. The final section "Security Monitoring and Reporting", teaches students the security monitoring process and how reporting security incidents works.
Domain 4: Information security incident management

Course - 00:31:00

The details

Learning path insights

How to claim CPEs

Should you complete this learning path, you’ll be able to download a certificate of completion. Use this to claim your CPEs or CPUs.

No software. No set up. Unlimited access.

Skip the server racks and spin up a realistic environment with one click. Infosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every Infosec Skills subscription so your team can skill up however they learn best.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo