The Certified Information Security Manager (CISM)
qualification is the latest designation to be launched worldwide by
the Information Systems Audit and Control Association (ISACA), a
non-profit US organisation which focuses on IT control and
governance issues.
CISM is aimed at experienced information systems managers with
security management responsibilities and aims to address the
increased specialisation of professionals in security
management.
To gain the certification, applicants need to sit a four-hour
exam, the first of which will be administered in Australia.
The CISM exam will consist of 200 multiple-choice questions,
each corresponding to ISACA's five main "job practice areas"
including, security governance, risk management, response
management, information security programme management and
information security management.
Those interested in sitting the exam will need to have a minimum
of five years' work experience with information security, as well
as a minimum of three years of information security management
experience involving three of the five specified job practice
areas.
Certified professionals must then adhere to ISACA's conditions
for maintaining their qualification. These conditions include
completing at least 20 additional hours of professional education
training annually, as well as attaining 120 hours of professional
education within the first three years of undertaking the exam.
The cost of the exam will be $345 (£216) for ISACA members, and
$465 (£291) for non-members. A maintenance fee of $35 to $40 will
also apply to retain the certification each year.
To help applicants prepare for the exam, the ISACA publishes a
CISM review manual, available from the ISACA and its partner
organisations. A list of these partner organisations is posted on
the ISACA website.
ISACA also offers a Certified Information Systems Auditor (CISA)
qualification, which recognises educational achievement in
information systems auditing, development control and security.
Since the CISA qualification was established in 1978, 26,000
professionals have gained accreditation worldwide.
More information on the CISM and CISA qualifications is
available on the ISACA website:
www.isaca.org/cism.htm