Group adds security management certification

The Certified Information Security Manager (CISM) qualification is the latest designation to be launched worldwide by the...

The Certified Information Security Manager (CISM) qualification is the latest designation to be launched worldwide by the Information Systems Audit and Control Association (ISACA), a non-profit US organisation which focuses on IT control and governance issues.

CISM is aimed at experienced information systems managers with security management responsibilities and aims to address the increased specialisation of professionals in security management.

To gain the certification, applicants need to sit a four-hour exam, the first of which will be administered in Australia.

The CISM exam will consist of 200 multiple-choice questions, each corresponding to ISACA's five main "job practice areas" including, security governance, risk management, response management, information security programme management and information security management.

Those interested in sitting the exam will need to have a minimum of five years' work experience with information security, as well as a minimum of three years of information security management experience involving three of the five specified job practice areas.

Certified professionals must then adhere to ISACA's conditions for maintaining their qualification. These conditions include completing at least 20 additional hours of professional education training annually, as well as attaining 120 hours of professional education within the first three years of undertaking the exam.

The cost of the exam will be $345 (£216) for ISACA members, and $465 (£291) for non-members. A maintenance fee of $35 to $40 will also apply to retain the certification each year.

To help applicants prepare for the exam, the ISACA publishes a CISM review manual, available from the ISACA and its partner organisations. A list of these partner organisations is posted on the ISACA website.

ISACA also offers a Certified Information Systems Auditor (CISA) qualification, which recognises educational achievement in information systems auditing, development control and security. Since the CISA qualification was established in 1978, 26,000 professionals have gained accreditation worldwide.

More information on the CISM and CISA qualifications is available on the ISACA website:

Read more on IT jobs and recruitment