INTRODUCTION TO CISM

1
INTRODUCTION TO CISM

• 2003 Certified Information Security Manager
  (CISM)

2
CISM Target Market

• What is the CISM Target Market?
• Individuals who manage, design and oversee an
  enterprises information security program.
• Security managers
• Security directors
• Security officers
• Security consultants

3
CISM Uniqueness

• What makes CISM Unique?
• Designed for information security managers
  exclusively
• Criteria and exam developed from job practice
  analysis validated by information security
  managers
• Experience requirement includes information
  security management

4
CISM General Requirements

• Certified Information Security Manager (CISM)
  Criteria
• Pass exam
• Submit verified evidence of a minimum of five
  years of information security work experience
• Adhere to ISACA Code of Professional Ethics
• Comply with continuing education policy

5
CISM Grandfathering Requirements

• Certified Information Security Manager (CISM)
  Grandfathering Criteria
• Submit verified evidence of a minimum of eight
  years of information security work experience
• Adhere to ISACA Code of Professional Ethics
• Comply with continuing education policy

6
Summary of CISM Areas

• Information Security Governance (21)
• Risk Management (21)
• Information Security Program(me) Management (21)
• Information Security Management (24)
• Response Management (13)

7
Exam Details
8
Types of Questions on the CISM Exam

• Each exam consists of 200 questions administered
  over a four-hour period
• Questions are designed to test practical
  knowledge and experience
• Questions are multiple choice and are designed
  for one best answer

9
Administration of the CISM Exam

• Administered on Saturday, 14 June 2003
• English only
• 4 hours
• More than 200 test sites
• Offered in every city where there is an ISACA
  chapter or a large interest in sitting for the
  exam
• Passing mark of 75 (scaled score)

10
CISM Exam Costs

• Exam Fee
• Registration deadline is 2 April 2003 ISACA
  Members (US) 345.00 Non-members (US) 465.00

11
Exam Study Plan
12
CISM Study Materials/Courses

• Candidates Guide to the CISM Examination Free to
  each paid registrant
• CISM Review Manual 2003
• (US) 75.00 ISACA Member
• (US) 100.00 Non-ISACA Member
• Chapter CISM Review Courses
• Fee differs per chapter
• One-day course at NA CACS in May (Houston)

13
How to Develop a CISM Study Plan

• A proper study plan consists of many steps
• Self-appraisal
• Determination of the type of study
  program
• Having an adequate amount of time to prepare
• Maintaining momentum
• Readiness review

14
How to Study for the CISM Exam

• Read the Candidates Guide thoroughly
• Study the CISM Review Manual
• Participate in an ISACA Chapter Review Course
• Read literature in areas where you need to
  strengthen skills
• Join or organize study groups

15
Applying for CISM Certification
16
Application for CISM Certification

• Application for CISM certification is sent to all
  who pass the exam and contains
• Requirements for maintaining certification
• Code of Professional Ethics
• Instructions for completion of form
• CISM application form
• Verification of work experience

17
Continuing Education Policy Details
18
Continuing Education Requirements

• Certification is granted annually to those CISMs
  who
• annually report a minimum of 20 hours of
  continuing professional education
• annually pay the continuing education maintenance
  fee
• comply with the ISACA Code of Professional Ethics
• report a minimum of 120 contact hours of
  continuing education for each fixed three-year
  period

19

• Chapter contact Allan Boardman
• E-mail allan_at_internetworking4u.co.uk
• Web site www.isaca-london.org
• CISM link www.isaca-london.org/cism.htm

Want to know more?