Certified Information Security Manager
The Certified Information Security Manager certification is for experienced information security managers and those individuals with responsibilities in information security management. The certification covers the management, design, oversight, and assessment of an enterprise’s information security program using internationally accepted practices.
The CISM is accredited by the American National Standards Institute (ANSI) under ISO/IEC 17024:2003.
The exam covers the following disciplines and percentage scope:
• Information Security Governance 23%
• Information Risk Management 22%
• Information Security Program Development 17%
• Information Security Program Management 24%
• Incident Management and Response 14%