CISM Certification Details
Pasitikėjimas informacinėmis sistemomis ir jų nauda
ISACA Lietuvos skyriaus narė
What is a CISM?
• Demonstrate your information
security management expertise.
The uniquely management-
focused CISM certification
promotes international security
practices and recognizes the
individual who manages designs,
and oversees and assesses an
enterprise’s information security.
What is a CISM?
• Demonstrates your understanding of the relationship between an
information security program and broader business goals and objectives
• Distinguishes you as having not only information security expertise, but
also knowledge and experience in the development and management of
an information security program
• Puts you in an elite peer network
• Is considered essential to ongoing education, career progression and value
delivery to enterprises.
Why Become a CISM?
Enhanced Knowledge and Skills
• To demonstrate your willingness to improve your technical
knowledge and skills
• To demonstrate to management your commitment toward
• To obtain credentials that employers seek
• To enhance your professional image
• To be included with other professionals who have gained
CISM in the Workplace
• Almost 700 are employed in organizations as the CEO, CFO or equivalent
• More than 200 serve as chief audit executives, audit partners or audit
• Over 2,000 serve as CIOs, CISOs, or chief compliance, risk or privacy
• More than 7,100 are employed as security directors, managers or
consultants and related staff.
• Over 3,000 are employed as IT directors, managers, consultants and
• Nearly 2,300 serve as audit directors, managers or consultants and related
• More than 2,400 are employed in managerial, consulting or related
positions in IT operations or compliance.
What makes CISM unique?
• Designed exclusively for information security managers
• Criteria and exam developed from job practice analysis
validated by information security managers
• Experience requirement includes information security
CISM Target Market
What is the CISM Target Market?
• Individuals who design, implement and manage an
enterprise’s information security program
– Security managers
– Security directors
– Security officers
– Security consultants
CISM Job Practice
(Effective June 2012)
1. Information Security Governance (24%) - Establish and maintain an information
security governance framework and supporting processes to ensure that the
information security strategy is aligned with organizational goals and objectives,
information risk is managed appropriately and program resources are managed
2. Information Risk Management and Compliance (33%) - Manage information risk to an
acceptable level to meet the business and compliance requirements of the
3. Information Security Program Development and Management (25%) – Establish and
manage the information security program in alignment with the information security
4. Information Security Incident Management (18%) – Plan, establish and manage the
capability to detect, investigate, respond to and recover from information security
incidents to minimize business impact.
For more details visit www.isaca.org/cismjobpractice
How to Prepare for
How to Develop a
CISM Study Plan
A proper study plan consists of several steps:
Determination of the type of study program
Having an adequate amount of time to prepare
Become involved in your local chapter and explore
networking opportunities and study groups.
How to Study for
• Read the Candidate’s Guide thoroughly
• Study the review Manual
• Work through the Review Questions, Answers &
Explanations Manual, Supplement and CD
• Participate in an ISACA Chapter Review Course
• Read literature in areas where you need to strengthen
• Join or organize study groups
Ačiū už dėmesį!
Daugiau informacijos apie organizuojamus ISACA sertifikacijų mokymus rasite
Susisiekite telefonu 8 5 2780502 arba el.paštu [email protected]