Ultimate Guide to the CISM Certification in 2023

By Alex • Updated Jan 15, 2023

Overview | Exam Guide | Courses

What is the CISM certification?

The Certified Information Security Manager (CISM) certification is an IT security certification offered by ISACA that validates your “expertise in information security governance, program development and management, incident management, and risk management” (source).

Which jobs can you get with a CISM certification?

According to Credly, there are 3,158 job openings related to the Certified Information Security Manager (CISM) certification in the US alone. The 5 job titles with the most openings are:

1. BISO Manager: 114 job postings
2. Senior Information Security Architect: 108 job postings
3. Associate Director Cloud Security: 79 job postings
4. Risk Management Manager: 70 job postings
5. NIS Manager: 67 job postings

Which salary can you expect with a CISM certification?

In 2022, the average salary for a Certified Information Security Manager in the United States is $131,209 per year (source: ZipRecruiter).

The majority of salaries currently range between $100,000 (25th percentile) to $150,000 (75th percentile).

What are CISM requirements?

In order to become CISM Certified professionals need to fulfill the following requirements:

1. Pass the CISM Exam within the last 5 years
2. Have the relevant full-time work experience in the CISM exam content outline (details on possible substitutions and waivers can be found here)
3. Submit the CISM Certification Application including the application processing fee

How much does the CISM certification cost?

ISACA members pay $575 for the exam registration, while non-members pay $760. This does not include potential costs for study materials such as online courses and practice exams.

How can you maintain your certification?

The CISM certification is valid for 3 years. To maintain your certification you need to fulfill the following requirements:

• Earn and report a minimum of 120 CPE hours every 3-year reporting cycle and at least 20 hours annually
• Pay the CISA annual maintenance fee ($45 for members, $85 for non-members)

FAQs

Who is the CISM certification for?

The Certified Information Security Manager (CISM) certification is for professionals who manage, design, and oversee an organization's information security.

Is the CISM certification worth it?

Yes, the CISM certification can demonstrate a level of expertise in information security management and can potentially lead to career advancement and higher earning potential.

It can also serve as a valuable asset for organizations looking to hire or promote information security professionals.

How can you get the CISM certification?

To obtain the CISM certification, individuals must meet certain eligibility requirements and pass the CISM exam.

This includes having a minimum of five years of experience in information security management, agreeing to adhere to the ISACA Code of Professional Ethics, and passing the CISM exam.

What are the benefits of obtaining the CISM certification?

Benefits of obtaining the CISM certification include: demonstrating expertise in information security management, potential career advancement, increased earning potential, and increased credibility and recognition in the field.

How difficult is it to obtain the CISM certification?

The difficulty of obtaining the CISM certification can vary depending on an individual's experience and knowledge in the field of information security management.

It is recommended to prepare thoroughly for the exam by studying and utilizing resources such as ISACA's study materials.

How long does it take to get the CISM certification?

The time it takes to get the CISM certification can vary depending on an individual's preparation and study time. It is recommended to allow sufficient time to study and prepare for the exam before scheduling it.

What are the best CISM certification alternatives?

Alternative certifications in the field of information security management include the Certified Information Systems Security Professional (CISSP) and the Certified in the Governance of Enterprise IT (CGEIT).

It is recommended to research and compare different certifications to determine which best aligns with an individual's career goals and experience.

Conclusion

In summary, the CISM certification is a highly respected and in-demand certification in the field of information security management.

It can lead to career advancement and increased earning potential, with an average salary of $131,209 per year. The certification process includes passing the CISM exam, fulfilling work experience requirements, and paying a certification fee.