How to Ace the CISM Exam in 2023
By Alex • Updated Jan 15, 2023
Overview | Exam Guide | Courses
Are you looking to become a Certified Information Security Manager? If so, you're in luck! In this blog post, we will outline the steps that you need to take in order to ace the CISM exam.
We'll provide tips on how to study for the exam and what to expect on test day. So whether you're just starting out on your studying journey or are nearing the finish line, this guide will help you get there!
Step 1: Create a study plan
The first step to preparing for the CISM exam is to create a study plan. This may seem unnecessary at first, but making a plan will ensure you pass the exam with the least amount of study time possible. It will also give you peace of mind during the entire process.
Most exam taker reports - such as these from Michael Caine and Jeremiah Walker - estimate that you can pass the CISM exam with around 50 hours of total studying time.
With that in mind we created a study plan that you can copy and use for yourself:
Step | Required time |
1. Get to know the exam syllabus | 2 hours |
2. Understand the exam format | 1 hour |
3. Study the core concepts | 35 hours |
4. Take mock exams | 10 hours |
5. Prepare for exam day logistics | 2 hours |
Keep in mind that amount of days you need to prepare for the exam depends on how many hours you can study per day. We recommend planning for anywhere between 1 week (8 hours of studying per day) to 2 months (1 hour of studying per day) before taking the exam.
The easiest way to make sure you stay on track is to create a recurring study blocker in your calendar.
Step 2: Get to know the exam syllabus
The next step is to familiarize yourself with the exam syllabus. This will help you understand what topics you need to focus on when studying.
The core domains that are covered in the CISA exam are:
Domain | Weight |
1. Information Security Governance | 17% |
2. Information Security Risk Management | 20% |
3. Information Security Program | 33% |
4. Incident Management | 30% |
More details on the individual domains can be found on the official ISACA CISM Exam Content Outline page.
If you are a visual learner we highly recommend creating a mind-map of the syllabus and annotating it while you’re learning the core concepts in step 4. You can check out this free mind-map to get you started:
Step 3: Understand the exam format
Early in your study journey, you should understand the exam format so that you can study accordingly.
The latest CISM exam has the following format:
Exam duration | 4 hours |
Number of questions | 150 questions |
Question format | Multiple choice |
Minimum passing score | 450 (on a scale from 200 to 800 points) |
Exam languages | Chinese Simplified, English, Japanese, Spanish |
Testing providers |
More details on the exam format can be found in the official Exam Candidate Guide.
Step 4: Study the core concepts
Once you know what topics are covered on the exam and what the format is, it's time to start studying. This is where you should spend most of your preparation time.
There are a lot of great resources available to help you learn the material:
Find an on-demand course
On-demand courses are a great way to learn the concepts covered in the exam. Many of these courses are taught by experienced instructors who can help you understand the material.
Check out our article on the 5 best CISM courses here.
Find a live class
Live classes are another option for studying the concepts. These courses are typically more expensive than on-demand courses, but they offer the benefit of live interaction with an instructor.
You can get expert-led virtual training directly from ISACA via its website.
Find a book
Books are another popular study option. We recommend searching Amazon for the top-rated book on this certification. Just make sure that they are up to date with the latest exam version.
The CISM Review Manual, 16th Edition offered by ISACA is our top pick:
Irrespective of which study options you chose, make sure you understand all of the concepts and how they apply to real-world situations.
Step 5: Practice with mock exams
After you have studied the concepts, it is time to take some practice exams.
This will help you gauge your understanding of the material and identify any areas where you need more study. Practice exams will also help you get used to the question format on the exam.
There are many different practice exams available online.
If you answer incorrectly during a practice exam, mark the question and the answer for later review.
We also recommend creating an error log where you list all of your mistakes and the correct answer.
If you notice that you are lacking in one of the core concepts, go back to the study resource you used in step 4 and make sure to fill the gaps.
It’s very important that you don’t just memorize but understand the concepts.
Step 6: Take the exam
The day of the exam can be nerve-wracking. To avoid any unpleasant surprises make sure to prepare for exam day logistics.
First of all, you should get a good night's sleep and eat a healthy breakfast. Below are some additional tips depending on if you are taking the exam online or in a test center.
Prepare for an online exam
- Review your program’s test policies including which IDs are accepted
- Make sure you have the right computer equipment
- Run a system test via the PSI Online Proctoring System Check
- Prepare your testing space
- Familiarize yourself with the online check-in process
You can find additional tips and explanations in the official PSI online proctoring guide.
Prepare for a test center exam
- Research the required documents
- Dress comfortably
- Bring earplugs
- Plan to arrive early
- Familiarize yourself with the check-in process
Check out the official PSI website for more tips.
Now that you know how to prepare for the CISM exam, it's time to get started! Good luck!