CISM-Certified Information Security Manager
The CISM (Certified Information Security Manager) is specifically designed for professionals who have moved—or are looking to move—beyond the technical implementation of security into the management and governance of an enterprise's information security program.
Write your awesome label here.
CISM Exam Domains
- Domain 1: Information Security Governance (17%)
Focuses on aligning the security strategy with the business goals and establishing the frameworks, roles, and responsibilities needed to oversee security.
Domain 2: Information Security Risk Management (20%)
Involves identifying, assessing, and prioritizing risks. This domain focuses on selecting appropriate "treatments" (avoid, transfer, mitigate, or accept) based on organizational risk appetite.
• Domain 3: Information Security Program Development and Management (33%)
The largest portion of the exam. It covers building and managing the actual security program, including resource management, budgeting, and control implementation.
• Domain 4: Information Security Incident Management (30%)
Focuses on readiness and response. This includes developing incident response plans, conducting post-incident reviews, and ensuring business continuity during a disruption.
- Domain 1: Information Security Governance (17%)
4157 SW 4th Street, Plantation, Fl 33317
Phone number: (754) 423-7352
Copyright © 2024