Certified Information Security Manager (CISM) is a certification for information security managers awarded by ISACA (formerly the Information Systems Audit and Control Association). To gain the certifications, individuals must pass a written examination and have at least five years of information security experience with a minimum three years of information security management work experience in particular fields.
The intent of the certification is to provide a common body of knowledge for information security management. The CISM focuses on information risk management as the basis of information security. It also includes material on broader issues such as how to govern information security as well as on practical issues such as developing and managing an information security program and managing incidents.
The point of view in the certification is that of widely accepted cross-industry best practices, where information security gets its justification from business needs. The implementation includes information security as an autonomous function inside wider corporate governance.
The CISM certifications tends to be sought after by both CISA and CISSP certification communities. ISACA created the CISM to help foster a better fusion between IT auditing and information security perspectives.
In principle, the CISM certification is related in nature to the Information Systems Security Management Professional certification from the International Information Systems Security Certification Consortium.
In 2005, the United States Department of Defense listed CISM, CISA and CISSP as "approved" certifications for its "Information Assurance Workforce Improvement Program".
Read more about Certified Information Security Manager: Knowledge Domains
Famous quotes containing the words certified, information, security and/or manager:
“Faith means belief in something concerning which doubt is still theoretically possible; and as the test of belief is willingness to act, one may say that faith is the readiness to act in a cause the prosperous issue of which is not certified to us in advance.”
—William James (1842–1910)
“In the information age, you don’t teach philosophy as they did after feudalism. You perform it. If Aristotle were alive today he’d have a talk show.”
—Timothy Leary (b. 1920)
“It is hard for those who have never known persecution,
And who have never known a Christian,
To believe these tales of Christian persecution.
It is hard for those who live near a Bank
To doubt the security of their money.”
—T.S. (Thomas Stearns)
“I knew a gentleman who was so good a manager of his time that he would not even lose that small portion of it which the calls of nature obliged him to pass in the necessary-house, but gradually went through all the Latin poets in those moments. He bought, for example, a common edition of Horace, of which he tore off gradually a couple of pages, read them first, and then sent them down as a sacrifice to Cloacina: this was so much time fairly gained.”
—Philip Dormer Stanhope, 4th Earl Chesterfield (1694–1773)