Certified Information Security Manager (CISM) is a certification for information security managers awarded by ISACA (formerly the Information Systems Audit and Control Association). To gain the certifications, individuals must pass a written examination and have at least five years of information security experience with a minimum three years of information security management work experience in particular fields.
The intent of the certification is to provide a common body of knowledge for information security management. The CISM focuses on information risk management as the basis of information security. It also includes material on broader issues such as how to govern information security as well as on practical issues such as developing and managing an information security program and managing incidents.
The point of view in the certification is that of widely accepted cross-industry best practices, where information security gets its justification from business needs. The implementation includes information security as an autonomous function inside wider corporate governance.
The CISM certifications tends to be sought after by both CISA and CISSP certification communities. ISACA created the CISM to help foster a better fusion between IT auditing and information security perspectives.
In principle, the CISM certification is related in nature to the Information Systems Security Management Professional certification from the International Information Systems Security Certification Consortium.
In 2005, the United States Department of Defense listed CISM, CISA and CISSP as "approved" certifications for its "Information Assurance Workforce Improvement Program".
Read more about Certified Information Security Manager: Knowledge Domains
Famous quotes containing the words certified, information, security and/or manager:
“Faith means belief in something concerning which doubt is still theoretically possible; and as the test of belief is willingness to act, one may say that faith is the readiness to act in a cause the prosperous issue of which is not certified to us in advance.”
—William James (1842–1910)
“Knowledge is of two kinds. We know a subject ourselves, or we know where we can find information upon it.”
—Samuel Johnson (1709–1784)
“Learned institutions ought to be favorite objects with every free people. They throw light over the public mind which is the best security against crafty and dangerous encroachments on the public liberty.”
—James Madison (1751–1836)
“I knew a gentleman who was so good a manager of his time that he would not even lose that small portion of it which the calls of nature obliged him to pass in the necessary-house, but gradually went through all the Latin poets in those moments. He bought, for example, a common edition of Horace, of which he tore off gradually a couple of pages, read them first, and then sent them down as a sacrifice to Cloacina: this was so much time fairly gained.”
—Philip Dormer Stanhope, 4th Earl Chesterfield (1694–1773)