ISACA · CISM

CISM

CISM focuses on information security management — ideal for those managing enterprise information security programs. The four domains span governance, risk, program development, and incident management. Pairs naturally with CRISC for risk/audit professionals stepping into security leadership.

150 questions, 4 hours, computer-based Pass: 450 / 800 4 domains

Domains

4 domains

Domain 1 — Information Security Governance
120 min

17%
Domain 2 — Information Security Risk Management
140 min

20%
Domain 3 — Information Security Program
220 min

33%
Domain 4 — Incident Management
200 min

30%

Practice exams

No quizzes yet for this track.