Overview

This official ISACA Certified Information Security Manager (CISM) self-study e-learning course is designed to develop expertise in information security governance, risk management, program development, and incident management. Recognised globally, CISM certification demonstrates a deep understanding of security operations, compliance, and enterprise-wide security strategy.

Learners must book onto the QA ISACA CISM Exam Prep event to receive access to the e-learning materials. Within 48 hours of booking, they will receive 12 months of digital courseware, study resources, and an official ISACA CISM exam voucher. Attendance at the instructor-led event is not mandatory, but booking is required. Learners have the flexibility to reschedule their prep event if needed.

These monthly sessions, hosted by an ISACA-authorised instructor, provide guidance on study techniques, navigation of ISACA’s learning platform, and exam preparation strategies.

CISM is a DoD 8570 Baseline Certification and meets DoD 8140/8570 training requirements, making it highly valuable for professionals in cybersecurity and risk management roles.

Read more +

Prerequisites

There are no formal prerequisites for taking this course. However, to obtain CISM certification, learners must:

  • Pass the CISM examination
  • Submit a certification application and pay a $50 ISACA application fee
  • Adhere to ISACA’s Code of Professional Ethics
  • Commit to Continuing Professional Education (CPE) requirements
  • Comply with ISACA’s Information Security Standards

The CISM exam is open to anyone interested in information security, but certification requires at least five years of professional experience in information systems security, auditing, or risk management.

Target audience

This course is ideal for professionals looking to advance their careers in information security, governance, and risk management. Suitable roles include:

  • Information security managers
  • IT security professionals
  • Security consultants and auditors
  • Cybersecurity officers and risk managers
  • Compliance and governance professionals
Read more +

Delegates will learn how to

By completing this course, learners will be able to:

  • Understand the principles of information security governance and compliance
  • Implement risk management frameworks and security controls
  • Develop and manage enterprise security programs
  • Establish effective incident management and response strategies
  • Align security programs with organisational goals and business objectives
Read more +

Outline

Introduction to Certified Information Security Manager (CISM)

  • Course objectives and expectations
  • Understanding information security fundamentals
  • Goals and principles of information security

Domain 1: Information security governance (17%)

  • Introduction to information security governance
  • Developing an effective security governance framework
  • Managing third-party security relationships
  • Defining security strategy, metrics, and compliance requirements
  • Aligning security governance with business objectives

Domain 2: Information risk management and compliance (20%)

  • Risk management principles and frameworks
  • Conducting risk assessments and impact analysis
  • Asset classification and valuation
  • Security control baselines and compliance requirements
  • Implementing risk monitoring and mitigation strategies
  • Security awareness training and documentation

Domain 3: Information security program development and management (33%)

  • Developing a comprehensive security program
  • Establishing security program objectives and frameworks
  • Integrating security controls and enterprise architecture
  • Managing security operations and compliance
  • Measuring security performance and operational effectiveness
  • Addressing common security program challenges

Domain 4: Information security incident management (30%)

  • Incident response planning and execution
  • Defining incident management procedures and objectives
  • Business continuity and disaster recovery planning
  • Investigating and reporting security incidents
  • Legal and regulatory considerations
  • Adhering to the ISACA Code of Professional Ethics

Exams and assessments

This course includes an online ISACA CISM exam voucher. Learners will complete the exam independently and must meet ISACA’s certification requirements for official accreditation.

Read more +

QA is proud to be an official ISACA partner.

Why choose QA

  • Official ISACA training provider – access authorised ISACA courseware and study materials
  • Expert-led exam prep sessions – learn from certified ISACA CISM instructors
  • Flexible self-study format – study at your own pace with 12 months of access
  • Career-boosting certification – gain a globally recognised CISM qualification to advance your career

Dates & Locations

Need to know

Frequently asked questions

How can I create an account on myQA.com?

There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.

If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".

If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.

Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.

How do QA’s virtual classroom courses work?

Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.

We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.

How do QA’s online courses work?

QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course. When you book a QA online learning course you will receive immediate access to it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.

All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.

When will I receive my joining instructions?

Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.

When will I receive my certificate?

Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.

Let's talk

By submitting this form, you agree to QA processing your data in accordance with our Privacy Policy and Terms & Conditions. You can unsubscribe at any time by clicking the link in our emails or contacting us directly.