According to ISACA, the CISM certification is changing to reflect the new CISM job practice analysis. (Source: ISACA’s CISM Review Manual 2012 p. iii) ISACA
Incident management (IM) is a necessary part of a security program. When effective, it mitigates business impact, identifies weaknesses in controls, and helps fine-tune response
CISM Chapter 5 – Incident Management and Response Incident Management and Response (IM&R) accounts for 14 percent of the CISM exam or about 28 questions.
CISM Chapter 4 – Information Security Program Management (ISPM) In Chapter 3 we talked about Information Security Program Development, in Chapter 4 we’re going to
CISM Chapter 3 – Information Security Program Development (ISPD) ISPD accounts for 17 percent of the CISM exam or about 34 questions. In 2010, ISACA
CISM Chapter 2 – Information Risk Management (IRM) IRM accounts for 22 percent of the CISM exam or about 44 questions. In 2010, ISACA reorganized
There are eight (8) task statements for ISG and twenty (20) knowledge statements. The eight task statements are covered in this post by Ken
ISACA’s 2011 CISM fits into DoD 8570.01-M as satisfying IAM Level II The exam consists of 5 domains as follows: Domain 1: Information Security Governance