CISM Resources

Jennifer Jeffers
July 6, 2019 by
Jennifer Jeffers


Becoming a Certified Information Security Manager (CISM) distinguishes you as having the knowledge and experience to handle today’s technological environment. CISMs understand the relationship between an InfoSec program and the broader business goals of their enterprise or industry. While cultivating their managerial skill, they become security experts in the process who have the ability function within an elite peer network of professionals. Through a successful completion of the CISM exam, you can implement your own continued education in the field while exploring an ongoing selection of exciting career opportunities. But what are the best ways to do this? How can you find what you need to take this important step? How will you know if you have the right resources? These are great questions—all with valuable answers—so, it is worth the time to think more carefully about how you can prepare yourself for this professional challenge and reap the benefits of success.

$150,040 average salary

$150,040 average salary

ISACA CISM is one of the industry's highest-paying cybersecurity certifications for 2023. Take your information security management career to new heights and enroll now to claim your Exam Pass Guarantee!

The Books

Because the CISM is a comprehensive review of five main areas: security governance, risk management, information security, programs, response management, it demands a thorough knowledge of many subjects. And of course, one of the best ways to glean this information is through the study of books written specifically for this purpose. Here is a list of some important ones you will want to consider.

1. Official ISACA Review Manual, 15th edition, eBook

Starting first with the most essential, this eBook is easy to access and only requires you have a personal device with internet connection and a PUB3-compatible e Reader that uses Adobe DRM with an Adobe Content Server ID. Once you have created a login and add the resource to your online library, you will be able to access the information immediately and begin using it to prepare yourself for the CISM exam.

Having just been updated in 2017, it is the most comprehensive manual available and offers some entire new strategies for absorbing and retaining CISM exam information.

  • Practice questions that will help you explore the key concepts and review and confirm your own learning.
  • Knowledge checks designed to reinforce important ideas from the review section
  • Case studies with real-world scenarios created for the practical application of learning, growing confidence, and gaining personal perspective.
  • Comprehensive index to help you navigate the review section and find sections with ease.

A great compliment to this eBook is the CISM Review Questions, Answers & Explanations, which provides sample content and a way to visualize the exam as a whole.

 2. Complete Guide to CISM Certification

Written by Thomas and Justin Peltier, this book was designed specifically for enhancing the experience of those taking the CISM exam and related responsibilities. As a result, it is not only a great book to use when preparing for the test—it is a great reference book for the future.

It defines the various positions and responsibilities within the profession and practically identifies the inherent security risks. Within this governance framework, it is able to focus on how CISMs handle tasks, manage stress, and use learned techniques to manage various scenarios. It covers steps and solutions for responding to incidents and even provides quizzes to test your responses. Included at the end is a 30-question workbook to prepare for the real CISM exam.

 3. CISM Certified Information Security Manager All-in-One-Exam Guide

Although this book will not be available until March 30, 2018, it promises to become a valuable resource anyone in the field. Authored by computer security expert and speaker, Peter H. Gregory, it offers complete coverage of every topic in the latest version of the CISM exam in the form of a study guide.

By integrating self-study and expert information, this book will help you develop confidence while learning applicable, practical information. If focuses primarily on the exam itself—which can be wonderfully reassuring to those about to meet the challenge—by carefully reviewing each section of governance, risk management, program development, and incident management. It is a thorough and complete resource with clear learning objectives at the start of each chapter and in-depth explanations at the end of each discussion. Because it pays such close attention to the current CISM exam being given, it has the ability to offer valuable insight and advice on what to look out for and how to succeed. Through this pragmatic discussion, readers develop a more intuitive sense of what lies ahead and better confidence in their test-taking skills.

4. The CISM Prep Guide: Mastering the Five Domains of Security Management

 Intended to be a thorough resource for those who must manage, design, oversee, and assess the information security area of any enterprise, this book by Ronald L. Krutz and Russell Dean Vines offer preparatory information as well as a business-oriented approach to success. It has become essential reading for those taking the CISM exam as well as out-of-work IT professionals who are looking to enrich and enhance their existing skills. The book is accompanied by a CD-ROM with archived test questions and answers.

Online Resources

1. ISACA Training and Certification Boot Camp

As the official boot camp for the CISM exam, this comprehensive online review reinforces existing knowledge and enriches relevant experience. It offers all of the necessary elements for preparation, including:

  • Official ISACA courseware
  • Official ISACA practice questions
  • Exam Prep Evening Review Sessions
  • Training Camp Education Guarantee

While this training camp can be taken in person, it is also offered through a web-based online service with competent, helpful instructors and and a uniquely management-focused approach to common practices. There is also a “CISM Exam Preparation Community” accessible through the ISACA website for additional support.

2. CISM Boot Camp by INFOSEC Institute

With a pass rate of 94 percent, this online training camp is considered one of the most effective in the industry. After completion of intense five day course, you will walk away with the knowledge, expertise, and confidence to successfully pass the CISM exam on the first try and begin your life as a professional. By reinforcing ISACA-sanctioned concepts through instructor-led training, the course addresses carefully addresses each area of the exam for concentrated study. Practice and review questions, an explanation manual, and sample exams are just some of the content you will find in the course which prepares student through a thorough testing of knowledge and the application of real-world solutions.

3. Online CISM Certification Exam Training

Regarded as one of the most thorough preparation experiences around, this online instruction will prepare you for the rigors of the CISM exam and related professional expectations. Last updated in 2017 (and twice yearly), it offers the most current content with over 600 practice questions and 590 narrated screens of information. One subscription provides full access and provides everything you need to pass the CISM with flying colors.

4. Megamind Training Institute

Taught by the industry’s top experts and practitioners, this training typically has limited space in their onsite program. However, their live, online course with virtual instructors is now available and can be accessed from anywhere in the world via the internet. Megamind provides innovative and cutting edge curriculum, paired with supportive, knowledgeable teachers, in a virtual classroom. Experts offer a wealth of information, knowledge, and practical experience, all of which provides an opportunity for genuine learning and application.

Practice Exam Resources

There are many practice exam resources available on the internet and in the market as well. Here are some of the best and brightest:

1. CISM Training at Skillset

Infosec Institute offers a free certification training exam program which you can access (with free profile) at . By selecting the CISM cert to start, you’ll have access to hundreds of high-quality exam-prep test questions, individual skill challenges, progressive exams, and training videos. Pro users get access to a simulated exam engine as well. A grading system will help you determine your exam readiness and identify trouble areas.

2. CISM Self-Assessment Exam by ISACA

Passing the CISM exam demands both a thorough knowledge and demonstration of the infosec world. As such, it is important to self-assess while preparing for the test and determining areas of strength and weakness. This practice test offered here has 50 questions covering all types of subject matter from real exam and offers you a way to predict future success. While it does not guarantee passing, it is a useful tool when trying to determine readiness and overall strength.

3. CISM Exam Prep Practice Test by Simplilearn

This free test can be accesssed here and can be retaken and studies as many times as necessary. Because the practice exam takes 240 minutes and has 200 multiple choice questions, however, it is recommended only when students feel fully prepared to do their best. The test can be paused at any time and will resume when indicated, but the overall exam time will be reduced accordingly.

Earn a $150,040 Salary with an ISACA CISM

Earn a $150,040 Salary with an ISACA CISM

The employment of information systems managers is projected to grow 16% by 2031. Get your ISACA CISM to launch into the field — backed with an Exam Pass Guarantee.

 4. CISM Certified Information Security Manager Exam by Exam-labs

Free and easily accessible here, this online practice test provides hundreds of updated and authentic CISM exam questions and answers. All content is regularly reviewed and refined by industry experts and ISACA professionals, who work hard to ensure all concept coverage is thorough and accurate. This self-assessment uses a friendly website with clear interface and no advertisements. It can also be accessed on a mobile device for studying-on-the-go and traveling students.

Jennifer Jeffers
Jennifer Jeffers

Jen Jeffers is a freelance writer who creates educational and historical content for the internet as well as InfoSec narratives for the deep web. Her work blends the creative with the factual to offer readers articles that are both entertaining and edifying. Although she has a strong aversion to mathematics, she is willing to research and learn about almost anything in the name of continuing education. Follow her blog The Raven Report, a history collection for the dark romantic at