Special Notices

QA is proud to be an official ISACA partner.

ISACA partner

To help with your studies, you will receive the following when booking this course with QA:

  • ISACA CISM Review 15th Edition Manual
  • ISACA CISM Exam Prep Tool
  • ISACA CISM Exam Voucher

ISACA digital eBook

ISACA eBooks can be read on your laptop, iPad, iPhone, Android devices, and any other devices that support Adobe® Digital Editions. If you will be accessing your eBook on a computer, use Adobe Digital Editions. If you will be accessing your eBook on a portable device, such as an iPad or a mobile phone, use Bluefire Reader. You must have an Adobe ID to utilise either reader. If you do not already have an Adobe ID, you can establish one during either download process. Download ISACA approved free eBook reader Adobe Digital Editions and / or Bluefire Reader. If you are unable to use these digital readers, please advise QA and you will be sent a hard copy book.


This Official ISACA Certified Information Security Manager (CISM) training course focuses on the construction, development, and governance of information security operations. Possession of this certification displays precise knowledge, practice, and copious amounts of experience in the realm of information security management. This CISM training course takes into account practical issues, like the creation of information security programs, and incident management, whilst promoting security practices used globally. CISM teaches delegates how to tailor ever-changing technology to their enterprises. This enables the enterprises to emerge as a valuable organisation and may expand their clientele due to their implementation of CISM certified individuals.

The demand for skilled information security management professionals is increasing, hence this ISACA CISM certification fulfils business needs. CISM has been accepted as the universal standard to strive towards within the sphere of information security, thus depicting the qualification as a prominent representation of expertise and commitment. This causes CISM holders to be identified as the most certified professionals in the information security realm and means delegates can recognise the link between information security programs and the larger goals of the organisation.

The four domains are as follows:

  1. Information Security Governance
  2. Information Risk Management and Compliance
  3. Information Security Program Development and Management
  4. Information Security Incident Management

Target Audience

CISM certification is a globally recognised professional requirement in the IT Security domain. This certification is best suited for:

  • Security consultants and managers
  • IT directors and managers
  • Security auditors and architects
  • Security systems engineers
  • Chief Information Security Officers (CISOs)
  • Information security managers
  • IS/IT consultants
  • Chief Compliance/Privacy/Risk Officers

The above list is a suggestion only; individuals may wish to attend based on their own career aspirations, personal goals or objectives. Delegates may take as few or as many Intermediate qualifications as they require, and to suit their needs.

This course includes the official ISACA CISM Exam and the official ISACA Exam Prep Tool.


There are no prerequisites to learn CISM from this tutorial. However, to get the CISM certification you need to:

  • Pass the CISM examination
  • Submit an application for CISM certification
  • Adhere to the Code of Professional Ethics
  • Dedicate to the Continuing Professional Education Program
  • Compliance with the Information Security Standards

The examination is open to all individuals who have an interest in information security. A minimum of 5 years of professional information systems auditing, control or security work experience is required for the CISM certification.

Learning Outcomes

This CISM course will give you the requisite skillsets to design, deploy and manage security architecture for your organisation. The course is aligned with ISACA best practices and is designed to help you pass the CISM exam on your first attempt. Enterprises and government agencies increasingly expect their IT professionals to hold a CISM certification, and it is considered essential to ongoing education and career development. This course will see that you are well-equipped to manage the ongoing security, compliance and governance of your IT organisation.

Course Outline

This CISM training course covers the following areas:

  • Introduction to Certified Information Security Manager (CISM)
  • Objectives and Expectations
  • What is Information Security?
  • The Goals of Information Security
  • Principles for Information Security Professionals

Domain 1 – Information Security Governance

  • Introduction to Information Security Governance
  • Effective Information Security Governance
  • Governance and Third Party Relationships
  • Information Security Metrics
  • Information Security Governance Metrics
  • Information Security Strategy
  • Information Security Strategy Development
  • Strategy Resources and Constraints
  • Other Frameworks
  • Compliances
  • Action Plans to Implement Strategy
  • Governance of Enterprise IT

Domain 2 – Information Risk Management and Compliance

  • Information Risk Management
  • Risk Management Overview
  • Risk Assessment
  • Information Asset Classification
  • Assessment Management
  • Information Resource Valuation
  • Recovery Time Objectives
  • Security Control Baselines
  • Risk Monitoring
  • Training and Awareness
  • Information Risk Management Documentation

Domain 3 – Information Security Program Development and Management

  • Information Security Program Management Overview
  • Information Security Program Objectives
  • Information Security Program Concepts
  • Information Security Program Technology Resources
  • Information Security Program Development
  • Information Security Program Framework
  • Information Security Program Roadmap
  • Enterprise Information Security Architecture (EISA)
  • Security Program Management and Administration
  • Security Program Services and Operational Activities
  • Controls
  • Security Program Metrics and Monitoring
  • Measuring Operational Performance
  • Common Information Security Program Challenges

Domain 4 – Information Security Incident Management

  • Incident Management Overview
  • Incident Management Procedures
  • Incident Management Resources
  • Incident Management Objectives
  • Incident Management Metrics and Indicators
  • Defining Incident Management Procedures
  • Business Continuity and Disaster Recovery Procedures
  • Post Incident Activities and Investigation
  • ISACA Code of Professional Ethics
  • Laws and Regulations
  • Policy Versus Law Within an Organisation
  • Ethics and the Internet IAB
  • Certified Information Security Manager
Online exam voucher

Cyber Security Learning Paths

Want to boost your career in Cyber Security? Click on the roles below to see QA‘s learning pathways, specially designed to give you the skills to succeed.

= Required
= Certification
Cyber Management
Cyber Tech
Security Auditor
Intrusion Analyst
CompTIA Security Includes Security+, CySA+ and CASP
Industrial Control Systems & Operational Technology Technical
Industrial Control Systems & Operational Technology Management
Cyber Management Average salary: £80,000*

Total individual course price: £6,090 ex VAT

Bundle price: £5,175 ex VAT

Saving: £915

12 days

Buy bundle View bundle
Cyber Tech Average salary: £72,000*

Total individual course price: £7,555 ex VAT

Bundle price: £6,425 ex VAT

Saving: £1,130

14 days

Buy bundle View bundle
Privacy Average salary: £55,000*

Total individual course price: £6,630 ex VAT

Bundle price: £5,635 ex VAT

Saving: £995

11 days

Buy bundle View bundle
AppSec Average salary: £67,250*

Total individual course price: £6,855 ex VAT

Bundle price: £5,825 ex VAT

Saving: £1,030

7 days

Buy bundle View bundle
Security Auditor Average salary: £65,000*

Total individual course price: £6,560 ex VAT

Bundle price: £5,575 ex VAT

Saving: £985

13 days

Buy bundle View bundle
Intrusion Analyst Average salary: £65,000*

Total individual course price: £7,445 ex VAT

Bundle price: £6,330 ex VAT

Saving: £1,115

11 days

Buy bundle View bundle
CompTIA Security Average salary: £57,000*

Total individual course price: £7,260 ex VAT

Bundle price: £6,170 ex VAT

Saving: £1,090

14 days

Buy bundle View bundle
Key for bundle contents
= Exam Preparation
= Exam
= Practice Exam
= Exam Voucher
= Tutor Support
= Pre Course Work
*This is based on QA research