Complete Guide to CISMÐ® Certification describes the tasks performed by information security managers and offers the necessary knowledge to manage, design, and oversee an information security program. The author explains each task and related knowledge statement, as well as applicable information security management principles, practices, and strategies. The book also covers the areas of information security governance, risk management, information security program management, information security management, and response management. With definitions and practical examples, this text is ideal for information security managers, IT auditors, and network and system administrators.
The Certified Information Security Manager® (CISM®) certification program was developed by the Information Systems Audit and Controls
Association (ISACA®). It has been designed specifically for experienced information security managers and those who have information security management responsibilities. The CISM® certification is for the person who manages, designs, oversees, or assesses an organization’s information security program. The CISM® certification references international practices such as ISO guidelines, NIST guidelines, and others.
Certification has provided a positive effect on many careers as well as providing many benefits for employers. The Certified Information Security Manager is designed to provide executive management with assurance that those earning the designation have the required knowledge and ability to provide effective security management and consulting. The certification process examines the qualifications for the candidate in five functional areas (security governance, risk management, information security program management, information security management, and response management).