Cy Certified Information Security Manager (CISM)

Course Code: CISM4SEC



4 Day(s)

Course Type

Public or Private

Max Delegates


Delivery Style


Learn the key skills and areas for a Certified Information Security Manager and prepare for the exam component of this sought-after qualification.

This course is intended to prepare delegates for the Certified Information Security Manager exam and exposes them to the job practices associated with this challenging role. It covers the key areas prescribed by the syllabus for the exam and discusses the concepts and process that someone performing this job would be expected to understand.

Book Your Course

Start Date









WR1 - Worcester, WR1 3EE



Course confirmed - Guaranteed to run
Course Full/Limited availability
Price shown excluding VAT.

Book a Private Event

If you require the content of this event tailored or have around 7 or more people to train it maybe better for you to host a Private Event, please get in touch to discuss this.

Get in touch


Who is this course for

Delegates wishing to enhance their understanding of information security and work towards the Certified Information Security Manager qualification.

Purpose of the course

To give delegates a greater insight into the job practices and activities associated with the role of the Certified Information Security Manager and to prepare them for the associated exam.

You will learn how to

Understand and use the four job practices:

  • Governance setting

  • Risk management

  • Information security program management

  • Information security incident management


Possessing and understanding of the core concepts and practices associated with Information Security is essential as this is not a beginners course in Information Security. Attending an introductory course such as Quanta's Cyber Matters, the CompTIA Security+, RESILIA Foundation or equivalents is strongly advised for those new to the sector prior to attending this course.

Benefits for you as an individual

Better understanding of the role and activities related to information security management and preparation for the associated exam

Benefits for your organisation

Staff that better understand the importance of information security in the business context. A greater alignment of information security and business objectives and staff that are better equipped to prepare for and manage the range of security challenges that organisations face.

Introducing the Certified Information Security Manager

  • Role of the Certified Information Security Manager.
  • Purpose of the job practices.

Information Security Governance

  • Understand the following regarding governance:
    • Purpose of information security governance.
    • Understand its make up and how to achieve it.
    • Purpose of the information security strategy.
    • Understand the objectives, content and creation of the strategy.
    • Understand the meaning, content and creation of policies, standards, procedures and guidelines.
    • Development of business cases and gaining commitment from senior management for the information security program.
    • Define governance metrics requirements, selection of them and their creation.

Information Security Risk Management

  • Understand the following regarding governance:
    • Recognise the importance of risk management in meeting business needs.
    • Supporting the development of an information security program to align with business needs.
    • Understand methods of identifying, prioritising and responding appropriately to risk.
    • Evaluate and assess information security controls and assure fitness for purpose.
    • Report effectively on the status of risks within the organisation.

Managing Information Security Incidents

  • Understand the following regarding the management of security incidents:
    • The lifecycle of information incident management: Identifying, analysing, managing and responding to unexpected negative information security events.
    • Identify the components of an incident response plan.
    • Evaluate the effectiveness of an incident response plan.
    • Recognise the relationship between incident response, disaster recovery and business continuity planning.

Additional Exam Information

The cost of the exam is not included and any exam needs to be booked independently by the delegate using the ISACA website.

Exam Length: 240 minutes
No. of Questions: 150
Pass is 450 from between 200 and 800 and is not a strict average or percentage.

Other requirements such as registering for the qualification, signing the code of ethics and meeting the ISACA requirements for the designation of CISM are also required over and above passing this exam.


Familiarisation with the syllabus and the broader requirements is essential. Please see course prerequisites for more information regarding learning and courses that may be beneficial.

Get Started

Forget trawling through endless course catalogues – Find the training that’s right for you

Learn More

Latest from our blog

Kanban and Agile: Bridging the Gap

Kanban and Agile: Bridging the Gap Quanta’s Kanban University Certified Trainer Steve Church explores the way in which Agile and…
Read More

How a Ballerina could move into Cybersecurity

Jason Ford, Quanta Cybersecurity and IT Trainer talks about the limitations in Cybersecurity Training courses. Jason discusses a safe and…
Read More

Boost Team Performance and Productivity: Unlocking the Advantages of Emotionally Intelligent Leadership

Quanta People Development and Leadership Trainer, Giles Collins outlines the key elements of Emotionally Intelligent Leadership and how it impacts…
Read More