Certified Information Security Manager

From Wikipedia, the free encyclopedia

Certified Information Security Manager (CISM) is a designation awarded by the Information Systems Audit and Control Association to individuals who pass a written examination and have at least five years of information security experience with a minimum three years of Information Security Management work experience in particular fields.

The intent that resulting in the certification is to strike a balance between business focus, computing law, IT Governance and technical risk management is being created. This process is a fusion of business imperitives with top down control designs and bottom up security technologies. ISACA's contribution is a bridge building certification called the CISM.

The CISM focuses on risk management and tends to be sought after by both CISA and CISSP certification communities. ISACA deliberately created the CISM to help foster a better fusion between IT Audit and Information Security perspectives. A complete success will lead to a better fusion between human and technical controls over data systems inside a common IT Governance framework.

In principle, the CISM certification is related in nature to the Information Systems Security Management Professional certification from Information Systems Security Certification Consortium,(ISC)2.

[edit] See also