Contact: news@isaca.

org
Kristen Kessinger, +1.847.660.5512
Joanne Duffer, +1.847.660.5564
Certified Information Security Manager (CISM) Fact Sheet
http://www.isaca.org/cism
Sought after by experienced information security managers, the CISM certification is a
groundbreaking credential earned by more than 28,000 professionals since it was
established in 2002. The management-focused CISM is the globally accepted
achievement for individuals who develop, build and manage enterprise information
security programs. CISM retention is more than 95 percent.
CISM Certification Requirements
To earn the CISM certification, candidates are required to:
Pass the CISM examination (offered worldwide every June, September and
December, in 4 languages and at more than 250 locations)
Submit proof of five years of work experience in the field of information security,
with at least three years in the role of information security manager
Adhere to ISACAs Code of Professional Ethics
Agree to comply with the CISM Continuing Education Policy
CISM in the Workplace
More than 8,600 are security directors, managers, consultants and related staff.
More than 3,500 are IT directors, managers, consultants and related staff.
More than 3,200 are employed in managerial, consulting or related positions in IT
operations or compliance.
More than 2,500 serve as audit directors, managers, consultants and related
staff.
More than 2,500 serve as CIOs, CISOs, or chief compliance, risk or privacy officers.
More than 700 are CEOs, CFOs or equivalent executives.
More than 200 serve as chief audit executives, audit partners or audit heads.
CISM Recognition
CISM is among the highest-paying IT certifications in Foote Partners IT Skills and
Certification Pay Index (ITSCPI) for the quarter ending 1 April 2015.
CISM is the highest-paying certification for 2015 in Certification Magazines

Jobs and Salary Annual Salary Survey.

CISM is the second-highest-paying certification for the second consecutive year,

according to Global Knowledges 2015 IT Skills and Salary Survey.
CISM is among the qualifications looked for when recruiting staff, according to
the UK Governments 2014 Cyber Security Skills Report.
CISM is listed as a prerequisite for the Australian Government iRAP certification.

CISM is accredited by the American National Standards Institute (ANSI) under

the International Standard ANSI/ISO/IEC 17024.
SC Magazine selected CISM as a finalist of the 2014 Best Professional
Certification Program in the Professional Awards category for the fourth year in
a row.
The Australian Signals Directorate listed CISM as a prerequisite for its
Information Security Registered Assessor Program.
Devry encourages earning the CISM (the only certification listed) on its
infographic, A Path to a Secure FutureYour Cyber Security Career Roadmap.
Global Knowledge listed CISM as the CyberSecurity certification for 2013 in
Eight Emerging IT Certifications For 2013.

CISM in the News

A Dice.com article titled Cyberattacks Focus Employers on Security

Certifications states that CISM tells employers that you have the
formalized training and experience to understand the vulnerabilities out
there today.

Certification Magazine ~ Seven security certifications to set your sights on

notes that earning the CISM credential can be a great way to pave the path from
security technologist to security manager.
CSO ~ Hot security skills of 2013 notes that technical certifications like CISM
are helpful for CSOs in the workplace.
The Heritage Foundation ~ A Congressional Guide: Seven Steps to U.S.
Security, Prosperity, and Freedom in Cyberspace, encourages an increase in
the number of IT professionals with security certifications such as CISM.
CIO Magazine ~ In 23 IT Certifications That Mean Higher Pay, ISACAs CISM
certification is listed, based on data from Foote Partners LLCs latest IT Skills and
Certifications Pay Index.