(Customised for Hyderabad for June 2010 Exam)
Thanks for showing interest in ISACA and CISM.
Here are the most frequently asked questions,
which we hope will clarify most of your doubts. In case you need
further details you can log on to isaca.org/cism
CISM stands for Certified Information Security Manager.It is a globally accepted certification exam
conducted by ISACA twice a year – June and December. The mark of
excellence for a professional certification program is the value and
recognition it bestows on the individual who achieves it.
CISM is unique in the information security credential
marketplace because it is designed specifically and exclusively for
individuals who have experience managing an information security
program. The CISM certification measures an individual’s management
experience in information security (IS) situations, not the
individual’s general practitioner skills. A growing number of
organizations are requiring or recommending that employees become
certified. To help ensure success in the global marketplace, it is
vital to select a certification program based on universally accepted
information security management practices. CISM delivers such a
program. Those who hold this designation join a network of
professionals known for their expertise in information security
management, IT governance and risk management.
With more than 86,000 constituents in more than 160
countries, ISACA® (www.isaca.org) is a leading global provider of
knowledge, certifications, community, advocacy and education on
information systems assurance and security, enterprise governance of
IT, and IT-related risk and compliance. Founded in 1969, ISACA sponsors
international conferences, publishes the ISACA® Journal, and
develops international information systems auditing and control
standards. It also administers the globally respected Certified
Information Systems Auditor™ (CISA®), Certified Information
Security Manager® (CISM®) and Certified in the Governance of
Enterprise IT® (CGEIT®) designations.
ISACA developed and continually updates the COBIT®, Val
IT™ and Risk IT frameworks, which help IT professionals and enterprise
leaders fulfill their IT governance responsibilities and deliver value
to the business.
The exam is open to all. There are no
eligibility requirements.Software
professionals, Chartered Accountants, auditors, Banking professionals,
executives and government officials take up this exam for its
applicability, international recognition, career enhancement options,
and for improving their organizational systems.
Please visit www.isaca.org/cismexam.In this page, you see links
for Registration as well as other info relating to the exam.There is also a FAQ section. You can download
the Bulletin of Information regarding the CISM Exam from http://www.isaca.org/cismboi.
CISM exam
is generally held on the second Saturday of June and December each
year. The
next exam is scheduled for Saturday, 12 June 2010. The last date for
registration with early bird incentive is 10 February, 2010 and the
final
registration deadline is 7 April, 2010.
Exam fee is dependent on whether you are paying online or
offline and also when you are registering for the examination. Online
payments have a $50 rebate in the exam fee. In addition, you are also
entitled to a $50 early bird incentive in case you register before
August 19, 2009.
You can also explore becoming a member and register for the
exam simultaneously. On becoming a member online and paying the
registration fee simultaneously, you have to pay a marginally higher
amount, but by paying this higher amount, you become entitled to all
membership benefits including the ISACA Journal, access to the online
ISACA Library, concession at the Local Chapter CISM Review Class and
also attendance at the local chapter events. For more details of
membership benefits refer to www.isaca.org/benefits.
Details of fee payable and the comparison are given in the
table below.
Particulars
Total cost including Membership Fee US$
Exam Fee for non-member
New Member
Processing Fee, Annual Fee and Local Chapter Fee
Exam Fee for
member
Total
Online
payment upto 10 February 2010
160
(membership
period ends Dec 31, 2010)
365
525
495
Online
payment between 11 February and 7 April, 2010
160
(membership
period ends Dec 31, 2010)
395
575
545
Offline
payment upto 10 February, 2010
180
(membership
period ends Dec 31, 2010)
415
595
545
Offline
payment between 11 February and 7 April, 2010
Yes the
exam test location can be changed upto 16 April, 2010 without a charge
and
between 17 April and 23 April with a US $ 50 charge. No change will be
allowed
after 23 April 2010.
One can either withdraw from appearing for
the exam or defer taking the exam to a future date. There
is a scheme for deferring the exam on payment of a fee.The exam can then be taken at the next
opportunity.Full details are available at
http://www.isaca.org/examdefer.
The paper consists of 200
multiple-choice questions to be answered in 4 hours,
covering five chapters viz.
Information
security governance (23
percent)—Establish and maintain a framework to provide assurance that
information security strategies are aligned with the business
objectives and consistent with applicable laws and regulations.
Information
risk management (22
percent)—Identify and manage information security risks to achieve
business objectives.
Information
security program development (17
percent)—Create and maintain a program to implement the information
security strategy.
Information
security program management (24
percent)—Oversee and direct information security activities to execute
the information security program.
Incident
management and response (14
percent)—Plan, develop and manage a capability to detect, respond to
and recover from information security incidents.
Candidate scores are reported
as a scaled score.A scaled score is a
conversion of a
candidate’s raw score on an exam to a common scale.ISACA uses and reports scores on a common
scale from 200 to 800.A candidate must
receive a score of 450 or higher to pass the exam.
a)ISACA
publishes CISM Review Manual (CRM) every year and that is the
basis for
starting studies.It is
available for purchase from www.isaca.org.The cost is $85 for members, and $115 for
non-members.
b)The CISM Practice
Questions Database (CD-ROM)Cost: $120 for members, and $165 for
non-members.It combines
the
550 questions, answers and explanations.This helps you to understand how exam
questions are framed.Website download is
also available.
Read,
read, read… Understand
the
subject; Highlight important points; if you are used to group
study,
please do so.Group study does help in
sustaining momentum / motivation, sharing of knowledge and
understanding
various perspectives.Primarily, the
exam tests your conceptual understanding of various technologies,
processes,
risks, controls, audit and governance techniques.
Generally,
it takes three to six months (2 hours of study a day) to prepare and be
confident of facing the exam, depending on the individual’s experience
and
exposure to the content areas, and grasp of new concepts.It is best to complete one reading of CISM
Review Manual in the first 2 months.One
idea would be to take a dummy test first (of say 50 questions, to see
where you
stand), then, after one reading of CRM take the same test again and see
the
improvement made.It is preferable to
take tests after studying each chapter, and then retake these tests
after a gap
of one month to see if any mistakes have been repeated.These will be the concepts that you have to
get right.
The
Hyderabad Chapter of ISACA conducts a quick refresher class for 4 full
days
sometime in September on two consecutive Saturday and Sundays. The
class also
includes a mock test and discussion on the answers for the mock test.
Classes
are conducted by experienced faculty who have passed the exam and have
experience in their respective domains.
The
cost for the classes conducted by the Chapter is yet to be finalized
but will
be approximately Rs. 6,000.
