CISM Certified Information Security Manager: Exams and Stuff


The CISM exam is set, conducted and marked by ISACA.  All exams will be conducted online via computer-based testing centres around the world.

For more information please refer to the exams page on the ISACA website

Click this link to check available exam dates.

Exam Registration

You can book your exam with ALC or direct with ISACA (see above).

If you wish to book the exam with ALC and have both course and exam on the one invoice, please indicate “CISM Course + Exam” in the COMMENTS field when making your online registration and select the PAY BY INVOICE option (do not select the Pay By Card option). We will contact you with full details of what is involved.


Qualifying for CISM requires a combination of four “e’s”: experience, ethics, education and examination. Specifically, the requirements are:

For detailed information on if you have the relevant full-time work experience* in the CISM Job Practice Areas, please visit the following page: ISACA – “How to Become CISM Certified”.

The CISM certification program recognises the achievement of the CISSP credential as a baseline representation that an individual has gained general information security skill and knowledge, just as it does with individuals who have earned a CISA. As such, CISSPs receive a two-year general information security experience waiver. However, CISSPs will not be eligible to earn a CISM unless they have the required experience and can demonstrate proficiency and practical knowledge in the role of an information security manager.

Holders of other, more specialised credentials, such as the SANS Global Information Assurance Certification (GIAC), Microsoft Security Systems Engineer (MCSE), CompTIA Security + Credential and the Disaster Recovery Institute Certified Business Continuity Professional (CBCP) also can receive a one-year general information security experience waiver.