ISACA Certified Information Security Manager (CISM)

Certified Information Security Manager (CISM)

ONLINE CISM TRAINING COURSE – 3 day instructor led on-line training sessions plus additional resources to help you prepare for the CISM Exam

ISACA’s Certified Information Security Manager (CISM) certification indicates expertise in information security governance, program development and management, incident management and risk management.

Our online CISM training program is a robust, interactive way to learn the critical concepts across the 4 domains that are integral to the Certified Information Security Manager (CISM) certification exam.

Delivered over three (3) sessions, our on-line training provides the opportunity of instructor led learning as part of a group accessible from anywhere in Australia.

This training is appropriate for professionals who plan to certify, as well for those who want to deepen their information security management knowledge. This training in not just a test prep course, nor does taking the training guarantee you’ll pass your exam (hey, it’s not that easy).

Take your career out of the technical realm to management!

What’s included?

  • 3 x full day instructor led on-line training sessions
  • Official ISACA text-book
  • Access to recorded sessions at any time for up to 12 months after the course date.
  • Course materials
  • Additional summaries, crib-sheets and exam tips to help you study.

The exam is not included with this training course. Delegates must book their CISM exam separately through ISACA.

Date and Session Times:

  • Session 1 – Monday, 31st January 2022
  • Session 2 – Tuesday, 1st February 2022
  • Session 3 – Wednesday, 2nd February 2022


  • Standard Price – $1,980 inc GST
  • Early Bird Price – $1,650 inc GST (register by 10th Jan 2022)

Register here


“A very well structured delivery for a broad set of domain topics. Excellent approach of breaking up sessions and engagement with students, which meant it didn’t feel like it was dragging on. In fact, the course went by so quickly. Excellent course presenters and I feel the smaller class size allowed for a richer learning experience.” – July 2021

“Both Jodie and Tony were great. I learnt alot from them during my course and they are very approachable and easy to connect with.” – July 2021

Why train with us?

Privacy 108’s qualified trainers have been delivering privacy and security training for nearly 20 years.

All our training is delivered with a view to ensuring every student achieves their objectives whether that is up-skilling, moving into a new role or taking a certification exam.

Intended Audience

Who should attend?

  • Data Protection and Privacy Manager and Officers
  • Privacy Project Managers
  • Auditors
  • Legal Compliance and Risk Officers
  • Security Managers
  • Information Managers
  • Anyone involved with privacy or data protection processes and programmes

The CISM Exam

The Certified Information Security Manager is formatted like so:

  • 200 questions
  • Multiple choice
  • 4 hours to complete
  • 800 marks available – 450/800 needs to be achieved in order to gain the certification

The exam is not included with this training course.  But we do lots of questions to help you prepare!


This CISM training course covers the following areas:

Introduction to Certified Information Security Manager (CISM)
• Objectives and Expectations
• What is Information Security?
• The Goals of Information Security
• Principles for Information Security Professionals

Domain 1 – Information Security Governance
• Outline
• Knowledge Statements
• Introduction to Information Security Governance
• Effective Information Security Governance
• Governance and Third Party Relationships
• Information Security Metrics
• Information Security Governance Metrics
• Information Security Strategy
• Information Security Strategy Development
• Strategy Resources and Constraints
• Other Frameworks
• Compliances
• Action Plans to Implement Strategy
• Governance of Enterprise IT

Domain 2 – Information Risk Management and Compliance
• Information Risk Management
• Task and Knowledge Statements
• Risk Management Overview
• Risk Assessment
• Information Asset Classification
• Assessment Management
• Information Resource Valuation
• Recovery Time Objectives
• Security Control Baselines
• Risk Monitoring
• Training and Awareness
• Information Risk Management Documentation

Domain 3 – Information Security Program Development and Management
• Task and Knowledge Statements
• Information Security Program Management Overview
• Information Security Program Objectives
• Information Security Program Concepts
• Information Security Program Technology Resources
• Information Security Program Development
• Information Security Program Framework
• Information Security Program Roadmap
• Enterprise Information Security Architecture (EISA)
• Security Program Management and Administration
• Security Program Services and Operational Activities
• Controls
• Security Program Metrics and Monitoring
• Measuring Operational Performance
• Common Information Security Program Challenges

Domain 4 – Information Security Incident Management
• Task and Knowledge Statements
• Incident Management Overview
• Incident Management Procedures
• Incident Management Resources
• Incident Management Objectives
• Incident Management Metrics and Indicators
• Defining Incident Management Procedures
• Business Continuity and Disaster Recovery Procedures
• Post Incident Activities and Investigation

Register now.

If you are interested in taking this course or would like further information, register here or please contact us via the form below.

  • This field is for validation purposes and should be left unchanged.