- • May 27–29, 2026 · Live Remote Online
- • Jul 20–22, 2026 · Live Remote Online
- • Jul 27–29, 2026 · Live Remote Online
- • Aug 24–26, 2026 · Live Remote Online
- • Oct 5–7, 2026 · Live Remote Online
CISM Training
Course Duration
3 Days
Audience
Employees of federal, state and local governments; and businesses working with the government.
Prerequisites
Five years of experience with audit, IT systems, and security of information systems; systems administration experience; familiarity with TCP/IP; and an understanding of UNIX, Linux, and Windows. This advanced course also requires intermediate-level knowledge of the security concepts covered in the Security+ certification.
Course Description
Information Systems Audit and Control Association (ISACA) provides three testing opportunities each year, so we developed this Certified Information Security Manager (CISM) exam prep course to help you get it right the first time. The course focuses on advanced risk management and specific compliance and security management operations.
Learning Objectives
- In-depth coverage of the four domains required to pass the CISM exam:
- Information Security Governance
- Information Risk Management and Compliance
- Information Security Program Development and Management
- Information Security Incident Management
Course Outline
Course Topics
- Preparation for the CISM exam
- Submitting Required Paperwork
- Resources and Study Aids
- Passing the Exam the First Time
- Asset Identification
- Risk Assessment
- Vulnerability Assessments
- Asset Management
- Asset Classification and Ownership
- Structured Information Risk Assessment Process
- Business Impact Assessments
- Change Management
- Information Security Strategy
- Program Alignment of Other Assurance Functions
- Development of Information Security Architectures
- Security Awareness, Training, and Education
- Communication and Maintenance of Standards, Procedures, and Other Documentation
- Change Control
- Lifecycle Activities
- Security Metrics
- Security Program Management Overview
- Planning
- Security Baselines
- Business Processes
- Security Program Infrastructure
- Lifecycle Methodologies
- Security Impact on Users
- Accountability
- Security Metrics
- Managing Resources
- Response Management Overview
- Importance of Response Management
- Performing a Business Impact Analysis
- Developing Response and Recovery Plans
- The Incident Response Process
- Implementing Response and Recovery Plans
- Response Documentation
- Post-Event Reviews
- Final Review and Test Prep
Frequently Asked Questions
What is CISM certification and who should pursue it?
CISM (Certified Information Security Manager) is an ISACA certification that validates expertise in information security management, governance, risk management, and incident response. It is designed for security managers, IT directors, and professionals who manage or oversee an organization's information security program. CISM is widely recognized in federal agencies, DoD, and the private sector as a benchmark for security management expertise.
How long is IT Dojo's CISM training course?
IT Dojo's CISM training is a 3-day instructor-led course. It is available as live remote online training or on-site at your location. The course is structured as focused exam preparation, covering all four CISM domains: Information Security Governance, Information Risk Management, Information Security Program Development and Management, and Information Security Incident Management.
What are the prerequisites for CISM training?
CISM training requires a solid foundation in information security. Prerequisites include five years of experience in IT, audit, or information security; familiarity with TCP/IP; experience with UNIX, Linux, or Windows systems administration; and intermediate knowledge of Security+ level concepts. To earn the CISM credential, candidates must pass the exam and have five years of work experience in information security management.
When does ISACA offer the CISM exam?
ISACA offers the CISM exam year-round at testing centers and via remote proctoring. IT Dojo's 3-day course is designed to efficiently prepare candidates to pass on their first attempt, which is why the course focuses heavily on exam strategy and practice in addition to domain content.
Is CISM training available for federal and DoD professionals?
Yes. IT Dojo works exclusively with federal agencies, DoD organizations, military branches, and government contractors. All training is employer-sponsored. CISM is relevant to professionals in security management roles across civilian and defense agencies and is recognized under DoD 8570/8140 frameworks.
Is CISM training available online?
Yes. IT Dojo offers live remote online CISM training. Participants connect to a live instructor-led session — not a recording — with the ability to ask questions and interact in real time. Remote classes are kept small to preserve the quality of instruction.