Certified Information Security Manager: Difference between revisions
Appearance
Content deleted Content added
link to ISC2 article, not external link to website |
Christian75 (talk | contribs) {{Rwh}} |
||
(33 intermediate revisions by 29 users not shown) | |||
Line 1: | Line 1: | ||
#Redirect [[ISACA]] |
|||
{{Refimprove|date=June 2007}} |
|||
{{Rwh}} |
|||
'''Certified Information Security Manager''' ('''CISM''') is a certification for [[information security management|information security managers]] awarded by the [[Information Systems Audit and Control Association]] (ISACA). To gain the certifications, individuals must pass a written examination and have at least five years of [[information security]] experience with a minimum three years of [[information security management]] work experience in particular fields. |
|||
The intent of the certification is to provide a common body of knowledge for information security management. The CISM focuses on [[information risk management]] as the basis of information security. It also includes material on broader issues such as how to [[information security governance|govern information security]] as well as on practical issues such as developing and managing an information security program and [[incident management|managing incidents]]. |
|||
The point of view in the certification is that of widely accepted cross-industry best practices, where information security gets its justification from business needs. The implementation includes information security as an autonomous function inside wider [[corporate governance]]. |
|||
The CISM certifications tends to be sought after by both [[Certified Information System Auditor|CISA]] and [[CISSP]] certification communities. ISACA created the CISM to help foster a better fusion between IT auditing and information security perspectives. |
|||
In principle, the CISM certification is related in nature to the Information Systems Security Management Professional certification from the [[International Information Systems Security Certification Consortium]]. |
|||
In 2005, the [[United States Department of Defense]] listed CISM, CISA and CISSP as "approved" certifications for its "Information Assurance Workforce Improvement Program".<ref>[http://www.dtic.mil/whs/directives/corres/pdf/857001m.pdf DoD 8570.01-M, December 19, 2005<!-- Bot generated title -->]</ref> |
|||
==Knowledge Domains== |
|||
The CISM requires demonstrated knowledge in five functional areas of [[Information Security]]<ref>Peltier, Thomas R., Peltier, Justin: ''Complete Guide to CISM Certification.'' Auerbach Publications, 2007. ISBN 0-8493-5356-4</ref>: |
|||
* [[Information Security Governance]] |
|||
* [[Information risk management]] |
|||
* [[Information security program]] development |
|||
* [[Information security program]] management |
|||
* [[Information security incident management|Incident management]] |
|||
==See also== |
|||
* [[Certified Information System Auditor]] (CISA) |
|||
* [[Certified Information Systems Security Professional]] (CISSP) |
|||
* [[Certified Expert Penetration Tester | CEPT (Certified Expert Penetration Tester)]] |
|||
* [[Information Security Governance]] |
|||
* [[Information Security Management]] |
|||
* [[Information Systems Security Management Professional]] (ISSMP) |
|||
* [[(ISC)²]] |
|||
* [[IT Governance|IT Governance Frameworks]] |
|||
==References== |
|||
{{Reflist}} |
|||
==External links== |
|||
*[http://www.isaca.org/Template.cfm?Section=CISM_Certification&Template=/TaggedPage/TaggedPageDisplay.cfm&TPLID=16&ContentID=4528 CISM Certification - Information Systems Audit and Control Association] |
|||
[[Category:Professional certification]] |
|||
[[Category:Computer security qualifications]] |
|||
[[Category:Data security]] |
|||
{{comp-sci-stub}} |
|||
[[de:Certified Information Security Manager]] |
|||
[[es:CISM]] |
|||
[[fr:Certified Information Security Manager]] |
|||
[[id:CISM]] |
|||
[[pt:Certified Information Security Manager]] |
Latest revision as of 16:33, 24 October 2017
Redirect to:
- With history: This is a redirect from a page containing substantive page history. This page is kept as a redirect to preserve its former content and attributions. Please do not remove the tag that generates this text (unless the need to recreate content on this page has been demonstrated), nor delete this page.
- This template should not be used for redirects having some edit history but no meaningful content in their previous versions, nor for redirects created as a result of a page merge (use {{R from merge}} instead), nor for redirects from a title that forms a historic part of Wikipedia (use {{R with old history}} instead).