ISACA Certified Information Security Manager (CISM) Online Training

Taught by

UPDATED: June 26, 2025

Intermediate

This CISM training prepares IT professionals to manage enterprise-level security governance, risk, and incident response. This online, self-paced course aligns with ISACA's latest Certified Information Security Manager exam and is ideal for roles like Information Security Manager, GRC Lead, or Risk Officer. You'll build leadership skills in threat modeling, risk treatment, and post-incident review, making it perfect for both CISM certification prep and recertification.

Start a free week

Subscription options

$59.00

Access all premium content with a free week!

Quizzes
CyberVista® IT practice exams
Coaching
IT learner community

Start a free week

See training reviews

What you'll learn

Design and align security strategy with business objectives
Conduct vulnerability and control gap analysis
Develop and evaluate business continuity plans
Manage third-party and supply chain security risks
Monitor incidents with tools like SIEMs and response playbooks
Communicate risk posture and incident response to stakeholders

FAQs

Who should take this CISM training?

This course is for experienced IT professionals who manage or oversee security programs, risk, or incident response. If you're already in a mid- to senior-level cybersecurity or governance role – or moving into one – this training updates your skills for emerging threats like AI-driven attacks and positions you for the CISM exam.

How much does the CISM cost?

The CISM exam costs $575 USD for ISACA members and $760 for non-members. An ISACA membership costs around $145 a year, so it might be worth becoming a member if you’re paying for the exam anyway. It’s a pricey process, but it's well worth it if you’re pursuing leadership roles in security, compliance, or risk governance.

Does earning the CISM pay well?

Yes – CISM consistently ranks among the highest-paying certs in IT. According to industry surveys, professionals with CISM earn well into six figures, especially in roles like security manager, IT risk lead, or GRC director. It’s a major salary booster for those managing security at the organizational level.

Is it hard to learn the technical and managerial skills of the CISM?

It’s challenging but doable with experience. The hardest part is the shift from technical tasks to management thinking – budgeting, governance frameworks, and risk ownership. If you’re used to hands-on tools, this course helps you think like a leader in control, compliance, and crisis readiness.

What jobs do I qualify for with the CISM?

With CISM, you're qualified for roles like Information Security Manager, Cybersecurity Program Lead, GRC Manager, or IT Risk Director. Employers recognize CISM as the benchmark for leadership in security policy, incident response planning, and program oversight.

Who is this for?

This course is for mid- to senior-level IT professionals in security, risk, and governance roles. If you lead security programs, manage audits or incident response, or are preparing for the CISM exam, this course updates your skills to meet today’s regulatory and threat environment head-on.

What our learners say

You constantly have to invest in training for your people.
Rick N. | CEO
It feels like the best and the brightest people are training with you — and they are just hanging out with you and showing you the ropes.
John McCann | IT manager and CBT Nuggets learner
Companies that invest in employee development report up to 24% higher profit margins and 218% higher income per employee.
Devlin Peck | Forbes

Study plan

Download the free CISM study plan to complete this course in about 14 hours.

Download study plan