The Certified Information Security Manager (CSIM), offered by ISACA, is a business-oriented credential that focuses on leading information risk management within an enterprise-level organization. Its subject domains are geared toward leadership/advanced-career professionals who are charged with designing, implementing and assessing an organization’s information security program.

ISACA, previously known as the Information Systems Audit and Control Association, is a global nonprofit association focused on IT governance certifications. IT governance ensures that IT resources and systems are effectively utilized to strategically align with business pillars.

The CISM certification exam covers four key subject domains relevant to security management:

• Domain 1: Information Security Governance
• Domain 2: Information Risk Management
• Domain 3: Information Security Program Development and Management
• Domain 4: Information Security Incident Management

The CISM certification is the leading credential for the management side of information security and is ideal for InfoSec practitioners pursuing managerial/leadership roles. Common titles associated with CISM include:

• Information Security Manager
• Cybersecurity Engineer
• Program Manager
• Network Architect
• Chief Information Officer (CIO)