Designed for IT professionals with technical expertise and experience in IS/IT security and control looking to transition from team player to manager.

Data breaches, ransomware attacks and other constantly evolving security threats are top-of-mind for today’s IT professionals. With a Certified Information Security Manager® (CISM®) certification, you’ll learn how to assess risks, implement effective governance and proactively respond to incidents.

The ISACA CISM certification can add credibility and confidence to interactions with internal and external stakeholders, peers, and regulators.

This cybersecurity certification indicates expertise in information security governance, program development and management, incident management and risk management.

Content in this course is:

  • Aligned with the CISM job practice
  • Adapted from the CISM Review Manual 16th Edition
  • Reviewed by subject matter experts that hold the CISM certification

The course features an enhanced facilitator guide, additional participant resources, knowledge check questions from the CISM Questions, Answers and Explanations (QAE) database along with scenario-based activities and enrichment materials (articles, podcasts and whitepapers) selected from the ISACA website to provide learners with an opportunity to go deeper into specific areas related to the course content.

MDEC Digital Up Campaign: Enjoy up to RM2,500 Training Fee Reimbursement when you sign-up and attend this course from 15 July – 30 Sept 2023 (Open to Malaysians, Employed, Unemployed, Fresh Graduates, OR Gig workers aged 21-55 years old).

Learn more about Malaysia’s Top Cybersecurity Strategies and Trends in 2024.

Here are five insightful blog posts about ISACA and its cybersecurity certifications. Each one focuses on a different aspect of how ISACA’s training can enhance your cybersecurity career, take a read: 

→ Top ISACA Cybersecurity Certifications 2024 | Career Advancement 

 Incorporating ISACA Certifications into Corporate Training Program 

 ISACA’s CISM vs CRISC: Which Certification Is Right for You? 

 Your Ultimate Guide to the ISACA CISM Certification 

 Become a leader with ISACA: Cybersecurity Leadership 

Skills Covered

After completing this course, participants should be able to:

  • Explain the relationship between executive leadership, enterprise governance and information security governance.
  • Outline the components used to build an information security strategy.
  • Explain how the risk assessment process influences the information security strategy.
  • Articulate the process and requirements used to develop an effective information risk response strategy.
  • Describe the components of an effective information security program.
  • Explain the process to build and maintain an enterprise information security program.
  • Outline techniques used to assess the enterprise’s ability and readiness to manage an information security incident.
  • Outline methods to measure and improve response and recovery capabilities.

Who Should Attend

The ISACA CISM certification is perfect for experienced information security managers and everyone who works in IT Governance. You will learn about four domains in information security. These domains are about compliance, risk management and security governance

Course Curriculum


To earn the CISM credential you need five years of information security work experience, with a minimum of three years of information security management work experience in three or more of the job practice analysis areas.

Download Syllabus

Course Modules