ISACA CISM Boot Camp
Certified Information Security Manager
CISM is the management credential of information security: the certification for professionals who build and lead security programs, not just run the tools. In this live, instructor-led 4-day boot camp, you work through all four CISM exam domains and walk out ready to test. Taught by a certified ISACA instructor, with an exam voucher, a free retake, and a clear path to pass built in.
Exam voucher and free retake included.
Prefer to study on your own schedule? Get the self-paced CISM course →
Everything you need to walk in ready
Four full days of interactive instruction from a certified ISACA instructor, mapped to the CISM exam content outline.
A 12-month subscription to ISACA’s official Question, Answer and Explanation database, with unlimited practice exam attempts.
Your CISM exam voucher is included, so you are registered and ready to test.
If you don’t pass the first time, retake the exam at no additional cost.
A pre-study learning path, readiness guidance, and exam strategy so you know exactly how to prepare between sessions and test day.
If you already hold ISACA or other professional credentials, the live instruction hours count as CPE toward them.
Four days across all four CISM exam domains
The boot camp works straight through ISACA’s CISM exam content outline: four job-practice domains, each weighted as it is on the exam. You leave having covered every area the 150-question exam tests.
Information Security Governance
17%- Enterprise governance: culture, organizational structure, and how security strategy aligns to business goals.
- Frameworks, standards, and the legal and regulatory landscape that shape the program.
Information Security Risk Management
20%- Risk identification and assessment: threats, vulnerabilities, and business impact.
- Risk response: treatment options, monitoring, and reporting to stakeholders.
Information Security Program
33%- Program development: resources, asset classification, policies, and awareness.
- Program management: controls, testing, metrics, and integrating security into operations.
Incident Management
30%- Incident readiness: plans, playbooks, classification, and training before anything goes wrong.
- Incident response: containment, communication, recovery, and business continuity and disaster recovery.
Domains and weightings follow ISACA’s official CISM exam content outline. The CISM exam is 150 questions in 4 hours, scored 200 to 800, with 450 to pass.
What the CISM certification does for you
Security teams get built by people who can run them. CISM is how you prove you are one of them.
More than 100,000 professionals have earned CISM since 2002. When the role owns strategy, budget, and a team, this is the credential the posting asks for.
CISM tests judgment, not tools: governance, risk, program, and incident decisions the way a security leader has to make them, in business terms.
Pass the exam and apply for certification to earn ISACA’s CISM credential and digital badge, verifiable and shareable on LinkedIn and your resume.
What you’ll be able to do
- Build and run an enterprise information security program
- Align the security strategy with business goals and win budget
- Own risk decisions: assess, treat, monitor, and report
- Lead incident response from readiness through recovery
- Manage the people, vendors, and budget behind the program
- Report security posture to executives and the board
Learn security leadership from a career cybersecurity leader
James brings over 35 years of military, federal, and contracting experience to cybersecurity training. A former USAF senior officer and Defense Intelligence Agency leader, he has managed critical cybersecurity programs for the Department of Defense and DHS. As President of Sycamore Cybersecurity Consultants and Dean of CyberEDGE Academy, James has trained over 2,000 cybersecurity professionals worldwide. He is a certified instructor for ISACA CISM, CISM, CRISC, CGEIT, and AAISM, and holds a BS in Mathematics, three MS degrees, and an MBA.
Prepare, train, pass
CISM boot camp, answered
What is CISM?
CISM is ISACA’s Certified Information Security Manager certification, the management-level credential for professionals who build and lead information security programs. More than 100,000 professionals have earned it since 2002.
What roles does CISM prepare me for?
CISM validates security leadership: information security manager, security program lead, GRC leadership, and the CISO track. It is the natural next step when your work shifts from running tools to running the program.
What are the requirements for CISM certification?
ISACA requires five years of experience in information security, including at least three years in information security management across three or more CISM domains. Up to two years of the general requirement can be substituted with credentials like CISA or CISSP or a relevant postgraduate degree; the three management years cannot be waived. You can sit the exam first and apply once you meet the requirement.
How is the CISM boot camp structured?
Four full days of live, instructor-led training led by a certified ISACA instructor, working through all four CISM exam domains. You get a pre-study learning path, a 12-month subscription to ISACA’s official QAE database with unlimited practice exam attempts, and exam-strategy support so you walk in ready.
What does the CISM exam look like?
The CISM exam is 150 questions in 4 hours, scored on a 200 to 800 scale, with 450 required to pass. Your exam voucher is included, and after registering you have a scheduling window to sit the exam.
What if I don’t pass the CISM exam?
You can retake the exam at no additional cost. The whole program is built to get you exam-ready, and the free retake is there as a safety net.
Do I earn CPE for the CISM boot camp?
If you already hold ISACA or other professional credentials, the live instruction hours count as CPE toward them. It is a productive way to make progress on your annual CPE while preparing for a new certification.
Is there a self-paced CISM course?
Yes. If you prefer to study on your own schedule, see our self-paced CISM course. The live boot camp is best if you want structure, an instructor, and a fixed timeline to keep you accountable.
Get CISM-certified with an instructor in your corner
Four live days, every exam domain, an included voucher, and a free retake if you need it. Pick the cohort that fits your calendar.
$2,499 per seat, regularly $2,999. Exam voucher and free retake included.
Prefer to study on your own schedule? Get the self-paced CISM course →
Training a team? Explore corporate training or book a time with our team →
Popular courses
Pages
