Digital Threat Digest Insights Careers Let's talk

Certified Information Security Manager (CISM)

Our Certified Information Security Manager training or coaching supports individuals seeking to validate their knowledge and experience associated with managing, designing, overseeing, and assessing an enterprise’s information security.


Training covers the following four domains:

  • Domain 1 – Information Security Governance.
  • Domain 2 – Information Risk Management and Compliance.
  • Domain 3 – Information Security Program Development and Management.
  • Domain 4 – Information Security Incident Management.

Training material is accredited by ISACA and delivered by an approved ISACA trainer.

This training can be delivered virtually, at our London or Bristol facilities, or at our clients’ premises; training is typically for group bookings only, but there may be public spaces available occasionally.


Certified Information Security Manager

ISACA Certified Information Security Manager


By the end of this training, participants will have gained the knowledge required to make the move from senior practitioner to manager, using their existing technical expertise and experience in information security.


Senior practitioner-level cyber security professionals who will need to manage and adapt organisational technology – by designing and implementing processes when serious information security issues have been identified. Example roles might include:

  • Information Security Manager
  • Chief Information Officer
  • Information risk or compliance practitioners
Learning outcomes
  • Confidently conduct policy making decisions in order to ensure that effective information security policies are established.
  • Determine factors that are necessary to lower and manage risks and optimize resources and at the same time establish trust and reputation.
  • Guarantee assurance on critical decisions that are to be made concerning security of the organisation.
  • Perform efficient and effective risk management.

Ideally you will need five years of professional information security experience, most of which should be at demonstrable within the 4 domains covered during training, including some management.