Information security and technology professionals, 就像医生和律师一样, are expected to stay apprised of the environment surrounding their profession. As part of my continuous learning process, the Certified Information Security Manager (CISM) was my next logical step after obtaining the Certified Information Systems Auditor (CISA).
Here is how I approached preparing for the CISM exam and what I would recommend to my colleagues:
我的CISM旅程
- Determine the benefits to obtaining the CISM certification
- Take the 实践测试 and review the ISACA Certification Exam Candidate Guide
- Purchase the study materials, plan study tactics and determine your timeline for taking the exam
- Register for the exam and schedule your testing appointment
- 参加考试
CISM好处现如今已成为
的 first thing about taking the CISM is to determine its benefit to you.
- Do you want to stand out among other professionals?
- 你想要加薪吗?
- Do you want to be more marketable and get a better job?
- Do you want to be more confident in your current role or be viewed as someone to promote?
的 benefits for me were the added credibility the CISM would provide to my clients and the continuing professional education (CPE) hours earned. 另外, the knowledge gained in studying for the exam helps in my role as a consultant and Information Security Officer to make informed and proactive decisions.
练习考试和考生指南
的 实践测试 helps gauge your knowledge of the subject matter and determines how much time will be required to prepare for the exam. 接下来,回顾 ISACA Certification Exam Candidate Guide. 的 guide provides helpful information such as the experience required to become certified, 考试中的域数, 相应的测试百分比, 可用的语言, the exam length and the number of exam questions.
Study Materials, Tactics, and Timelines
的 two reference books I found most beneficial in preparing for the exam are the “CISM复习问题,答案 & 解释手册"和"CISM评审手册.“ 复习问题、答案 & 解释 我学习的主要来源是什么. Not only does the manual provide helpful and relevant content, but it also provides you with an understanding of how the questions are asked on the exam. Words you will become familiar with in the questions are “best” and “most.”
My approach to the exam was to take the CISM复习问题,答案 & 解释手册 questions and divide them into the amount of time allotted for studying. I gave myself three months to study, so I focused on 80 questions per week. 当我没回答问题的时候, I would review the explanation of why those specific responses were correct or incorrect, 为了进一步澄清, 我会参考 CISM评审手册.
Register and Set Your Examination Date
Most people have busy schedules filled with work, school and family obligations. 因为这些义务, it is easy to procrastinate and tell yourself, “I will register for the exam when I am prepared.” However, registering for the exam and setting an exam date is the equivalent of setting a goal. 通过设定这个目标, you will increase your efforts and be motivated to achieve the knowledge required for the exam.
If life does get in the way, it is simple to reschedule the date. Just keep in mind you have 12 months from the registration to take the test.
参加考试
的 test can be taken one of two ways: either at a testing center or via online remote testing – both of which are proctored. I chose to take my exam at a testing center. Working remotely since 2020 has provided insights into possible distractions to interrupt your focus while at home. I didn’t want to be taking a test and have the doorbell ring, a child or pet run through my home office, 或者有人打电话或发短信. I prefer the quiet environment of a testing location. Be sure to choose the right fit for you.
Hopefully, my process is beneficial to you in preparing for the CISM. 接下来我的旅程将带我去哪里? Most likely, to follow the same process again and take the Certified in Risk and Information Systems Control (CRISC).
