CISMP (Certificate in Information Security Management Principles) Certification
The CISMP qualification
The Certificate in Information Security Management Principles (CISMP) qualification demonstrates good knowledge and understanding of the key areas involved in information security management, including cyber security, risk management, information security management (ISO 27001), and technical controls. Awarded by BCS, The Chartered Institute for IT, following successful completion of the CISMP exam.
CISMP provides a solid foundation, upon which a successful information security career can be built. It is particularly valuable to those working in the public sector, as it is part of The Certified Professional (CCP) Scheme (formerly known as the CESG Certified Professional Scheme).
Who is CISMP suitable for?
If you are keen to develop a career in information security, CISMP is the perfect starting point as it provides a broad introduction to information security management. The content is also suitable for business professionals who require a deeper understanding of information security as part of their wider business knowledge.
What's in the CISMP syllabus?
The CISMP syllabus covers the following areas:
- Information Security Management Principles (10%)
- Information Risk (Threats, Vulnerabilities) (10%)
- Information Security Framework (Organisation, Implementation, Standards) (20%)
- Procedural / People Security Controls (15%)
- Technical Security Controls (including Infrastructure, Cloud Computing) (25%)
- Software Development and Lifecycle (5%)
- Physical and Environmental Security Controls (5%)
- Disaster Recovery and Business Continuity Management (5%)
- Other Technical Aspects
View the full BCS syllabus for CISMP >>
The BCS requires CISMP candidates to demonstrate knowledge in the following areas:
- Knowledge of the concepts relating to information security management (confidentiality, integrity, availability, vulnerability, threats, risks, countermeasures, etc)
- Understanding of current national legislation and regulations which impact upon information security management
- Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security
- Understanding of the current business and common technical environments in which information security management has to operate
- Knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics.
The CISMP exam
To achieve the CISMP qualification, you must pass a two hour multiple-choice exam, consisting of 100 questions. A minimum of 65 marks out of 100 are required to pass and 80 marks will gain you a distinction.
The CISMP exam, worth £174 is included on the final day of our CISMP Certificate in Information Security Management Principles training course, which covers the BCS learning objectives in order to prepare candidates for the exam.
View a sample CISMP exam paper >>