Problem solve Get help with specific problems with your technologies, process and projects.

The scope of the CISM

ISACA has launched a new course called the Certified Information Security Manager (CISM). Will you please tell...

me the scope of this certification? Will the holder of this certificate receive recognition in the security industry?

The CISM was announced in late November/early December by ISACA, but exams won't be publicly available until June, 2003. The scope of this certification is intermediate level -- much like the CISSP or the intermediate SANS certifications -- but is more operational and procedural in focus than the CISSP, while less specific than the individual SANS intermediate exams for firewall analysts, intrusion analysts, incident handlers, Windows and Unix security administrators and so forth.

It's simply too early to tell how well this program will do in the marketplace because it's not yet available. That said, since the ISACA CISA cert has a population of nearly 30,000 certified individuals, chances are good that the CISM will also do well in the marketplace. But alas, only time will tell.

For more information on the CISM, visit ISACA's Web page and a story I wrote for CramSession.

For more information on this topic, visit these other SearchSecurity.com resources:

This was last published in December 2002

Dig Deeper on Security industry certifications