The CISM is highly sought after
by Cybersecurity recruiters!

Getting your CISM certification is a smart career move, it is:
-
Recognized The CISM is widely recognized by recruiters and HR. It is one of the most required Cybersecurity certifications.
Get Access to the Complete CISM bundle now!
91,000+ Enrollments
4.6 Rating
Current exam ready (2022 exam)
-
32 hours of CISM videos Covering all 4 domains
Study and Exam Tips, Tricks, and Approaches -
900 CISM Practice questions questions
-
2,500 CISM Flashcards
-
A 200-page PDF CISM study guide PDF Mnemonics
A study plan -
The 24/7 ThorBot (CISM chatbot)
-
Updated in 2024
-
A 2,500 word glossary
-
Subtitles English, Spanish (Latin America), Portuguese (Brazil),
French, Arabic, Chinese, Japanese, and Hindi -
Lifetime or 12-months access
12-months access $119.95
I definitely need less than 1 year to study.
Lifetime Access $159.95
Lifetime Access please, you just never know.
You will learn the 4 things you need to pass your exam!
- The knowledge: So you can explain the where/when/why/how/what of any topic.
- Question deconstruction: To figure out; what are they ACTUALLY asking here?
- Answer logic: The ability to pick the MOST right answer, there may be 2 more or less right answers. Which answer is the MOST right in this specific situation in the eyes of ISACA?
- Time management: You will get 150 questions and 4 hours for the exam, meaning you have at 96 seconds per question on average.
Preview some of our Complete CISM Bundle materials:

-
32 hours of CISM videos
-
The 24/7 CISM ThorBot (chatbot)
Try the ThorBot (Light):
You get the Full version with the course bundles.
The Light version is only trained on Domain 1 materials.
Type above here to try the ThorBot (Light)
ThorBot is using ChatGPT-4o
(We update to the latest model when they are released).
The ThorBot has been trained on:
- All our CISM videos
- All relevant NIST documents
- 500+ relevant Wikipedia pages
- The Official ISC2 and ISACA websites
- Our "How to study" course
- OWASP top 10
- The CISSP Memory Palace
- The CISSP Sunflower notes
- The CISSP Process Guide
- Our CISM study guides and much more...
-
A 2,500 word CISM glossary
Try our CISM Glossary!
Frequently asked questions:
How should I study for the CISM exam?
This is the approach I use for all my studying and it seems to work for the majority of my students.
For the CISM get 1 good video courses (I obviously recommend my own), 1 good book (the CISM AIO is better than the official book) and do 1,000-1,500 practice questions before the exam (I highly recommend the CISM QAE questions, they are retired exam questions).
• Watch the video class once, wtake notes. Watch the videos at 0.75x-1x speed. If instructor talks very slowly; speed the videos up to 1.25x – 1.5x speed.
• Read the book once, read everything, highlight what you think is important or what the book tells you is important.
• Re-watch the video class, add to your notes, and for the 2nd round I suggest 1.5x-2x speed.
•Now most start on questions but you can re-read the book read everything, highlight what you know is important.
• Most students who pass the exam to have done 1,000 – 2,000 unique practice questions.
I think the official CISM QAE questions are critical to passing the exam, they teach you exactly how ISACA asks the questions on the exam. They are retired exam questions.
You need to understand ALL the concepts, be able to explain them, and be able to logic your way through convoluted exam questions.
You need to spend a good deal of time learning to deconstruct questions; what are they really asking here?
Do not worry if you spend 3-5 minutes on a question to begin with, just learn to deconstruct the question.
Deconstruct questions and answers:
• Read the question; spot the keywords (PKI, Integrity, HIPAA) and indicators (FIRST, MOST, BEST), then deconstruct the question; what are they really asking here.
• Once you have deconstructed the question, read the answer options.
• Deconstruct the answer options too if needed.
Normal questions have 2 distractors and 2 possible right answers.
There can also be 4 wrong answers (you then pick the LEAST wrong answer), or 4 right answers (you then pick the MOST right answer).
Do not use the same questions more than once. You will get higher scores, but it will be inaccurate scores; you have seen the questions before.
After each practice test, review the questions you got wrong, read the question explanation. Then re-read the book and re-watch the video topics you answered wrong on the test.
Re-study the topic until you understand WHY the right answer is the right answer, and why you answered it wrong.
Keep doing practice tests until you hit 80%+ on all domains on the official ISACA CISM questions.
What's the job outlook like for CISM professionals?
I can’t promise you anything, but there is a huge demand for certified professionals, there are currently over 36,162 open CISM jobs in the US alone and we are seeing the same picture across the world.
The average CISM salary in the US is over $152,037 per year, worldwide that number is $114,483, CISMs on average make 35% more than their non-certified colleagues.
https://www.cyberseek.org/heatmap.html
https://www.infosecinstitute.com/resources/cism/average-cism-salary/
Can I preview your materials before I buy?
Yes, you can see examples of the videos, study guides, mnemonics, questions, glossary, flashcards, and the ThorBot (Chatbot) for the CISM below.
What is included in your courses?
All this is included in our CISM course:
32+ hours of CISM videos – 200+ lessons (The next exam update is expected in 2027)
900 CISM practice questions
Study guides from the lectures (200 pages)
The ThorBot (A study Chatbot)
A 2,500 word CISM Glossary
2,500 CISM Flashcards
A study plan
Subtitles in English, Spanish (Latin America), Portuguese (Brazil), French, Arabic, Chinese, Japanese and Hindi
Mnemonics PDF
300+ relevant links
Can I rewatch the videos and do the practice questions more than once?
Yes!
You have access to our courses for either Lifetime or 12 months, you can watch the videos and do the practice questions as many times as you want.
What are the prerequisites for earning my CISM certification?
To get your CISM certification you must have at least 5 years of professional experience in the information security field.
Domain 1—Information Security Governance (17%)
Domain 2—Information Security Risk Management (20%)
Domain 3—Information Security Program (33%)
Domain 4—Incident Management (30%)
Substitutions and waivers may be obtained for a maximum of 2-years as follows:
Two Years: CISA or CISSP certification in good standing or a post-graduate degree in information security or a related field (e.g., business administration, information systems, information assurance)
One Year: One full year of information systems management experience or general security management experience.
Skill-based security certifications (e.g., SANS Global Information Assurance Certification (GIAC), Microsoft Certified Systems Engineer (MCSE), CompTIA Security+, Disaster Recovery Institute Certified Business Continuity Professional (CBCP), ESL IT Security Manager)
What are the 2022 exam domains?
There are 4 domains in the CISM by ISACA
Domain 1—Information Security Governance (17%)
Domain 2—Information Security Risk Management (20%)
Domain 3—Information Security Program (33%)
Domain 4—Incident Management (30%)
The next exam update is expected in 2027.
How do I earn CPE Credits?
You can earn CPEs in many ways, the most common are taking other certifications or do more online or live training.
You earn 1 CPE per hour spent on the activity.
Here are a few of the examples:
ISACA Professional Education Activities and Meetings
Non-ISACA Professional Education Activities and Meetings
Self-study Courses
Vendor Sales/Marketing Presentations
Teaching / Lecturing / Presenting
Publication of Articles, Monographs and Books
Exam Question Development and Review
Passing Related Professional Examinations
Working on ISACA Boards/Committees
Mentoring
12-months access $119.95
I will definitely finish in less than 1 year.
Lifetime Access $159.95
Lifetime Access please, you just never know.