TL;DR Neither is easy.
If question is which is easier, again I think the answer would be neither is easier, it depends on where you are coming from experience wise. They are about equal in how difficult they are.
CISSP is a little more technical (not very deep, but concepts).
CISM is also very management focused, but less technical.
They compliment each other well, a good deal of materials are overlapping so it could be a CISSP AND CISM choice.
When I did my certifications I was from a techie background and I did complimenting certificates for that.
Continue reading: www.quora.com/Which-is-easy-CISM-or-CISSP/answer/Thor-Pedersen-4
IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.