How to get CISM certified

You’ve prepared by doing the work, taken the exam and are now ready to apply for your CISM® Certification. Let’s make sure you have everything you need:

Illustration of exam with approval mark shown on computer

STEP 1: PASS THE EXAM

Prior to sending your application, you must meet the following requirements:

  • Pass the CISM Exam within the last five years.
  • Have five or more years of CISM professional work experience across at least three of the four CISM domains
  • Unsure of requirements? VIEW MORE > 
VIEW CISM EXAM DETAILS
Illustration of money and online form

STEP 2: PAY THE APPLICATION FEE

Pay the one-time US$50 application processing fee.

  • You must pay your application fee before submitting your application.
  • Login to your MYISACA account to access the application processing fee.
PAY APPLICATION FEE
Illustration of application form

STEP 3: FILL OUT AND SUBMIT THE APPLICATION

Candidates must apply for certification within five years of having passed the exam.

ONLINE APPLICATION

Download CISM Application Forms (Non-English)

Application Calendar

From June 2022 & Later:

If you passed the exam from June 2022 until the present, download the application form in your preferred language.

Please select a language

Application Calendar

From 2018 to May 2022:

If you passed the exam from 2018 to May 2022, download the application form in your preferred language.

Please select a language

Members save on CPEs, renewals, and exams

JOIN

CISM certification requirements

Demonstrate the minimum required work experience

A minimum of 5-years of professional information security management work experience within the CISM job practice areas—as described in the CISM job practice areas—is required for certification. Work experience for the CISM certification must be gained within the 10-year period preceding the application date for certification. Candidates have 5-years from the passing date to apply.

GET CISM APPLICATION FORM

Earn & report CPE hours

Attain and report a minimum of 120 Continuing Professional Development (CPE) hours during a three-year reporting period, completing a minimum of 20 CPE hours per year. If these CPEs satisfy the requirements for other ISACA certifications, they may also count toward those designations.

HOW IT WORKS

Adhere to the Code of Professional Ethics

Members of ISACA and/or holder of the CISM designation, you’ll need to agree to a Code of Professional Ethics to guide your professional and personal conduct.

VIEW ISACA’S CODE OF PROFESSIONAL ETHICS
CISM Logo

Successfully complete the CISM examination

The CISM exam is open to anyone who has an interest in information security. You can still take the CISM exam even if you haven’t met the experience requirements yet, although you’ll have to meet those before getting certified. When you take the CISM exam, we’ll send you your results, and if you passed, the details you need to apply for your CISM certification. Candidates have five years from the passing date to apply for certification.

VIEW CISM EXAM DETAILS

Already certified and need to maintain your certification?

Manage your certification in MyISACA
LEARN HOW