Passed CISM (AUG 2023) // Study Material

ITSurferITSurfer Member Posts: 8 ■■■□□□□□□□
To return the favor(s), I wanted to share what i used to study to meet the minimum 450 score. I came here to read, even though most were dated, opinions and options in how to prepare.  

In 2022, I took the Cybrary.it CISM video course as well as Thor Pederson.  I took CISM DEC 2022 and failed with a score of 423.  

Information Security Governance
441 Information Security Risk Management
396 Information Security Program
432 Incident Management

Took a few months or so off, wallowed in defeat, then got serious with it and buckled down in JUN 2023 and primarily used the ISACA CISM QAE and the CISM All in One 2nd Edition by Peter H. Gregory.  Spent at least an hour a day on these two.  (I didn't watch any of the videos again) I found the QAE invaluable!!!  My weaker areas, I used the All in One to study, read it and then would review it again.  I really had to shift my thinking and break the questions down, eliminating irrelevant information from the question, then eliminating 2 of the potential answers helped as well. I then took the QAE again and was scoring 80% plus.   By changing up my approach, I passed with a 563.    

696 Information Security Governance
563 Information Security Risk Management
535 Information Security Program
516 Incident Management

I opted to take it remotely, via PSI, both times.  Both times, i had issues connecting, even though my systems passed the pre checks.  Once I got in and started the test, no issues with PSI.  

Hope this helps someone.  


  • Options
    lennyscouplennyscoup Member Posts: 1 ■□□□□□□□□□

    Thanks for sharing the experience. These are both great resources for preparation.Anyway, the CISM exam is challenging, and it's important to be able to think critically and analytically.

  • Options
    xagreusxagreus Member Posts: 116 ■■■■□□□□□□
    Congrats, and thanks for sharing!
    A+, Net+, Sec+, CySA+, CCNA, ITIL 2011 Foundation, AWS CCP, ISC2 CC, MS SC-900, MS AZ-900
    2024 goals: AZ-900, Cloud+, Palo Alto PCNSA, CyberOps Associate, DevNet Associate, Project+
  • Options
    itdeptitdept Registered Users Posts: 273 ■■■■■■□□□□
    Nice work sticking with it getting the pass. Thanks for sharing resources
  • Options
    WyattWeimannWyattWeimann Member Posts: 1 ■■□□□□□□□□
    Thanks for sharing, it does helps me, I will keep it in my mind. I appreciate you.
  • Options
    E Double UE Double U Member Posts: 2,232 ■■■■■■■■■■
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • Options
    shochanshochan Member Posts: 1,006 ■■■■■■■■□□
    so, is this cert strictly for managers in IT...or possibly a technical IT person transitioning to mgmt? 
    CompTIA A+, Network+, i-Net+, MCP 70-210, CNA v5, Server+, Security+, Cloud+, CySA+, ISC² CC, ISC² SSCP
Sign In or Register to comment.