Cism

I recently saw a vacancy being advertised for a Network Security Admin, and the job required CISSP and CISM. I've never seen anyone ask for CISM before, exactly how popular and in demand is this certification? What's the content like?

Find more posts tagged with

SAVE $250 on Your ISACA Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View ISACA Boot Camps

Comments

UnixGuy

zen master wrote: »

I recently saw a vacancy being advertised for a Network Security Admin, and the job required CISSP and CISM. I've never seen anyone ask for CISM before, exactly how popular and in demand is this certification? What's the content like?

Very popular actually. I see a lot of security positions ask for CISSP, CISA, and CISM !

CISM is about incident response mainly, and CISA is about auditing.

zen master

Thanks UnixGuy. I don't think I'll bother to do that certification. In my part of the world, I think everyone is focused on CISSP, so I'll get that and call it a day.

UnixGuy

It's a very good cert, even for the knowledge only. Get CISSP, then you can get CISA and then CISM. The knowledge in these certs is invaluable

unsupported

CISM is a management cert. There is a requirement for you to manage a group or a project. Their definitions are kinda lax on management.

A lot of people in my department take CISM after CISSP and they say it is about 70% overlap in the domains. So, you can do your CISSP and then get CISM right after. Also, be aware of the timing. CISSP exams are throughout the year when CISM (and CISA) are given twice a year in June and December (I think).