Experience for CISM

nipun1987

Hi
I am planning to give CISM exam in the Month of Dec.
I have a query if my work experience will be valid for CISM certification.
i am working as a SAP Security Consultant from 3 years in IBM India. My basic work involves Implementation of Security for ERP tools.

Regards
Nipun

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

paul78

You can find information about the experience requirements for the CISM here:

How to Become CISM Certified

You must have 5 years of experience. For 2 of those years, you can substitute certain certifications and education. Minimally, you must have 3 years of actual management experience in security, The 3 years also has to be in 3 practice areas - the practice areas are defined here:

CISM Job Practice Areas

Based on your description, you are not likely to qualify to hold a CISM.

JoJoCal19

Just to add to what paul78 said, I contacted ISACA directly and you don't have to have experience as a manager per se, but if you have 3 years of experience where you can check off at least one task statement in 3 of the practice areas you qualify. But then you look at the actual application and it states that you do. So I would contact ISACA and confirm if you have done the responsibilities of an ISM but not had the actual position, if that counts.

nipun1987

Thanks for the Reply.
I have registered for Dec 2013 CISM exam. Probably this is the first step towards moving to domain of information security.
Bit confused about the preparation part. I am gonna start up with 2009 Manual to have a glance of the overall scope.

How different is the 2009 CRM from 2013 ?

Regards
Nipun