How to get CISM certified
You’ve prepared by doing the work, taken the exam and are now ready to apply for your CISM® Certification. Let’s make sure you have everything you need:
STEP 1: PASS THE EXAM
Prior to sending your application, you must meet the following requirements:
- Pass the CISM Exam within the last five years.
- Have five or more years of CISM professional work experience across at least three of the four CISM domains
- Unsure of requirements? VIEW MORE >
STEP 2: PAY THE APPLICATION FEE
Pay the one-time US$50 application processing fee.
- Once your official exam scores have been released, you may pay the application fee and then apply for certification.
- Login to your MYISACA account to access the application processing fee.
STEP 3: FILL OUT AND SUBMIT THE APPLICATION
Candidates must apply for certification within five years of having passed the exam.
- Get your experience verified by your supervisor or manager.
- Access to non-English applications >
Download CISM Application Forms (Non-English)
From June 2022 & Later:
If you passed the exam from June 2022 until the present, download the application form in your preferred language.
From 2018 to May 2022:
If you passed the exam from 2018 to May 2022, download the application form in your preferred language.
CISM certification requirements
Successfully complete the CISM examination
The CISM exam is open to anyone who has an interest in information security. You can still take the CISM exam even if you haven’t met the experience requirements yet, although you’ll have to meet those before getting certified. When you take the CISM exam, we’ll send you your results, and if you passed, the details you need to apply for your CISM certification. Candidates have five years from the passing date to apply for certification.
Demonstrate the minimum required work experience
A minimum of 5-years of professional information security management work experience within the CISM job practice areas—as described in the CISM job practice areas—is required for certification. Work experience for the CISM certification must be gained within the 10-year period preceding the application date for certification. Candidates have 5-years from the passing date to apply.
Earn & report CPE hours
Attain and report a minimum of 120 Continuing Professional Development (CPE) hours during a three-year reporting period, completing a minimum of 20 CPE hours per year. If these CPEs satisfy the requirements for other ISACA certifications, they may also count toward those designations.
Adhere to the Code of Professional Ethics
Members of ISACA and/or holder of the CISM designation, you’ll need to agree to a Code of Professional Ethics to guide your professional and personal conduct.