Information Systems Audit and Control Association ISACA Certified

Information Systems Audit and Control Association ( ISACA ) – Certified Information Security Manager (CISM ) ITEC 6324 Instructor: Dr. E. Crowley Name: Victor Wong Date: 9 Sept. 2004

Who is ISACA? u A pace-setting global organization for information governance, control, security, and audit professionals. u Founded in 1969 and formed in 1976. u Membership: > 35, 000 worldwide u Certification body of CISM & CISA etc 1 Reference: http: //www. isaca. org/

CISM – What and for Whom? u Designed for senior-level professionals who managed an organization’s information security and possess the knowledge and experience to set up, implement and direct an IT security structure to manage risk effectively. u For experienced information security managers and those who have information security management responsibilities. 2 References: http: //www. isaca. org/Content/Navigation. Menu/Security/CISM_Certification/Exam_I nformation 1/Bulletin_of_Information 1/cismboi. pdf

CISM – How to earn certification? u Passed CISM examination. u Adhere to the ISACA’s Code of Professional Ethics. u Submit verified evidence of minimum 5 years of information security work experience, with a minimum of 3 years security management work experience in 3 or more of the job practice analysis areas. 3 References: http: //www. isaca. org/Content/Content. Groups/CISM/Brochures_Flyers/cismbrochu re. pdf

CISM - Others u ISACA certified about 5, 000 individual with CISM designation since 2003. u Certification Magazine Salary Survey in 2003 indicated that Project Manager is the highest paying job in IT expertise field with an average salary of US$76, 440 and Security field was 2 nd with an average of US$72, 690. See figure on next slide. References: 4 http: //www. isaca. org/ http: //www. certmag. com/articles/templates/cmag_feature. asp? articleid=523&zoneid =1

Cert. Mag’s 2003 Salary Survey 5