CISM Certification CPE Requirements.




in Job Roles



Why is earning CPE credits a requirement for CISM Certificate?

A Certified Information Security Manager (CISM) Certification is a great choice if professionals have at least five years of experience in cybersecurity and are considering advancing their careers. It is administered by ISACA and was created to provide ambitious IT security professionals with the managerial skills and expertise required. A CISM offers the fundamental abilities required to assess and manage security programs, develop asset risk management models, and provide security governance.

CISM Certification is a bonafide certification for senior company executives, IT Managers, information security professionals, IT software system developers, and application developers. It demonstrates a candidate's dedication to their career in information security. Additionally, it expands employment prospects and raises prospective earnings. The CISM Certification journey does not end even after obtaining the certificate. It expires after three years from the date of issue. Candidates must pay the renewal fee and earn CPE credits as per ISACA CPE policy requirements to maintain their certification.

What is CISM CPE?

The goal of this continuing professional education (CPE) policy is to ensure that all CISM professionals maintain an adequate level of current knowledge and proficiency. Professionals who successfully comply with the CISM CPE Policy will be better equipped to manage, design, oversee and assess an enterprise’s information security.

CISM CPE requirements:

The CISM CPE policy mandates that CPE hours be attained during a yearly and three-year certification term. The following criteria must be met by CISM professionals in order to maintain certification:

Earn 20 CPE Credits per year: A minimum of 20 CPE hours that are relevant, current, and contribute to the growth of the professional’s knowledge or ability to perform CISM-related duties must be reported by CISM professionals.

Earn 120 CPE Credits in each three-year period: After obtaining CISM Certification, applicants must obtain a minimum of 120 CPE credits over a three-year period to complete the renewal process. If not, the certification will expire and they will have to retake the certification exam.

Submit annual maintenance fee: CISM Certification holders must pay an annual CPE maintenance fee of USD 45 for members, and USD 85 for non-members.

Comply with the annual CPE audit: If CPE activities are selected for audit, candidates must submit the necessary documentation of CPE activities. The audit is conducted to evaluate an individual’s compliance with modern certification guidelines. It assists them in preserving the integrity of knowledge within the global network of professionals.

Comply with the code of ethics: Holders of CISM must comply with ISACA’s professional code of ethics. ISACA sets forth this Code of Professional Ethics to guide the certification holders.

ISACA CPE guidelines

The following are CPE guidelines established by ISACA that should be followed by professionals while maintaining their CISM Certificate.

Annual and three-year certification period: The annual CPE credit reporting calendar starts on the first of January each year. The three-year certification period varies and is indicated on each annual invoice and on the letter confirming annual compliance. The first calendar year following certification marks the beginning of the CPE requirements for newly certified CISM professionals. It is not necessary to earn CPE hours throughout the certification year. However, hours earned between the date of certification and the end of the year can be reported and it will automatically count toward the next year.

Payment of CISM Maintenance Fee: Within the third quarter of each calendar year, email notifications and a paper invoice will be sent to CISM professionals who are paying the maintenance fee.

Notification of Annual Compliance: A confirmation from ISACA international headquarters with all reported CPE hours for the three-year certification period will be sent to CISM certification holders who report the required number of CPE hours and pay the maintenance fee in full and on time. If there are any errors or omissions in this confirmation, candidates should immediately contact ISACA international headquarters.

Use of CISM Logo: The CISM logo should not be used by certification holders for personal purposes, such as overlaying it on business cards or business products. Since it can indicate ISACA's support or affiliation with the person's products or services. However, individuals can use the CISM acronym after their name.

CISM Certified professionals who fail to comply with the CPE policy will have their credentials revoked. He/she will no longer be allowed to present themselves as a certified individual. If he/she wishes to obtain CISM Certificate again, he/she must follow the entire exam process.

How to earn CPE for CISM Certificate?

The following are some ways to earn CPE for CISM Certificate.

ISACA professional education activities and meetings: ISACA conducts meetings, chapter programs, seminars, and conferences. Candidates can participate in these ISACA CPE meetings and educational events to earn CPE hours for their CISM Certification renewal. The number of CPE credits that may be obtained in this category is unlimited. So they can earn all 120 CPE credits from this category.

Non-ISACA professional education activities and meetings: CISM aspirants can participate in a variety of activities, including university courses, seminars, and in-house corporate training to gain CPE hours. They can obtain CPE hours through certification review courses that enhance the skills or knowledge for the certification. There is no limit to the number of CPE credits that may be earned in this category.

Self-study courses: This is the most convenient and affordable way of earning CPE hours. Professionals can attend CISM Training courses to earn CPE credits. These courses will only be accepted if the course provider issues a certificate of completion and the certificate contains the number of CPE hours earned for the course. Additional CPE can be earned by ISACA members through journal quizzes and ISACA eLearning activities. Candidates can earn all 120 CPE hours from this category.

Professionals should satisfy the guidelines outlined by ISACA to maintain their CISM Certification . CPE credits can assist professionals in demonstrating that they are up to date on the most current information in the cybersecurity field. They are also proficient in managing, designing, supervising, and reviewing the information security realm for organizations.

Professionals should earn 120 CPE credits every three years and pay a CPE maintenance fee of USD 45 for members, and USD 85 for non-members to retain their CISM Certificate.

ISACA members can get one hour of CPE credit for each Journal quiz they pass. They can access the quizzes on the CPE quizzes page of the ISACA website. The passing score for the quizzes is 75%.

Professionals can use CPEs for more than one certification as long as the activity is relevant to the certification they are reporting towards. All ISACA certifications are eligible for credit for CPE activities done through ISACA.

Candidates can publish or review papers, books, and monographs that relate to information systems. Copies of these materials have to be made available and published in an official print or online publication. Depending on the actual time spent creating the material, CPE credit is awarded.

No, professionals are not required to use CPE hours the year they receive their certification. The 3-year period CPE requirements will begin the following year. If they acquire CPE hours in a year they do not require, they may keep them and use them in the next year.

Candidates must submit written documentation of previously reported activities that satisfy the requirements outlined in the Qualifying Professional Education Activities if they are selected for an audit by CISM CPE. They must submit copies of any relevant documentation. The acceptability of hours for certain professional educational activities will be decided by the CISM Certification Committee.

Holders of CISM Certifications will have their certifications revoked if they fail to submit the required number of CPE hours. They won't be able to use the designations and advantages that come with the certification. They must retake the certification exam if the certification is revoked.

ISACA offers CISM professionals a variety of opportunities to earn free CPE credits. They can earn CPE through activities including online education, volunteer work, conferences, mentoring, and online courses.

CISM professionals can report their CPE hours online through the ISACA website once they have completed any activity.

CPE credits ensure that professionals are up to date on the current information in the cybersecurity field. They are also proficient in managing, designing, supervising, and reviewing the information security realm for organizations.