Site Logo

Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

Self-Paced Online ISACA CISM


365 Days (Online Self-Paced)

What’s Included

Everything You Need to Pass the CISM Exam

Official Training

ISACA Elite+ Training Partner

The CISM Online Review Course is an online preparation course that prepares learners to pass the CISM certification exam using proven instructional design techniques and interactive activities. The course covers all four of the CISM domains, and each section corresponds directly to the CISM Exam Content Outline.

The course incorporates video, narrated interactive eLearning modules, downloadable, interactive workbooks, downloadable job aids, case study activities, and a practice exam. Learners will be able to navigate the course at their own pace, following a recommended structure, or target preferred job practice areas. Learners may also start and stop the course based on their study schedule, picking up exactly where they left off the next time they access the course.



View Course Pricing

Learn More

Team Training Options

Learn More

Featured on

At the completion of this course you will be able to:

  • Explain the relationship between executive leadership, enterprise governance, and information security governance.
  • Outline the components used to build an information security strategy.
  • Explain how the risk assessment process influences the information security strategy.
  • Articulate the process and requirements used to develop an effective information risk response strategy.
  • Describe the components of an effective information security program.
  • Explain the process to build and maintain an enterprise information security program.
  • Outline techniques used to assess the enterprise’s ability and readiness to manage an information security incident.
  • Outline methods to measure and improve response and recovery capabilities.

This program is designed for:

  • Professionals preparing to become CISM certified
  • CISA or CISSP-certified individuals looking to move into information security management
  • General security management professionals looking to move into information security
  • Information security managers
  • Mid-level career change

All purchases of online learning courses are final. Access to the online learning courses and materials is immediate upon purchasing; therefore, no refunds or exchanges will be provided. Prices subject to change without notice.

CISM Self-Assessment
Video Content
Interactive Content
Downloadable Workbooks and Job Aids
Case Study Activities
Practice Exam

Domain 1 – Information Security Governance 

  • Describe the role of governance in creating value for the enterprise.
  • Explain the importance of information security governance in the context of overall enterprise governance.
  • Describe the influence of enterprise leadership, structure and culture on the effectiveness of an information security strategy.
  • Identify the relevant legal, regulatory and contractual requirements that impact the enterprise.
  • Describe the effects of the information security strategy on enterprise risk management.
  • Evaluate the common frameworks and standards used to govern an information security strategy.
  • Explain why metrics are critical in developing and evaluating the information security strategy.

Domain 2 – Information Security Risk Management

  • Apply risk assessment strategies to reduce the impact of information security risk.
  • Assess the types of threats faced by the enterprise.
  • Explain how security control baselines affect vulnerability and control deficiency analysis.
  • Differentiate between application of risk treatment types from an information security perspective.
  • Describe the influence of risk and control ownership on the information security program.
  • Outline the process of monitoring and reporting information security risk.

Domain 3 – Information Security Program 

  • Outline the components and resources used to build an information security program.
  • Distinguish between common IS standards and frameworks available to build an information security program.
  • Explain how to align IS policies, procedures and guidelines with the needs of the enterprise.
  • Describe the process of defining an IS program road map.
  • Outline key IS program metrics used to track and report progress to senior management.
  • Explain how to manage the IS program using controls.
  • Create a strategy to enhance awareness and knowledge of the information security program.
  • Describe the process of integrating the security program with IT operations and third-party providers.
  • Communicate key IS program information to relevant stakeholders.

Domain 4 – Incident Management

  • Distinguish between incident management and incident response
  • Outline the requirements and procedures necessary to develop an incident response plan.
  • Identify techniques used to classify or categorize incidents.
  • Outline the types of roles and responsibilities required for an effective incident management and response team
  • Distinguish between the types of incident management tools and technologies available to an enterprise.
  • Describe the processes and methods used to investigate, evaluate and contain an incident.
  • Identify the types of communications and notifications used to inform key stakeholders of incidents and tests.
  • Outline the processes and procedures used to eradicate and recover from incidents.
  • Describe the requirements and benefits of documenting events.
  • Explain the relationship between business impact, continuity and incident response.
  • Describe the processes and outcomes related to disaster recovery.
  • Explain the impact of metrics and testing when evaluating the incident response plan.

Course Features

Schedule Course Now

365 Day Access

Real-world Scenarios

24/7 Chat Technical Support

Official ISACA Exam Review

Let’s Get Started, Together

Get skilled, get certified. We offer a wide range of solutions trusted by thousands of organizations. Fill out a contact form and one of our Enterprise Solutions experts will contact you to discuss the best training solutions for your team. You can also e-mail our team directly at: [email protected]

Get Pricing & Schedule

What Others Are Saying

Asha Choi


Lab access connected to the coursework was a great feature.

Caitlin Rahman

Tier Concepts

These labs are the real deal! This is how I got my CCNA

Karen Zemer

Training Camp was great, really went above and beyond to support my CISA learning and development.

Harry Newsome


This exam frightens me to the point of not wanting to sit through it again. I will report that the Training Camp bootcamp was far better than any other I’ve attended.

Maria O

Training Camp absolutely nailed the teaching method for passing the certification exam.

Dr. Nancy Landreville

NML Computer Consulting Company Corp

Training Camp is an incredible organization with dedicated professional instructors who ensure the class is engaged in the learning experience. The venue is perfect and the staff provide excellent care of their customers during the training period.


Group Training

Are several of your team members interested in certification? Would you like them to attend training at your location or via a private virtual training course? Our enterprise solutions specialists will create a package of training that fits your organization’s specific training needs. We can accommodate group training packages for as few as five to as many as thousands of team members spread across the globe.

Learn More

Featured on