Information Systems Audit and Control Association ( ISACA ) – Certified Information Security Manager (CISM ) ITEC 6324 Instructor: Dr. E. Crowley Name: Victor Wong Date: 9 Sept. 2004

Who is ISACA?  A pace-setting global organization for information governance, control, security, and audit professionals.  Founded in 1969 and formed in  Membership: > 35,000 worldwide  Certification body of CISM & CISA etc 1 Reference:

CISM – What and for Whom?  Designed for senior-level professionals who managed an organization’s information security and possess the knowledge and experience to set up, implement and direct an IT security structure to manage risk effectively.  For experienced information security managers and those who have information security management responsibilities. 2 References: nformation1/Bulletin_of_Information1/cismboi.pdf nformation1/Bulletin_of_Information1/cismboi.pdf

CISM – How to earn certification?  Passed CISM examination.  Adhere to the ISACA’s Code of Professional Ethics.  Submit verified evidence of minimum 5 years of information security work experience, with a minimum of 3 years security management work experience in 3 or more of the job practice analysis areas. 3 References: re.pdf

CISM - Others  ISACA certified about 5,000 individual with CISM designation since  Certification Magazine Salary Survey in 2003 indicated that Project Manager is the highest paying job in IT expertise field with an average salary of US$76,440 and Security field was 2 nd with an average of US$72,690. See figure on next slide. 4 References: =1

CertMag’s 2003 Salary Survey 5