Formerly Theanthropy Pte Ltd

Contact Support

+65 93852234

Call Us

Certified Information Security Manager (CISM)

CISM (Certified Information Security Manager) is an advanced certification that signifies an individual's expertise and experience in developing and managing robust enterprise information security programs.

ISACA's Certified Information Security Manager (CISM) certification is tailored for professionals with deep technical knowledge and practical proficiency in IS/IT security and control, aspiring to transition from a team member to a managerial position. By attaining the CISM certification, you enhance your credibility and confidence when engaging with internal and external stakeholders, peers, and regulatory bodies.

With a strong emphasis on management, ISACA's CISM certification equips professionals to strategically design, construct, and oversee comprehensive enterprise information security programs. By achieving this esteemed credential, you become part of an expanding and esteemed community of information security experts dedicated to safeguarding organizations from evolving cyber threats.

Funding by SSG - Up to 70% of the course fees (excluding GST) and Applicable for *UTAP*

Read this before your enroll

This course is certified by ISACA

15+ Yrs Experienced Trainers


10000+ Professionals Enrolled


Upto 70% Subsidy



Certified Information Security Manager (CISM)

Certified Information Security Manager (CISM) is globally recognized as the gold standard for professionals aspiring to excel in information security. It symbolizes expertise, dedication, and a deep commitment to ensuring robust information security practices.

Our comprehensive CISM training course delves into the essential aspects of constructing, developing, and governing information security operations. By completing this rigorous program, participants enhance their value within their organizations and gain a competitive edge in the market. The knowledge and skills acquired through this training enable professionals to implement information security governance and drive successful program development effectively.

By becoming a certified CISM professional, you will position yourself as a trusted authority in information security. Gain recognition from industry peers, attract new clients, and elevate your career to new heights.


AgileAsia is the premier training provider for the Certified Information Security Manager (CISM) course. We are dedicated to offering top-notch training and empowering professionals to excel in information security management.

Here's why AgileAsia is the ideal choice for your CISM training:

  1. Expertise: Our trainers are highly experienced and possess extensive knowledge of information security management. They bring real-world industry insights and practical knowledge to the training sessions, ensuring a comprehensive learning experience.

  2. Comprehensive Curriculum: Our CISM course is designed to cover all aspects of information security management, including the development, implementation, and governance of information security programs. The curriculum is aligned with the latest industry standards and best practices, equipping you with the knowledge and skills needed to excel in your role.

  3. Interactive Learning Environment: We believe in engaging and interactive learning experiences. Our training sessions incorporate various teaching methods, including case studies, group discussions, and practical exercises. This approach ensures that you understand the concepts and know how to apply them effectively.

  4. Industry Recognition: AgileAsia is recognized for its high-quality training programs and industry-leading certifications. By choosing AgileAsia for your CISM training, you align yourself with a reputable organization that produces skilled and competent professionals.

  5. Support and Resources: We provide ongoing support after completing the training program. We want you to know that we aim to ensure your success in implementing information security governance and program development within your organization. You can access additional materials, participate in discussion forums, and seek guidance from our experts whenever you need it.

By choosing AgileAsia for your CISM training, you invest in your professional growth and future success in information security management. Join us and become part of a thriving community of professionals committed to excellence in information security.

APMG Accredited Training Organisation - Certified Information Security Manager® (CISM) badge image. Issued by APMG International

Course Objectives:

  • Evaluate information security governance, risk, and implications: Gain the ability to assess the current state of information security governance within an organization, identify risks, and understand the impact of those risks.
  • Develop an information security governance process aligned with organizational goals: Learn strategies and techniques for developing an effective information security governance process that supports the goals and objectives of the organization. This includes incorporating cyber risk assessment methodologies.
  • Enhance information security governance given frameworks and emerging risks: Understand common frameworks and standards for information security governance and stay updated on emerging security risks and threats. Learn how to adapt and improve the governance process accordingly.
  • Implement information security risk management: Acquire the skills to identify, assess, treat, and monitor information security risks within an organization. Learn how to develop and implement risk management strategies to safeguard critical assets.
  • Evaluate resource requirements for implementing an information security program: Assess the human and technological resources needed to establish and maintain an effective program. Understand the cost implications and potential benefits of implementing such a program.
  • Develop an information security roadmap and strategy: Create a comprehensive roadmap and strategy for developing and implementing an information security program. Address potential cyber security risks and ensure the program aligns with organizational objectives.
  • Establish an incident response management program: Learn how to develop an incident response management program to identify and address cybersecurity vulnerabilities effectively. Be prepared to handle incidents and minimize the impact on the organization's security.

By the end of this course, participants will have the knowledge and skills to evaluate information security governance, develop effective strategies, implement risk management practices, and establish incident response programs. This will enable them to contribute to the overall security posture of their organizations and effectively manage potential cyber security risks.

  1. Understand the future of IT-oriented security and risk environment: Gain insights into the evolving landscape of IT security and risk and equip yourself with the knowledge and skills to navigate this dynamic field. Ensure that your organization's governance objectives are achieved in this ever-changing environment.

  2. Identify, design, and implement a comprehensive information security program: Learn the technical skills and knowledge necessary to identify potential security risks, design robust security measures, and implement an effective program. This includes understanding the latest industry best practices and techniques.

  3. Manage information security on a day-to-day basis: Acquire the skills to effectively manage and oversee the day-to-day operations of an information security program. Ensure that the goals of information security align with the overall organizational objectives and that the information and related technologies are used responsibly.

  4. Understand the relationship between executive leadership, enterprise governance, and information security governance: Explore the crucial relationship between organizational leadership, enterprise governance, and information security governance. Learn how these elements intersect and influence each other to ensure adequate information security management.

  5. Develop an information security strategy: Outline the key components of a robust information security strategy. Understand how to align the system with organizational goals and objectives and ensure its effectiveness in mitigating risks and protecting critical assets.

  6. Influence the information security strategy through risk assessment: Understand how the risk assessment process plays a vital role in shaping the information security strategy. Learn to identify and assess risks, prioritize actions, and make informed decisions to mitigate potential threats.

  7. Develop an information risk response strategy: Articulate the process and requirements for an effective information risk response strategy. Learn how to proactively address and manage risks, ensuring a swift and efficient response to potential security incidents.

  8. Build and maintain an enterprise information security program: Understand the components necessary for building and maintaining a comprehensive enterprise information security program. Gain insights into the organizational structures, policies, procedures, and technologies required to ensure the program's effectiveness.

  9. Assess the enterprise's readiness to manage information security incidents: Learn techniques to assess the enterprise's ability and willingness to handle information security incidents. Understand how to effectively evaluate and strengthen response and recovery capabilities to address security breaches.

  10. Measure and improve response and recovery capabilities: Explore methods to measure, evaluate, and continuously improve the response and recovery capabilities of an organization's information security program. I'd like you to learn how to enhance incident management processes and ensure a resilient and proactive approach to security incidents.

By completing this course, you will develop the skills and knowledge needed to navigate the complex world of information security governance, design and implement effective security strategies, and ensure the achievement of organizational objectives. Prepare yourself to effectively protect valuable information assets and respond to emerging security threats in a rapidly evolving IT landscape.


  1. Identify critical issues and customize company-specific practices: As a CISM-certified professional, you will have the expertise to identify essential information security issues and tailor practices that align with your organization's unique needs. This enables effective governance of information and related technologies, ensuring the confidentiality, integrity, and availability of valuable assets.

  2. Enhance enterprise credibility: Earning the CISM certification brings credibility to your enterprise. This certification demonstrates your commitment to excellence in information security management and assures stakeholders, including clients, partners, and regulators, that the organization takes security seriously.

  3. Gain a comprehensive view of information systems security management: The CISM certification provides a holistic understanding of security management and its vital role in achieving organizational success. You will develop the knowledge and skills to address complex security challenges and make informed decisions to protect critical assets.

  4. Communicate a commitment to compliance, security, and integrity: CISM certification is a powerful message to enterprise customers, showcasing your organization's dedication to compliance, safety, and integrity. This commitment contributes to the attraction and retention of customers, instilling confidence in their interactions with your organization.

  5. Improve alignment with organizational goals and objectives: With CISM certification, you will ensure improved alignment between your organization's information security program and its broader goals and objectives. Integrating security into the organizational strategy can drive effective risk management, resource allocation, and decision-making processes.

  6. Gain recognition from multinational clients and enterprises: The CISM certification is recognized and respected globally by global clients and enterprises. By holding this certification, you enhance the reputation and credibility of your enterprise in the international marketplace, opening doors to new opportunities and collaborations.

By attaining the CISM certification, you position yourself as a trusted information security professional equipped with the knowledge and skills to navigate complex security challenges and contribute to the success and growth of your organization.


Course Name: Certified Information Security Manager (CISM)

Course Duration: 4 Days

Course Fees: $2,240.00 (exclusive of GST and Exam Fees)

Funding: Up to 70% (by SSG)

               After 70% Subsidy: $851.20

               After 50% Subsidy: $1,299.20

Can claim UTAP: Yes

Can use skillsfuture credit: Yes

Exam Fees: $600.00 (together with course), or $900.00 (just exam voucher)


Next Schedule

No Upcoming Schedules



Certified Information Security Manager (CISM) Curriculum

Upcoming Course Schedules & Details






No Upcoming Schedules

Please Note:

  • Our classes are conducted at our office training venues.

Funding Eligibility

Individual - Singaporeans aged 40 & above
Course Fees $ 2240.00
Funding 70 %
Nett Fees $ 672.00
GST $ 201.60
Nett Fees + GST $ 873.60
Individual - Singaporeans aged below 40 & All PRs
Course Fees $ 2240.00
Funding 50 %
Nett Fees $ 1120.00
GST $ 201.60
Nett Fees + GST $ 1321.60
Course Fees $ 2240.00
Funding 0 %
Nett Fees $ 2240.00
GST $ 201.60
Nett Fees + GST $ 2441.60

Please Note:


SkillsFuture Credit:

  • Eligible Singapore Citizens can use their SkillsFuture Credit to offset course fees payable after funding. 


  • NTUC Members can enjoy up to 50% of funding (capped at $250 per year) under UTAP.


  • Eligible Singapore Citizens can use Post-Secondary Education Account funds to offset course fees payable after funding.
  • For physical class, check my SkillsFuture (TGS-2023020112), and scroll down to the "Keyword Tags" section for PSEA eligibility verification.
  • Not all courses are eligible for PSEA funding.


Absentee Payroll (AP) Funding:

  • $4.50/ hour, capped at $100,000 per organization per calendar year.
  • Absentee Payroll funding will be computed based on the actual number of training hours attended by the trainee. 

* For company-sponsored applicants paying Nett Course Fee is required to fulfilled the following criteria -
  • Training is fully sponsored by the company, which is registered or incorporated in Singapore.
  • Sponsored employee must be a Singapore Citizen or Singapore Permanent Resident and attend both training and final assessment (FA) on the assigned date and achieve a minimum of 75% attendance, and be certified competent in all the assessment components. 
  • Should the sponsored employee fail to meet the attendance/ assessment requirements and/or terms and conditions of SSG’s funding, the company will not be eligible.

For the latest SSG subsidy scheme, please refer to SSG website https://www.skillsfuture.gov.sg/

There are no prerequisite requirements for taking the CISM Course or the CISM exam.

To apply for CISM certification, you must have five or more years of professional experience in information security management, including at least three years of practical experience in one of the areas listed below. At the discretion of ISACA, you will be eligible to claim certain security or information system certification degrees or credentials for up to two years of the required five years of experience.

  • Duration: 4 Hours
  • Number of questions: 150
  • Question format: Multiple Choice
  • Passing marks: 450 out of 800
  • Exam language: English

In addition to passing the examination, there are additional requirements for obtaining the certificate. These can be found at: https://www.isaca.org/credentialing/cism/get-cism-certified

The certification is valid for a period of 3 years. Certified CISM’s must complete the re-certification process every three years in order to retain the qualification.

The certification is valid for a period of 3 years.

Certified CISM’s must complete the re-certification process every three years in order to retain the qualification.

To apply for CISM certification, you must have five or more years of professional experience in information security management, including at least three years of practical experience in one of the areas listed below. At the discretion of ISACA, you will be eligible to claim certain security or information system certification degrees or credentials for up to two years of the required five years of experience.

Click here to read about our Refund Policy and Process

Frequently Asked Questions

Enquire Now