This is a review course for working information security and risk management professionals — not an introduction to the field. If you already understand security governance, risk assessment, security program operations, and incident management fundamentals, this fast-track course gives you a focused, high-efficiency way to prepare for the CISM exam. You’ll move through all four CISM domains, reinforcing the exact concepts, terminology, and decision frameworks that ISACA tests. Every domain closes with CISM-style practice questions so you can assess your understanding before moving on.
Domain 1 (Information Security Governance — 17% of the exam) covers governance structures, security strategy alignment with business objectives, the CISO’s organizational role and reporting relationships, steering committees, legal and regulatory requirements, and framework selection. You’ll review how ISACA frames governance effectiveness and the exam’s emphasis on strategy-to-policy translation — including COBIT, ISO 27001, and NIST CSF alignment. This domain also addresses organizational culture, ethics, and the governance mechanisms that give the security program its authority.
