ISACA's flagship management certification. CISM is the credential of choice for security managers, GRC leaders, and aspiring CISOs in audit-heavy industries.
Both are commonly required. CISM is preferred where the CISO reports to audit/risk; CISSP is preferred where the CISO reports to engineering or CTO. Most senior CISOs hold both within 2–3 years.
3 years. Maintain via 20 CPE hours/year and 120 over 3 years, plus a £35–£70 annual maintenance fee.
Yes — recognised by NCSC's CCP scheme as evidence of competence and listed across UK CISO/Head of Security adverts on LinkedIn and CW Jobs.
ISACA does not publish official rates but community estimates place first-time pass around 50–60%.
Run AI-graded mock interviews keyed to the CISM — Certified Information Security Manager body of knowledge.