COURSE DESCRIPTION
EXECUTIVE CLASSES
Lunch and Evening Executive Class
​
Five Week Course: 40 hours of material
-
20 hours of afternoon and evening instruction from an ISACA Approved Instructor
-
20 hours of self paced learning
-
Optional office hours with the instructor
​
CISM
Domain 1: Information Security Governance: Developing information security strategy aligned with governance frameworks and standards, including organizational culture, legal, regulatory, and contractual requirements, and organizational roles and responsibilities.
Domain 2: Information Security Risk Management: Managing information security risk response through appropriate risk treatment options, risk and control ownership, and ongoing risk monitoring and reporting.
Domain 3: Information Security Program: Building and managing an information security program, including control design, selection, implementation, and evaluation, along with management of external service providers and program communication across the organization.
Domain 4: Incident Management: Establishing incident management readiness through response plans, business impact analysis, business continuity and disaster recovery planning, and incident investigation, containment, and post-incident review.
This course prepares students to sit for the ISACA Certified Information Security Manager (CISM) certification exam, a management-focused credential recognized as the globally accepted standard of achievement in enterprise information security management. Enrollment includes instruction, guided study, and exam preparation aligned to ISACA's official CISM exam domains, with earning the ISACA certification as the intended outcome of the course, not simply a CyberDI certificate of completion.
Class content covers how to build an information security strategy aligned with governance frameworks, how to manage information security risk through appropriate treatment and response options, and how to design, implement, and evaluate a full information security program, including oversight of external service providers. Students also work through incident management readiness, from response planning and business continuity through investigation, containment, and post-incident review.
Upon passing the CISM exam, students earn a certification held by more than 65,000 professionals worldwide and accredited by the American National Standards Institute under ISO/IEC 17024:2012. Certified professionals are equipped to assess risk, implement effective governance, and proactively respond to security incidents, and to communicate complex, high-stakes security management issues clearly to internal and external stakeholders, peers, and regulators.
CyberDI classes stand out for their dynamic, real-world approach to teaching security management. While the core curriculum covers what is tested, our instructors go beyond that, bringing current, practical context on how security leaders are managing governance, risk, and incidents right now across regulated industries and the defense industrial base. Office hours remain a cornerstone of the experience, giving students the chance to work through real security management scenarios with an instructor in real time.
AI Maturity Model Certification Program
A connected pathway across AI Audit, AI Risk, and AI Security Management, delivered under CyberDI's ISACA training partnership, building on the same cybersecurity foundations that already secure the defense industrial base.
Your Next Step: AI Security Management
CISM demonstrates the ability to govern risk, build security programs, and respond to incidents at the enterprise level. As AI systems introduce new categories of threat, that same leadership is now extending into AI security.
CyberDI offers a direct pathway from CISM into ISACA's Advanced in AI Security Management (AAISM) certification — the first and only AI-centric security management credential. AAISM is built for security managers who already hold a CISM and want to manage the security risks specific to AI, implement AI governance policy, and lead the responsible, secure use of AI across the organization.
For professionals supporting the defense industrial base, this matters even more. CISM is already recognized under DoD 8140 for roles that implement and manage CMMC programs. As AI increasingly touches CUI, FCI, and defense supply chain systems, AAISM extends that same DoD-aligned assurance into AI — keeping your CISM relevant as the threat landscape evolves.

