CISM Review Manual 2010

The CISM Review Manual 2010 is a comprehensive reference guide designed to assist individuals in preparing for the CISM exam and individuals who wish to understand the roles and responsibilities of an information security manager. The manual has evolved over the past six editions and now represents the most current, comprehensive, globally peer-reviewed information security management resource available.

The CISM Review Manual 2010 features a new format. Each of the five chapters has been divided into two sections for focused study. The first section contains the definitions and objectives for the five areas, with the corresponding tasks and knowledge statements that are tested on the exam.

• Definitions for the five areas
• Objectives for each area
• Descriptions of the tasks
• A map of the relationship of each task to the knowledge statements
• A reference guide for the knowledge statements, including the relevant concepts and explanations
• References to specific content in Section Two for each knowledge statement
• Sample practice questions and explanations of the answers
• Suggested resources for further study

Section Two consists of reference material and content that supports the knowledge statements. Material included is pertinent for CISM candidates knowledge and/or understanding when preparing for the CISM certification exam. Also included are definitions of terms most commonly found on the exam.

This manual can be used as a stand-alone document for individual study or as a guide or reference for study groups and chapters conducting local review courses. It is a primary reference resource for information security managers seeking global guidance on effective approaches to governance, risk management, program development, management and incident response.

• Information security governance
• Information risk management
• Information security program development
• Information security program management
• Incident management and response