CISM: Requirements & Exam Details
Informational only — not financial or career advice. Exam fees and certification requirements change, and the figures here are accurate only as of the listed verification date. Confirm the current fee and rules directly with the certifying body before you register or budget. We report the official-body exam fee for a single attempt; it excludes prep courses, materials and retakes, and is not the total cost of certifying.
The Certified Information Security Manager (CISM) credential is issued by ISACA and requires candidates to demonstrate five years of information security management experience before sitting for the exam. As of June 2026, the single-attempt exam fee is $760 for non-members and $575 for ISACA members. This fee is subject to change; candidates should verify current pricing on ISACA's official website before registering, as exam costs and eligibility requirements may be updated by the issuing body at any time.
Once earned, the CISM credential remains valid for three years, after which holders must renew through continuing professional education (CPE) credits to maintain active status. The specific number of CPE hours required and detailed renewal procedures are established by ISACA and may be subject to modification. Individuals considering the CISM certification should confirm all current prerequisites, fees, renewal requirements, and policies directly on ISACA's official page before making any registration decisions.
| Requirement | Detail |
|---|---|
| Prerequisites | 5 yrs info-security-management experience |
| Base exam fee | $760 |
| Fee notes | non-member $760 / member $575 |
| Validity / renewal | 3 years (CPE) |
Register with the issuer. Eligibility, fees and renewal rules are set by ISACA and can change — confirm on the official page.
Estimate your certification cost →