CISM Exam Preparation Course prepares professionals for the CISM® certification exam through a structured review of information security governance and management topics. The training consolidates strategic and operational concepts, based on Behaviour®’s own content and aligned with the domains publicly indicated by the certification body.
CISM® and ISACA® are registered trademarks of ISACA®. This training is developed and delivered by Behaviour® with its own content, as an independent preparation course for the CISM® exam.
Quick Access: Introduction· Why this course exists· What this course enables· Topics and areas· Value· Objectives· Target audience· Prerequisites· Programme· Exam & Certification· Other information· Benefits· Logistics· FAQs· Registration
Upcoming dates
Confirmed dates.
Synchronous, live training. Interaction with the trainer and the group.
Live Online • next edition
Live Online • base price
Language: available in Portuguese or English
Training: review + original exercises by thematic area
Certification exam: 4h (150 questions) • not included
PROFESSIONAL LEVEL — practical application of methods in a professional context
Why this course exists
To develop information security management skills with method, a common language and execution capability, while also supporting preparation for the certification exam.
Many organisations depend on critical digital services but fail to ensure consistent governance, effective risk management, a sustainable security programme and incident response with evidence and continuous improvement.
The CISM® exam is associated with information security management competencies. The course helps participants consolidate knowledge and practice in the main areas assessed, through a structured preparation approach.
What this course enables you to do
Govern
Define and maintain an information security governance structure aligned with strategy, objectives and applicable requirements.
Manage risk
Apply risk management principles and practices to the security programme and support risk-based decisions.
Build the programme
Develop and manage a security programme with priorities, metrics and control over execution.
Respond to incidents
Establish and direct incident management, response and recovery, reducing impact and improving maturity.
Topics and competence areas addressed throughout the course
Exam areas publicly indicated by the certification body
Information Security Governance
Information Security Risk Management
Information Security Programme (design, execution, metrics)
Incident Management (response and recovery)
Integration with modern environments (cloud and digital operations)
Value for the organisation
- Greater consistency and credibility in Information Security management through recognised method and language.
- Stronger governance and alignment of security with business objectives and applicable requirements.
- Improved ability to assess and manage risk, prioritise controls and justify investment.
- More effective incident response, with continuous improvement and reduced operational and reputational impact.
Introduction
The CISM Exam Preparation Course is professional training in Information Security management and governance, intended for managers and professionals who wish to prepare for the CISM® certification exam.
Develop a structured view of information security management, oriented towards leadership, planning, implementation, monitoring and evaluation, while supporting preparation for the CISM® exam. The course prepares participants to assess risks, implement an effective governance model and respond to security incidents in a structured and proactive way, aligned with organisational objectives.
The CISM Exam Preparation Course addresses the main areas assessed in the exam, including Information Security Governance, Information Security Risk Management, Information Security Programme and Incident Management. Consolidation is carried out through discussion, original exercises by thematic area and Behaviour® simulation, aimed at transforming knowledge into exam performance.
The training includes proprietary support resources, guided discussion, exercises by thematic area and a final exam simulation.
This Training Plan and the associated documents are Behaviour®’s own content, protected by Copyright and registered as a literary work with IGAC.
General Objectives
At the end of this course, participants will be able to:
- Develop an information security governance structure aligned with organisational objectives.
- Establish and maintain a structure that ensures alignment between security strategy, business goals and applicable requirements.
- Apply risk management principles and practices to the information security programme.
- Identify and manage information security risks to support business objectives.
- Develop and manage an information security programme aligned with business strategy and objectives.
- Supervise and direct security activities to execute the programme.
- Establish an effective incident management programme to respond to and manage incidents.
- Develop and manage response and recovery capability for disruptive events related to security.
- Reach the exam with structured preparation in the areas publicly indicated by the certification body.
Target Audience
- Information Security managers and professionals.
- Security directors.
- Security officers.
- Security consultants and professionals.
- Cybersecurity managers and professionals.
- Executive and operational managers.
- IS/IT consultants.
- Candidates for the certification exam.
Prerequisites
To attend this course, participants are recommended to:
- Have fundamental knowledge of information security, risk management and the areas assessed in the exam, as well as understanding of English to follow the associated terminology.
- Other specific requirements may apply, where relevant, depending on the quotation or proposal presented (please consult the proposal).
Programme
Review by competence areas
- Introduction and Course Plan
- Information Security Governance
- Information Security Risk Management
- Information Security Programme
- Incident Management
Exam Preparation (simulation)
- Exam preparation: Behaviour® simulation
- Original practical questions, with correction and explanation of reasoning
Exam(s) and Certification
Certification exam
The certification exam is not included in the course price. Registration, scheduling, delivery, eligibility requirements, certification decision and issuance of the certification are managed directly by the certification body, in accordance with its rules in force. The course does not include the exam, voucher, official materials or certification application process.
Certification requirements
Other Information
General Information
- Training available in Portuguese or English.
- Behaviour® proprietary support materials, made available online, with original exercises by thematic area and consolidation resources, according to the awarded conditions.
- Behaviour® exam simulation on the last day of training.
- Behaviour® digital Training Attendance Certificate, with indication of 35 CPD/CPE credits awarded by Behaviour®.
Trainer(s)
Benefits
View benefits
- Normalisation of language, criteria and practices in Information Security management, reducing ambiguity and increasing consistency.
- Strengthened professional and organisational credibility with clients, suppliers, external audits and governance functions.
- Practical capability to direct governance, risk, programme and incident management, with immediate applicability.
- Structured preparation for the certification exam, with review by competence areas and Behaviour® simulation.
- Pedagogical model oriented towards effective competence acquisition, active participation and meaningful learning.
Logistics
Useful information
- Live Online (synchronous time): 09h30–17h30 (Lisbon time), with lunch break and short breaks.
- Classroom (synchronous time): 09h30–17h30 (Lisbon time), with lunch break and short breaks.
- 28 hours of synchronous training, distributed across 4 consecutive days.
- Estimated 7 hours of guided autonomous work, intended for content consolidation, carried out flexibly outside the synchronous sessions.
- Requirements: computer with stable internet, browser, PDF reader, audio/video.
Hotels in Lisbon
Find out where you can stay in Lisbon, near Behaviour, for classroom training.
Frequently Asked Questions
Objective answers to common questions about this CISM Exam Preparation Course.
Is this course useful for professionals who already work in information security but have not yet held formal management roles?
Does the course only help prepare for the exam, or does it also consolidate a management view applicable in real organisational contexts?
Can professionals who already hold other information security certifications benefit from this course?
Can this course be relevant for organisations that want to strengthen security management maturity, even without an immediate individual certification objective?
Is the course suitable for those who want to structure the connection between security, risk and business objectives?
For general questions about registration, delivery modes, exams, certification and recertification, please consult the BEHAVIOUR® FAQs.
Registration
Complete the form to request your registration for the preferred edition. Check the upcoming dates.
Training delivered by a certified training provider (processes and quality). See DGERT framework.
Request more information
If you would like help to frame the course within your professional or organisational context, contact us and we will indicate the most suitable path.
Companies: request a proposal
For team registrations, we provide volume conditions and a proposal tailored to the organisational need.
This course may be attended by individual professionals. It may also be integrated into capability development paths for professionals with responsibilities in Information Security management, implementation and monitoring.