Prime Learning

CISM blueprint

CISM exam domains

The ISACA blueprint defines 4 domains for June 2022 exam content outline.
View practice test Certification overview
ProviderISACA
Exam codeCISM
Exam standardJune 2022 exam content outline
Domains4

How to use the exam blueprint

Treat every domain as a required area of competence, then use its linked objectives to define exactly what to learn and practice. Published weights indicate relative exam emphasis, not permission to ignore lower-weight areas.

Prepare by objective and decision

Review the knowledge behind each objective, apply it in scenarios or practical work, and use targeted questions to test the decision being measured. Move to timed simulation only after the complete blueprint has been covered.

17% of blueprint / 1 objectives

Information Security Governance

Covers Establish and maintain information security governance and strategy..

20% of blueprint / 1 objectives

Information Security Risk Management

Covers Direct information security risk identification, assessment, response, monitoring, and reporting..

33% of blueprint / 1 objectives

Information Security Program

Covers Develop and manage an information security program aligned to strategy..

30% of blueprint / 1 objectives

Incident Management

Covers Establish and direct incident readiness, response, recovery, and improvement..