Information Security Management Professional (ISMP)

The ISMP exam is offered by (ISC)² and assesses your knowledge and skills in managing and securing information systems. To earn the CISSP-ISSMP certification, you must pass the computer-based exam, which consists of 125 multiple-choice questions with a 225-minute testing window.

Exam Syllabus:

The ISMP exam syllabus is divided into four domains, each weighted according to its importance on the exam:

Domain 1: Information Security Governance (28%)-
⚫ Security Policy and Standards
⚫ Security Risk Management
⚫ Security Program Management
⚫ Business Continuity and Disaster Recovery Planning
⚫ Legal and Compliance Considerations

Domain 2: Security Architecture and Engineering (22%)-
⚫ Security Architecture Principles
⚫ Secure Design Principles
⚫ Identity and Access Management
⚫ Secure Network Architecture
⚫ Secure Data Management

Domain 3: Security Operations (28%)-
⚫ Security Monitoring and Analysis
⚫ Incident Response and Handling
⚫ Security Operations Automation
⚫ Security Assessment and Testing
⚫ Vulnerability Management

Domain 4: Security Workforce Development (22%)-
⚫ Security Awareness and Training
⚫ Personnel Security
⚫ Security Skills and Knowledge Requirements
⚫ Workforce Development Programs
⚫ Measuring Security Awareness and Skills

Exam Pattern:
⚫ The exam is multiple-choice, with four answer options for each question.
⚫ There is no negative marking.
⚫ The passing score is 700 on a scale of 450-850.
⚫ The exam language is English, although Japanese may be available at some testing centers.

Additional Resources:
⚫ (ISC)² CISSP-ISSMP Certification: https://www.isc2.org/training/online-self-paced/issmp-online-self-paced
⚫ ISC2 CISSP-ISSMP Exam Syllabus: https://www.isc2.org/certifications/issmp/issmp-self-study-resources
⚫ ISC2 CISSP-ISSMP Practice Tests: https://community.isc2.org/t5/Exam-Preparation/CISSP-Official-ISC-2-Practice-Tests/td-p/35406