Liviu Munteanu

My Journey for The

ISACA CISM
CERTIFICATION
How You Can
Pass the CISM Exam
on Your First Try
 Liviu Munteanu

My Backgroud
Even though not mandatory, my practical
experience in the field of information
security has given me a valuable edge in
overcoming the CISM exam challenge.
CISSP Certified
5+ Years Information Security
Hands-On Experience
5+ Years Network Security Hands-
On Experience
1.5 Years Incident Response
Hands-On Experience
3+ Years Cyber Security
Architecture Hands-On Experience
 Liviu Munteanu

MAIN Steps
From Zero
to
CISM Certified

1. Understand What is Expected

2. Register For The CISM Exam
3. Study & Practice
4. Pass Exam
5. The Hands-On Experience
6. Become ISACA CISM Certified
 Liviu Munteanu

Step 1
Understand What is
Expected
 Liviu Munteanu

Before doing anything, carefully go

through the ISACA Exam
Candidate Guides.

These guides provide you with

important information about the
exam structure, content,
registration, fees, policies, and
procedures.

Step 1. Understand What is Expected

 Liviu Munteanu

The guides also include tips and

resources to help you study
effectively and efficiently.

By reading these guides, you will

have a clear understanding of what
to expect from the exam and how
to plan your preparation
accordingly.

Step 1. Understand What is Expected

 Liviu Munteanu

Step 2
Register for the CISM
Exam
 Liviu Munteanu

This is the most straightforward

step.

However, it plays a crucial role in

your exam preparation, as it will
enable you to prioritize study
activities and avoid
procrastination.

Based on my experience, you

would require at least two months
for going through the study
material, while working a full-time
role.
Step 2. Register for the CISM Exam
 Liviu Munteanu

You need to register for the exam

at least five days before your
preferred testing date.

You can reschedule or cancel your

exam appointment up to 48 hours
before.

Based on your location, you can

schedule the exam in a testing
center or you can choose remote
proctoring.

Step 2. Register for the CISM Exam

 Liviu Munteanu

Step 3
Study & Practice
 Liviu Munteanu

We all have our own unique

learning styles and preferences.

In the next pages, I will share how

I studied for the CISM exam.

However, for optimal results, I

recommend that you tailor your
learning style according to your
personality and preferences.

Links to the study materials I have

used are available in this post's
content.
Step 3. Study & Practice
 Liviu Munteanu

My Study Plan
1. Thor's CISM Course on Udemy,
CBT Nuggets Videos & Pete's
CISSP Video
2. Luke Arhmed Materials
3. Create and listen to the audio
version of the CISM Study Guide
Chapter Summaries (done this
while commuting to work or while
exercising) - AI to the rescue
4. Take the CISM QAE Database
practice questions
5. Review the CISM QAE Database
practice questions - focus on the
ones answered wrong
Step 3. Study & Practice
 Liviu Munteanu

My Study Plan
6. Take the CISM QAE Database
practice exams - no target score
7. Review the CISM QAE Database
practice exams questions - focus
on the ones answered wrong
8. Repeat steps 4 & 5
9. Retake the CISM QAE Database
practice exams (after at least 2
weeks from the initial tests) -
target score >85%
10. If target score reached: stand
for the exam; else: reschedule the
exam
Step 3. Study & Practice
 Liviu Munteanu

I started with Thor's CISM

Practice Test available on Udemy.
This helped with an initial
assessment of my knowledge.

Based on the results of this

assessment, I prepared my study
plan.

The link to Thor's Practice Test is

available in the post content

Step 3. Study & Practice

 Liviu Munteanu

Once I had scheduled the exam

and created the study plan, I
started to watch and listen to the
video courses.

While commuting or exercising I

listened to either the CBT Nuggets
Videos, Pete's CISSP course on
YouTube, or the audio version of
the CISM AIO Chapter Summaries.

I tried to read the CISM AIO Guide

but after going through half of it, I
gave it up.
Step 3. Study & Practice
 Liviu Munteanu

I used the CISM and CISSP guides

just for clarifying different
concepts that appeared in the QAE
practice questions.

After finishing the videos, I started

working on the practice tests, as
mentioned in the plan.

I focused mostly on the Difficult

and Expert level questions and
explanations. This helped me a lot
during the exam.

Step 3. Study & Practice

 Liviu Munteanu

After going through the practice

exams for the second time, I
scored 93% & 89%, so I decided to
take the exam as scheduled.

On the weekend before the exam, I

read Luke's book and watched his
YouTube video.
Also, I have reviewed the last
batch of QAE questions that I had
answered wrong.

Step 3. Study & Practice

 Liviu Munteanu

Step 4
Pass Exam
 Liviu Munteanu

I opted for the Remote Proctoring

version, as there are no PSI test
centers in Romania.

On the day before the exam, I've

done some risk management.

Taking such an exam from home

involves different risks, which you
would not face in a testing center:
power outages, loss of internet
connectivity, and insufficient
bandwidth.

Step 4. Pass The Exam

 Liviu Munteanu

I decided to use my mobile phone

(hotspot) for Internet
connectivity, to avoid any power
outage that might affect my local
WiFi network.

Also, I have decided to keep my

phone connected to a power bank,
to make sure that my battery does
not run out during the exam.

I tested my laptop with the PSI

connectivity test and made sure
that everything works as expected.
Step 4. Pass The Exam
 Liviu Munteanu

For remote proctoring, you will

need a web camera capable of a
360 degrees view of the exam
room.
The camera from your laptop will
not be enough.

I found the best place for my web

camera and tested it against the
PSI requirements.

After testing the camera, I made

sure that my laptop had a fully
charged battery.
Step 4. Pass The Exam
 Liviu Munteanu

I had my CISM exam scheduled

early in the morning - 08:00 AM.
My mind works better in the
morning.

For the best results, you should

schedule your exam according to
your biological rhythm.

At 07:30 AM my exam was

unlocked and I installed the PSI
browser.

Step 4. Pass The Exam

 Liviu Munteanu

Once the browser was installed,

the remote proctor started the
specific identification process.
Also, the proctor requested me to
show:
a 360 degrees view of my room
a view of my laptop's keyboard
a view from under my laptop
and mouse pad
a view from under my desk

After checking the environment, I

was asked to place my phone away
from my desk, out of reach.

Step 4. Pass The Exam

 Liviu Munteanu

After the verification process, the

proctor unlocked my exam.

You are allowed to take 2 breaks,

each break no longer than 10 minutes.
During the breaks, the exam timer
does not stop.

I finished the exam ahead of time and

I had enough time to go through all
the flagged questions, before
submitting it.

After submitting the exam, I received

a partial result mentioning that I
passed. I received the official score
after 10 business days.
Step 4. Pass The Exam
 Liviu Munteanu

Step 5
The Hands-On Experience
 Liviu Munteanu

To become CISM Certified you would

need at least 5 years of hands-on
experience in 3 of the 4 CISM Job
Practice Domains:

1. Information Security Governance

2. Information Security Risk
Management
3. Information Security Program
4. Incident Management

Step 5. The Hands-On Experience

 Liviu Munteanu

I have gained extensive exposure to

the CISM Job Practice Domains while
working at the RO Navy HQ.

Here I have dealt with various aspects

of information security such as:
legal & regulatory compliance
organizational infosec culture
governance structures
roles and responsibilities
strategy development and planning
infosec budget allocation decisions
risk management
Step 5. The Hands-On Experience
 Liviu Munteanu

I have gained most of my Infosec

Technical Hands-On experience in
the private sector, working on roles
like:
network security engineer
infosec analyst/officer
network consultant
cyber security architect/engineer
cyber security consultant

These roles helped me understand

concepts like cryptography, network
security troubleshooting, and cyber
security architecture best practices.
Step 5. The Hands-On Experience
 Liviu Munteanu

As previously stated, practical

experience is not a prerequisite for
passing the CISM exam, but it can
greatly enhance your comprehension
of the specific concepts and the
underlying implications of managing
Information Security Systems.

In order to become CISM Certified,

you can gain the requested
experience either before (10 years
prior interval) or after passing the
CISM exam.

Step 5. The Hands-On Experience

 Liviu Munteanu

Step 6
Become ISACA CISM
Certified
 Liviu Munteanu

After 10 business days of passing

the CISM Exam, you will receive
the official score from ISACA.

You are now eligible for the CISM

Certification.

Presuming that you have the

needed hands-on experience, here
are the steps to become certified.

Step 6. Become ISACA CISM Certified

 Liviu Munteanu

1. Pay the Certification Application

Fee

2. Fill in the PDF forms for the

specific experience.

3. Submit your CISM Certification

Application

4. Once your application has been

reviewed, you will be informed that
you have become CISM Certified -
presuming that you have satisfied the
CISM hands-on experience condition.

Step 6. Become ISACA CISM Certified

 Liviu Munteanu

1. Understand What is Expected

2. Register For The CISM Exam
3. Study & Practice
4. Pass Exam
5. The Hands-On Experience
6. Become ISACA CISM Certified