› Certifications · compare
Compare certifications
Pick up to 3 certifications and compare them side-by-side on cost, exam format, recertification, salary signal, quality, and domain coverage.
EC-Council · leadership
CCISOCertified Chief Information Security Officer
Executive leadership — governance, program mgmt, finance, and strategic planning for security.
Official pageISACA · leadership
CISMCertified Information Security Manager
Security program management, risk, governance, and incident governance. The manager / CISO-track signal.
Official pageComparing
EC-CouncilCCISO
ISACACISM
› Cost
Exam fee
CCISO$999
CISM$760
Exam fee
$999
$760
Annual maintenance fee
CCISO—
CISM$45/yr
Annual maintenance fee
—
$45/yr
3-year cost of ownership
CCISO$999
CISM$895
3-year cost of ownership
$999
$895
› Exam mechanics
Pass mark
CCISO72% (scaled)
CISM450/800 (scaled)
Pass mark
72% (scaled)
450/800 (scaled)
Retake policy
CCISO$999 fee · 30d wait
CISM$575 fee · 30d wait · 4/yr cap
Retake policy
$999 fee · 30d wait
$575 fee · 30d wait · 4/yr cap
Study time
CCISO80–160 hrs
CISM100–200 hrs
Study time
80–160 hrs
100–200 hrs
Validity
CCISO3 yrs
CISM3 yrs
Validity
3 yrs
3 yrs
CPE / yr
CCISO40 CPEs
CISM40 CPEs
CPE / yr
40 CPEs
40 CPEs
Delivery
CCISOonline proctored
CISMtest center
Delivery
online proctored
test center
› Salary signal (US base)
Range
CCISO$180K – $320K
CISM$130K – $190K
Range
$180K – $320K
$130K – $190K
Median
CCISO$225,000
CISM$155,000
Median
$225,000
$155,000
Premium %
CCISO—
CISM+11%
Premium %
—
+11%
Role context
CCISOCISO / Deputy CISO, US, 10+ years. Very wide range — depends on company size.
CISMInformation security manager / director, US, 5+ years.
Role context
CISO / Deputy CISO, US, 10+ years. Very wide range — depends on company size.
Information security manager / director, US, 5+ years.
› Quality (4-axis rubric · 0–10)
Schema quality
CCISO3.5
CISM9.0
Schema quality
3.5
9.0
Practice evidence
CCISO1.0
CISM1.0
Practice evidence
1.0
1.0
Maintenance
CCISO3.0
CISM8.5
Maintenance
3.0
8.5
Market recognition
CCISO3.5
CISM9.0
Market recognition
3.5
9.0
Average
CCISO2.8
CISM6.9
Average
2.8
6.9
› Recognition & lifecycle
Recognition
CCISOGlobal · US
CISMGlobal · US · EU · UK · DACH
Recognition
Global · US
Global · US · EU · UK · DACH
ISO 17024 accredited
CCISO—
CISM✓
ISO 17024 accredited
—
✓
DoD 8140 baseline
CCISO✓
CISM✓
DoD 8140 baseline
✓
✓
Holders worldwide
CCISO4,000
CISM70,000
Holders worldwide
4,000
70,000
Current version
CCISO2024 BoK (2024-01)
CISM2022 job-practice analysis (2022-06)
Current version
2024 BoK (2024-01)
2022 job-practice analysis (2022-06)
› Domain coverage
A1Governance, Risk & Compliance
CCISO● core
CISM● core
A1Governance, Risk & Compliance
● core
● core
A11Detection Engineering & Threat Hunting
CCISO·
CISM⚠ gap
A11Detection Engineering & Threat Hunting
·
⚠ gap
A12Data Security, Privacy & Protection
CCISO○ touched
CISM○ touched
A12Data Security, Privacy & Protection
○ touched
○ touched
A13Supply Chain Security
CCISO·
CISM○ touched
A13Supply Chain Security
·
○ touched
A18Security Leadership
CCISO● core
CISM● core
A18Security Leadership
● core
● core
A25Security Architecture & Engineering
CCISO○ touched
CISM○ touched
A25Security Architecture & Engineering
○ touched
○ touched
A4Application Security
CCISO·
CISM⚠ gap
A4Application Security
·
⚠ gap
A5Cloud Security
CCISO·
CISM⚠ gap
A5Cloud Security
·
⚠ gap
A7Incident Response & Forensics
CCISO·
CISM● core
A7Incident Response & Forensics
·
● core
A9Penetration Testing & Red Teaming
CCISO·
CISM⚠ gap
A9Penetration Testing & Red Teaming
·
⚠ gap
B1AI-Powered Threat Detection
CCISO·
CISM⚠ gap
B1AI-Powered Threat Detection
·
⚠ gap
C1Adversarial Machine Learning
CCISO·
CISM⚠ gap
C1Adversarial Machine Learning
·
⚠ gap
C7AI Governance & Risk
CCISO○ touched
CISM·
C7AI Governance & Risk
○ touched
·
Browse the full catalog or open any one of these on its detail page for full study materials, peer comparisons, and lifecycle notes.