ISACA's Certified Information Security Manager (CISM) requires 120 Continuing Professional Education (CPE) hours over a 3-year cycle plus a 20-CPE annual floor — same structure as CISA but with a management-domain focus.
Recommended paths
If you were starting fresh
CPE TOTAL
120.0
COST
$0
TIME
86 hrs
ACTIVITIES
38
Closes the 120.0 CPE gap with 38 activities — free content where possible, paid where the credits-per-dollar are strong.
Cybersecurity Compliance Framework, Standards & Regulations
Self-paced · Coursera · Free
Implement retention, eDiscovery, and Communication compliance in Microsoft Purview
Self-paced · Microsoft Learn · 7 hr 50 min · Free
Create detections and perform investigations using Microsoft Sentinel
Self-paced · Microsoft Learn · 6 hr 34 min · Free
Implement Microsoft Purview Information Protection
Self-paced · Microsoft Learn · 6 hr 16 min · Free
Design security operations, identity, and compliance capabilities
Self-paced · Microsoft Learn · 6 hr 24 min · Free
Enhance security operations by using Microsoft Security Copilot
Self-paced · Microsoft Learn · 6 hr 12 min · Free
AZ-400: Implement continuous feedback
Self-paced · Microsoft Learn · 5 hr 4 min · Free
Secure, optimize, and deploy database solutions
Self-paced · Microsoft Learn · 7 hr 31 min · Free
Configure SIEM security operations using Microsoft Sentinel
Self-paced · Microsoft Learn · 4 hr 28 min · Free
Implement and manage Microsoft Purview Insider Risk Management
Self-paced · Microsoft Learn · 3 hr 59 min · Free
Plan and implement an identity governance strategy
Self-paced · Microsoft Learn · 3 hr 23 min · Free
Implement activity and event collection in Microsoft Sentinel
Self-paced · Microsoft Learn · 3 hr 38 min · Free
Manage investigations with Microsoft Purview eDiscovery
Self-paced · Microsoft Learn · 3 hr 2 min · Free
Secure AI identity infrastructure with Microsoft Entra
Self-paced · Microsoft Learn · 3 hr 8 min · Free
Protect information in a Microsoft 365 Copilot environment using Microsoft Purview
Self-paced · Microsoft Learn · 2 hr 55 min · Free
Reduce data exposure risk with Data Security Posture Management in Microsoft Purview
Self-paced · Microsoft Learn · 2 hr 42 min · Free
AZ-305: Design identity, governance, and monitor solutions
Self-paced · Microsoft Learn · 2 hr 25 min · Free
Systems Acquisition, Development and Implementation
Self-paced · Coursera · Free
AI For Grc Analysts
Self-paced · Cybrary · Free
The Zero Trust Framework
Self-paced · Coursera · Free
AI Foundations For Compliance Professionals — edX Professional Certificate
Self-paced · edX · Free
Enforce security governance and regulatory compliance
Self-paced · Microsoft Learn · 2 hr 23 min · Free
Deploy and operate Microsoft Security Copilot
Self-paced · Microsoft Learn · 1 hr 41 min · Free
Cloud Risk Management: A CISA's Field Guide
Jun 6 · ISACA · 1 hr 30 min · Free
Cisco SecureX: Building the Integrated SOC
Self-paced · Cisco U · 1 hr 30 min · Free
Empowering Incident Response Automation
Self-paced · SANS Institute · Free
Detecting Malicious Activity Large Enterprises
Self-paced · SANS Institute · Free
Ransomware in the Wild: Lessons Learned
May 31 · BrightTALK · Free
Audit and search activity in Microsoft Purview
Self-paced · Microsoft Learn · 1 hr 34 min · Free
Securing the Future: AI, Resilience, and Evolving Cyber Roles (#3)
Oct 20 · BrightTALK · Free
AI For Incident Responders
Self-paced · Cybrary · Free
Tabletop Exercise: Ransomware Across a Hybrid Estate
Self-paced · BrightTALK · 1 hr 30 min · Free
2020 Cyber Threat Intelligence Cti Survey Results
Self-paced · SANS Institute · Free
The Impact of Artificial Intelligence on the Cybersecurity Industry: Part 2
May 31 · BrightTALK · Free
Your Sneak Peek into Cybersecurity and Business Alignment at ISC2 Security Congress 2025- #3
Sep 17 · BrightTALK · Free
Live Europe 2020 Innovation IN Risk
Self-paced · Pluralsight · Free
Everything You Need to Know about CGRC in North America
May 31 · BrightTALK · Free
NEW-LIVE Ransomware Crisis Simulation with You in Control
May 31 · BrightTALK · Free