By Madalina

We are more than happy to announce  that our colleague, Alexandru Armean received the CISM (Certified Information Security Manager) certification.

This CISM is an international IT certification management focused, that is for professionals that design, build and manage companies information security programs.

According to ISACA (Information Systems Audit and Control Association) this “CISM certification promotes international security practices and recognises the individual who manages, designs, and oversees and assesses an enterprise’s information security.”

Alexandru Armean is a IT Security Manager with over 15 years of experience in Cyber Security at companies of different sizes with projects completed world wide.

Without further or do, Alexandru was happy to answer to some questions about this certification and share his 

experience with us.

Check the interview below:

  1. Alexandru, congratulations for the CISM certification! I know this haven’t been easy to receive, and the work must have been quite a lot. Can you explain me more about what this certification means?

The CISM certification is a US-centric certification for individuals involved in the management of Cyber Security risk. A person with CISM has the necessary abilities to guide a company towards the right actions in the current environment of high Cyber Risk and significant regulatory changes.

2.Why did you decide to pursue the CISM certification?

CISM was brought to my attention at one of the companies I worked since the leadership was based in the US and we had a vision of certifying the knowledge of the complete cyber security team. CISM offered a unique solution for certifying management competence by verifying the knowledge (written exam), experience (at least 5 years) and trustworthiness (written recommendation).

3. How does the CISM certification help you in your work?

Until CISM I had to rely on experience and hints from industry standards for guidance regarding the decision making framework. After learning for CISM, I was very glad to have a better structure for all the experience I have gathered up until that point. For example, when I have to define the roles and responsibilities of different members of an organisation (from top management to individual contributors), I used to follow hands-on experience from past organisations, but the CISM training offered clear statements regarding the roles different organisation members have related to Cyber Security Risk. 

4. How does this certification influence the performance of the team?

By offering clear guidelines in our projects regarding the scope of our work and by showing our clients that we offer consulting from a state of experience and competence. The team relies on me to offer clear statements regarding ownership of Cyber Security topics and the clients, usually senior manager and company owners, appreciate somebody who can relate Cyber Risk to Business Objectives.

5. How does the CISM certification help you for evolving the cybersecurity challenges?

To maintain the CISM certification you have to provide annual proof that you are active in the field of Cyber Security. I think that this fact combined with the community around ISACA, the organisation issuing the certification, is a good solution for being on top of current challenges.

Be sure to send your congratulations on Alexandru’s LinkedIn account.