The contemporary digital ecosystem has witnessed an unprecedented surge in cybersecurity threats, compelling organizations across diverse industry verticals to prioritize information security governance. The Certified Information Security Manager credential represents a cornerstone qualification that bridges the gap between technical expertise and strategic business acumen in the realm of information security management.
The proliferation of digital transformation initiatives has fundamentally altered the cybersecurity landscape. Organizations ranging from nascent startups to multinational conglomerates are experiencing an acute shortage of qualified information security professionals who possess both technical proficiency and managerial competencies. This scarcity has created lucrative opportunities for certified professionals who can demonstrate their expertise through internationally recognized credentials.
Recent industry analyses indicate that artificial intelligence adoption is accelerating across multiple sectors, with retail organizations leveraging predictive analytics at 71% capacity, investment banking institutions utilizing machine learning algorithms at 63% deployment rates, and approximately half of global insurance companies incorporating virtual assistant technologies into their operational frameworks. Natural language processing, image analysis, and robotic process automation are transitioning from experimental phases to mainstream implementation, with 61% of Asia-Pacific organizations classified as high-adopters of artificial intelligence technologies.
This technological evolution has created complex security challenges that require sophisticated governance frameworks and experienced professionals capable of navigating the intersection between emerging technologies and cybersecurity requirements. The CISM certification addresses these evolving needs by providing a comprehensive understanding of information security management from a business perspective rather than purely technical viewpoint.
Strategic Business Perspective of Information Security Management
The Information Systems Audit and Control Association has meticulously designed the CISM certification to emphasize the alignment between organizational business objectives and security program implementations. This strategic approach distinguishes CISM from other cybersecurity certifications that focus primarily on technical implementations without considering broader business implications.
Organizations today recognize that cybersecurity is not merely a technical consideration but a critical business enabler that can significantly impact operational efficiency, customer trust, and competitive positioning. The CISM Body of Knowledge reflects this understanding by incorporating business-oriented security management concepts that enable professionals to communicate effectively with executive leadership and translate technical security requirements into business language.
The certification has achieved remarkable growth trajectory, with ISACA surpassing the 50,000 certification milestone, establishing CISM as the second most sought-after cybersecurity certification globally, following only the CISSP credential. This achievement reflects the increasing recognition of information security management as a distinct professional discipline that requires specialized knowledge and skills.
The comprehensive curriculum encompasses four critical domains that reflect real-world challenges faced by information security managers. These domains provide a holistic understanding of security governance, risk management, program development, and incident response, enabling certified professionals to approach security challenges from multiple perspectives and develop integrated solutions that address both technical and business requirements.
Comprehensive Analysis of Professional Advantages
The CISM certification offers extensive professional benefits that extend far beyond immediate salary improvements. The credential enjoys recognition across 180 nations, creating global career mobility opportunities for certified professionals. This international recognition is particularly valuable in today’s interconnected business environment where organizations frequently operate across multiple jurisdictions and require security professionals who understand diverse regulatory requirements and cultural considerations.
Developing economies are making substantial investments in cybersecurity infrastructure, creating unprecedented opportunities for qualified professionals. India has allocated $4.5 billion toward cybersecurity system enhancements, while Brazil has committed $4 billion to similar initiatives. These investments reflect the growing recognition that cybersecurity is fundamental to economic development and competitiveness in the digital economy.
Developed nations are also significantly increasing their cybersecurity investments, with China pursuing ambitious infrastructure projects such as the Silk Road initiative spanning from Hong Kong to England, incorporating comprehensive cybersecurity measures throughout the development process. Dubai’s futuristic city planning initiatives, including protective dome technologies, demonstrate the integration of cybersecurity considerations into large-scale urban development projects.
These trillion-dollar infrastructure investments require cybersecurity professionals who can navigate complex technical, regulatory, and business requirements while managing international teams and stakeholder relationships. CISM-certified professionals possess the multidisciplinary knowledge and communication skills necessary to contribute effectively to such large-scale initiatives.
The certification positions professionals to assume various roles within the information security ecosystem, including enterprise security architecture design, security program development and maintenance, disaster recovery planning, regulatory compliance management, cost-benefit analysis of security investments, digital forensics coordination, and comprehensive information security governance oversight.
Detailed Examination Structure and Professional Pathways
The CISM examination is administered biannually during June and December, providing candidates with strategic timing options for their certification pursuits. The four-hour examination comprises 200 multiple-choice questions that assess candidates’ knowledge across four fundamental domains of information security management.
The examination domains include Information Security Governance, which evaluates understanding of organizational structures, policies, and procedures that support information security objectives. Risk Management and Compliance focuses on methodologies for identifying, assessing, and mitigating information security risks while ensuring adherence to regulatory requirements and industry standards.
Information Security Program Development and Management examines candidates’ knowledge of establishing, implementing, and maintaining comprehensive security programs that align with organizational objectives and risk tolerance levels. Incident Management evaluates understanding of processes and procedures for detecting, responding to, and recovering from security incidents while minimizing business impact and learning from experiences to improve future preparedness.
The examination utilizes a scaled scoring system with a maximum score of 800 points, requiring candidates to achieve a minimum score of 450 points to successfully pass. This scoring methodology ensures that successful candidates demonstrate comprehensive understanding across all domains rather than excelling in specific areas while lacking knowledge in others.
Career progression opportunities for CISM-certified professionals follow predictable advancement patterns based on experience levels and demonstrated competencies. Entry-level positions include systems analyst roles, security designer trainees, and security auditor trainees, providing foundational experience in various aspects of information security management.
Technical specialist positions represent the next career advancement tier, encompassing security consultant roles, senior security auditor positions, and experienced security designer responsibilities. These positions require deeper technical knowledge combined with project management and client interaction skills.
Managerial positions include account sales manager roles, project manager responsibilities, program manager positions, and product manager functions. These roles require strong leadership capabilities, business acumen, and the ability to translate technical requirements into business value propositions.
Executive-level positions represent the pinnacle of career advancement for CISM professionals, including Chief Information Officer roles, Chief Operating Officer positions, Chief Audit Officer responsibilities, IT Security Director functions, and Systems and Infrastructure Consultant positions. These roles require comprehensive understanding of business strategy, regulatory requirements, and technology trends.
Comprehensive Study Resources and Preparation Materials
The official CISM Review Manual represents the foundational study resource for certification preparation. Available through ISACA for approximately $135 including shipping via UPS, this comprehensive 350-page publication provides structured coverage of all examination domains through a two-section format for each domain.
The first section of each domain provides conceptual overviews and contextual information, while the second section delivers detailed technical content and practical implementation guidance. The manual includes domain definitions and task and knowledge statements that provide analytical frameworks for understanding domain requirements and interconnections.
The structured approach enables candidates to develop comprehensive understanding progressively, beginning with foundational concepts and advancing to complex implementation scenarios. The manual incorporates real-world case studies and examples that illustrate practical applications of theoretical concepts, bridging the gap between academic knowledge and professional practice.
Supplementary study materials can enhance preparation effectiveness, though experts recommend maintaining focus on official ISACA resources to ensure alignment with examination objectives and current industry standards. Third-party materials may provide alternative perspectives and additional practice opportunities but should complement rather than replace official study resources.
Detailed Financial Investment Analysis
The comprehensive financial investment required for CISM certification encompasses multiple components that contribute to preparation effectiveness and examination success probability. Understanding these cost elements enables candidates to develop realistic budget expectations and optimize their investment strategies.
Annual ISACA membership represents a strategic investment that provides significant cost savings across multiple certification activities. The $170 annual membership fee unlocks substantial discounts on study materials, examination registration, and continuing professional education requirements.
Membership benefits include reduced certification maintenance fees of $45 annually compared to $85 for non-members, representing immediate cost savings that justify the membership investment. Additionally, members receive $185 discounts on study materials and event registrations, creating additional value for active certification pursuers.
Online registration provides 75% discount opportunities for members, significantly reducing examination costs and improving accessibility for candidates in diverse geographic locations. This discount structure demonstrates ISACA’s commitment to making certification accessible while maintaining quality standards.
The official CISM Review Course offered by ISACA provides structured learning experiences for $795, delivering expert instruction and interactive learning opportunities that complement self-study efforts. This investment is particularly valuable for candidates who benefit from structured learning environments and expert guidance.
The Review Questions, Answers, and Explanations database subscription provides 12 months of access to practice questions and detailed explanations for $299 for members and $399 for non-members. This resource enables candidates to assess their knowledge retention and identify areas requiring additional study focus.
Alternative practice test options include third-party providers such as Certkiller, offering practice examinations for approximately $100 with three-month validity periods. These resources provide additional practice opportunities and different question formats that can enhance examination preparedness.
The examination registration fee of $575 represents the direct cost of taking the certification examination. This fee covers examination development, administration, scoring, and results reporting services provided by ISACA.
Complete Investment Breakdown and Ongoing Maintenance Requirements
The total initial investment for CISM certification encompasses several essential components that collectively represent a significant professional development investment. ISACA membership costs $170 annually and provides substantial long-term value through various discounts and member benefits.
Study materials including the official review manual cost approximately $120, providing comprehensive coverage of all examination domains and serving as ongoing reference resources throughout professional practice. The online CISM review course represents a $795 investment that delivers structured learning experiences and expert instruction.
The review database subscription costs $299 for members, providing extensive practice question access and detailed explanations that enhance understanding and examination preparedness. Examination registration requires $575, covering all administrative and scoring services.
The total initial investment approximates $1,959, representing a substantial commitment to professional development that reflects the certification’s value and recognition within the cybersecurity community. This investment compares favorably to advanced degree programs while providing immediately applicable professional credentials.
Ongoing certification maintenance requires annual fees of $135 for certified professionals, ensuring continued access to updated resources and maintaining certification validity. This maintenance fee supports ongoing curriculum development, industry research, and professional community activities.
Continuing Professional Education requirements necessitate participation in training events and professional development activities that typically cost $700-$850 annually, depending on event selection and participation levels. These activities provide 21-32 CPE hours and ensure certified professionals maintain current knowledge of evolving industry practices and emerging threats.
Virtual Instructor-Led Training sessions offer advanced learning opportunities for $200-$1,150, depending on session duration and curriculum complexity. These sessions provide 4-32 CPE hours and deliver expert instruction on specialized topics relevant to information security management.
Strategic Career Investment Considerations and Success Factors
The substantial financial investment required for CISM certification necessitates careful consideration of career objectives, current experience levels, and expected return on investment. Industry experts consistently recommend that candidates possess significant practical experience before pursuing advanced certifications to maximize success probability and career advancement potential.
The certification examination maintains rigorous standards with approximately 25% pass rates, reflecting the comprehensive knowledge requirements and high professional standards maintained by ISACA. This selectivity ensures that certified professionals represent the top tier of information security management practitioners.
Successful candidates typically demonstrate several common characteristics including extensive practical experience in information security management, comprehensive understanding of business operations and objectives, strong communication skills for interacting with diverse stakeholders, and disciplined study habits that enable mastery of complex technical and business concepts.
The Computer Adaptive Testing format increases examination difficulty by adjusting question complexity based on candidate responses, requiring thorough preparation across all domains rather than focusing on specific areas of expertise. This format ensures that successful candidates demonstrate comprehensive competency rather than narrow specialization.
Time management during the examination represents a critical success factor, as candidates must complete 200 questions within four hours while maintaining accuracy and avoiding careless errors. Effective preparation includes practicing under timed conditions and developing strategies for managing examination anxiety and fatigue.
Current Cybersecurity Employment Landscape and Future Projections
The cybersecurity employment ecosystem has undergone transformative expansion, propelled by escalating digital threats, stringent compliance mandates, and comprehensive organizational digitization strategies across diverse industrial verticals. Modern enterprises increasingly perceive information security as a fundamental business catalyst rather than a traditional operational expense, generating substantial demand for specialized practitioners capable of harmonizing technical proficiency with strategic business acumen.
Contemporary threat vectors have evolved exponentially in sophistication, complexity, and potential impact, necessitating advanced security frameworks and specialized expertise. Organizations worldwide are confronting unprecedented challenges from state-sponsored attacks, advanced persistent threats, ransomware campaigns, and sophisticated social engineering schemes. This evolving threat landscape has created an insatiable appetite for qualified cybersecurity professionals who possess comprehensive understanding of risk management principles, security architecture design, and incident response methodologies.
The digital transformation acceleration experienced across industries has fundamentally altered organizational security requirements. Cloud migration initiatives, remote workforce adoption, Internet of Things device proliferation, and artificial intelligence integration have expanded attack surfaces dramatically, creating complex security challenges that demand specialized knowledge and experience. These technological shifts have generated numerous specialized career pathways within cybersecurity, from cloud security architecture to artificial intelligence security governance.
Regulatory compliance requirements continue expanding globally, with frameworks such as GDPR, CCPA, HIPAA, SOX, and emerging legislation creating mandatory security program implementation across organizations. These compliance obligations have generated substantial demand for professionals who understand regulatory requirements, can design compliant security programs, and can demonstrate organizational adherence to security standards through comprehensive documentation and reporting.
Compensation Structure for Entry-Level CISM Professionals
Entry-level opportunities for CISM-certified professionals present compelling compensation packages, with baseline annual salaries typically commencing around $90,000, reflecting the immediate organizational value derived from certified expertise. These positions represent strategic investments by organizations seeking to strengthen their security posture through qualified professional recruitment, recognizing that certification demonstrates commitment to professional excellence and comprehensive knowledge acquisition.
The substantial starting compensation reflects market recognition of CISM certification rigor and the comprehensive knowledge requirements necessary for successful completion. Organizations understand that CISM-certified professionals possess validated expertise in information security governance, risk management, incident response, and security program development, enabling immediate contribution to organizational security objectives without extensive additional training requirements.
Entry-level CISM positions typically encompass diverse responsibilities including security policy development, vulnerability assessment coordination, compliance monitoring, incident response support, and security awareness program implementation. These roles provide exceptional opportunities for professional growth while applying theoretical certification knowledge within practical organizational contexts, accelerating skill development and career advancement potential.
Career progression opportunities from entry-level positions are typically accelerated for CISM-certified professionals, with organizations recognizing certification value through rapid advancement opportunities, expanded responsibilities, and enhanced compensation growth trajectories. Many organizations maintain structured career development programs specifically designed for certified professionals, providing mentorship, advanced training opportunities, and clear advancement pathways.
The comprehensive nature of CISM certification preparation ensures that entry-level professionals possess foundational knowledge across critical security domains, including governance frameworks, risk assessment methodologies, incident management processes, and business continuity planning. This broad knowledge base enables versatile contribution across multiple organizational security initiatives while developing specialized expertise in specific areas of interest.
Advanced Professional Compensation and Career Advancement
Experienced cybersecurity professionals holding CISM certification combined with substantial practical experience command exceptional compensation packages, frequently exceeding $156,000 annually, with comprehensive benefit structures including performance bonuses, equity participation, and additional incentive mechanisms. These elevated compensation levels directly correlate with the scarcity of qualified professionals and the critical importance of information security management to organizational survival and success.
Senior-level positions encompass strategic responsibilities including enterprise security architecture design, organizational risk management leadership, regulatory compliance oversight, and cross-functional collaboration with executive leadership teams. These roles require sophisticated understanding of business operations, strategic planning capabilities, and the ability to communicate complex security concepts to non-technical stakeholders effectively.
The compensation premium for experienced CISM professionals reflects their ability to provide immediate value through established expertise, proven track records, and comprehensive understanding of industry best practices. Organizations recognize that experienced professionals can navigate complex security challenges, implement sophisticated security programs, and provide strategic guidance that directly impacts organizational resilience and competitive advantage.
Career advancement opportunities for experienced CISM professionals extend beyond traditional employment structures, with many professionals transitioning to executive leadership roles such as Chief Information Security Officer, Chief Risk Officer, or Chief Technology Officer positions. These executive opportunities typically include substantial base compensation, equity participation, and comprehensive benefit packages reflecting the strategic importance of security leadership.
Consulting opportunities represent significant income augmentation potential for experienced CISM professionals, with specialized expertise commanding premium hourly rates for project-based engagements. Many professionals develop hybrid career models combining traditional employment with selective consulting engagements, maximizing income potential while maintaining professional flexibility and diverse experience acquisition.
Geographic Compensation Variations and Market Dynamics
Geographic location substantially influences cybersecurity compensation expectations, with major metropolitan centers and established technology ecosystems typically offering premium compensation packages designed to attract and retain qualified professionals within competitive talent markets. Cities such as San Francisco, New York, Washington D.C., Seattle, and Boston consistently demonstrate elevated salary ranges reflecting higher living costs and concentrated demand for cybersecurity expertise.
Technology hubs benefit from dense concentrations of organizations requiring sophisticated security capabilities, creating competitive talent markets that drive compensation levels upward through supply and demand dynamics. These markets often feature multiple organizations competing for limited qualified professionals, resulting in aggressive recruitment strategies and comprehensive compensation packages designed to differentiate employment opportunities.
The remote work revolution has fundamentally altered geographic compensation dynamics, enabling professionals to access premium compensation opportunities regardless of physical location while maintaining lower living costs in more affordable regions. Many organizations have adopted location-agnostic compensation strategies, recognizing that cybersecurity expertise transcends geographic boundaries and that remote professionals can provide equivalent value to their on-site counterparts.
International opportunities have expanded significantly for CISM-certified professionals, with global organizations seeking expertise to establish security programs across diverse regulatory environments and cultural contexts. These international assignments often include substantial compensation premiums, relocation assistance, and additional benefits designed to attract qualified professionals to challenging assignments.
Regional specialization opportunities exist within specific geographic markets, with certain locations developing expertise concentrations in particular security domains such as financial services security, healthcare security, or government security. These specialization clusters often command premium compensation due to concentrated demand and specialized knowledge requirements.
Industry-Specific Compensation Patterns and Opportunities
Financial services organizations consistently offer premium compensation packages for CISM-certified professionals due to stringent regulatory requirements, high-value asset protection needs, and sophisticated threat targeting. The sector’s heavy regulation through frameworks such as PCI-DSS, Basel III, and various banking regulations creates substantial demand for professionals who understand both security principles and financial industry compliance requirements.
Healthcare organizations have experienced dramatic security investment increases driven by HIPAA compliance requirements, electronic health record adoption, and increasing cyber threat targeting. The sector’s unique combination of sensitive personal information, life-critical systems, and complex regulatory environment creates substantial demand for specialized security expertise, resulting in competitive compensation packages for qualified professionals.
Government sector opportunities encompass federal, state, and local agencies requiring security clearances and specialized knowledge of government security frameworks. These positions often provide exceptional job security, comprehensive benefit packages, and unique opportunities to work on national security initiatives, though compensation levels may be moderated by public sector budget constraints.
Technology companies represent significant opportunities for CISM professionals, offering competitive compensation, equity participation, and exposure to cutting-edge security challenges. These organizations typically maintain sophisticated security programs requiring advanced expertise and innovative approaches to emerging threats, creating opportunities for professional growth and technical advancement.
Consulting firms provide exceptional income potential for experienced CISM professionals willing to accept project-based work arrangements and travel requirements. These opportunities often command premium hourly rates and provide exposure to diverse organizational challenges, accelerating professional development while maximizing income potential.
Market Demand Drivers and Future Outlook
Digital transformation initiatives continue accelerating across industries, driven by competitive pressures, operational efficiency requirements, and changing consumer expectations. These transformations create expanded attack surfaces and complex security challenges requiring specialized expertise to address effectively, generating sustained demand for qualified cybersecurity professionals.
Emerging technologies such as artificial intelligence, machine learning, quantum computing, and advanced automation systems introduce novel security considerations requiring specialized knowledge and innovative approaches. Organizations implementing these technologies require security professionals who understand both traditional security principles and emerging technology implications, creating opportunities for specialized expertise development.
Regulatory environment evolution continues generating new compliance requirements and expanded security obligations across industries. Privacy legislation such as GDPR and CCPA has established precedents for comprehensive data protection requirements, with additional legislation expected to expand organizational security obligations further, creating sustained demand for compliance expertise.
Cloud adoption acceleration has fundamentally altered organizational infrastructure and security requirements, creating demand for professionals who understand cloud security architecture, shared responsibility models, and multi-cloud security management. These specialized skills command premium compensation due to their critical importance to organizational cloud strategies.
The cybersecurity skills shortage continues expanding despite increased educational program availability and professional certification opportunities. Industry estimates suggest millions of unfilled cybersecurity positions globally, creating exceptional opportunities for qualified professionals and sustaining upward pressure on compensation levels across all experience levels.
Professional Development and Certification Value Proposition
CISM certification represents substantial professional investment demonstrating commitment to excellence and comprehensive knowledge acquisition across critical security domains. The certification’s focus on management-level responsibilities and strategic security thinking aligns with organizational needs for security professionals who can bridge technical and business perspectives effectively.
Continuing education requirements associated with CISM certification ensure that certified professionals maintain current knowledge of evolving threats, emerging technologies, and regulatory changes. This ongoing learning commitment provides sustained value to organizations while supporting individual professional development and career advancement opportunities.
The certification’s global recognition enables professional mobility across geographic markets and industry sectors, providing flexibility for career development and compensation optimization. Many organizations specifically seek CISM-certified professionals for senior security positions, recognizing the certification’s rigorous requirements and comprehensive knowledge validation.
Professional networking opportunities associated with CISM certification provide access to peer knowledge sharing, industry insights, and career advancement opportunities. Certified professionals often participate in professional organizations, industry conferences, and specialized training programs that enhance expertise while expanding professional networks.
Strategic Career Planning and Compensation Optimization
Successful cybersecurity career development requires strategic planning that balances technical skill development, business acumen acquisition, and professional certification achievement. CISM certification provides excellent foundation for management-focused career trajectories while supporting technical specialization in specific security domains.
Compensation optimization strategies include geographic mobility consideration, industry specialization development, and strategic skill acquisition aligned with emerging market demands. Professionals who develop expertise in high-demand areas such as cloud security, artificial intelligence security, or regulatory compliance typically command premium compensation levels.
Professional brand development through thought leadership, industry participation, and specialized expertise demonstration enhances career advancement opportunities and compensation potential. Many successful cybersecurity professionals develop recognition through conference speaking, industry publication, and community contribution that differentiates them within competitive talent markets.
Mentorship and professional coaching provide substantial value for career development, offering guidance on strategic decision-making, skill development prioritization, and career transition planning. Many organizations provide formal mentorship programs for certified professionals, recognizing the value of experienced guidance for professional development.
The cybersecurity profession offers exceptional opportunities for individuals committed to continuous learning, professional excellence, and strategic thinking. CISM certification provides solid foundation for career success while market dynamics ensure strong compensation potential and advancement opportunities for qualified professionals. Organizations like Certkiller provide comprehensive preparation resources that enable successful certification achievement and career advancement within this dynamic and rewarding field.
Future Market Trends and Certification Value Proposition
The information security management profession continues evolving in response to emerging threats, technological innovations, and changing business requirements. Artificial intelligence, cloud computing, Internet of Things deployments, and remote work trends are creating new security challenges that require sophisticated management approaches.
Regulatory requirements are becoming increasingly complex and comprehensive, with organizations facing potential penalties for non-compliance that can significantly impact financial performance and reputation. CISM-certified professionals possess the knowledge and skills necessary to navigate these regulatory challenges while maintaining operational efficiency.
The certification value proposition continues strengthening as organizations recognize the importance of strategic security management and seek professionals who can contribute to business objectives while maintaining appropriate risk levels. This recognition translates into continued demand growth and premium compensation for qualified professionals.
Industry analysts predict that cybersecurity spending will continue increasing at double-digit rates for the foreseeable future, driven by threat evolution and digital transformation initiatives. This spending increase creates corresponding demand for qualified professionals who can effectively manage security investments and demonstrate business value.
The CISM certification positions professionals to capitalize on these market trends by providing comprehensive knowledge of security management principles, business alignment strategies, and leadership competencies necessary for senior-level positions. This positioning ensures that certified professionals remain relevant and valuable throughout their careers regardless of technological changes or market evolution.
ConclusionÂ
The CISM certification represents a significant but worthwhile investment for information security professionals seeking to advance their careers into management and leadership positions. The comprehensive curriculum, rigorous examination standards, and ongoing professional development requirements ensure that certified professionals possess the knowledge and skills necessary to succeed in senior-level positions.
The substantial financial investment of approximately $1,959 for initial certification, plus ongoing maintenance costs, reflects the certification’s value and the comprehensive benefits it provides. This investment compares favorably to advanced degree programs while providing immediately applicable professional credentials and industry recognition.
Success in obtaining CISM certification requires careful preparation, practical experience, and commitment to ongoing professional development. Candidates should develop realistic timelines that accommodate work responsibilities while ensuring thorough preparation across all examination domains.
The certification provides excellent return on investment through enhanced career opportunities, premium compensation, and professional recognition. The growing demand for qualified information security managers ensures that certified professionals will continue enjoying favorable market conditions and advancement opportunities throughout their careers.