2,5 weeks after the CISSP exam, I passed the CISM exam today as well. Took me roughly 2 hours to go through the 150 questions. No comparison to the depth and breadth of the CISSP exam prepartion. I subscribed to the Edusum exam preparation platform and also bought the book - All-In-One-CISM book from Peter Gregory to prepare. There is a DVD in the book as well with test questions. But I liked the Edusum platform better, as they were closer to the actual exam. To sum it up - if you did pass the CISSP, there is only very incremental effort required to get you prepared and in the mindset to pass CISM as well. Even there is quite some redundancy in the coverage, I still believe it's worth to do both, as CISM much better highlights the managerial side of things as well as how to integrate the information security program with the overall business objectives.