Back in 2010 I attended a three day course with Net Security training in Wembley, in preparation for a Certified Information Security Manager (CISM) exam a couple of weeks later. All of the work was theoretical, and it was assumed that you already had experience in most of not all of the domains covered.
The exam itself was paper based, with four hours given to complete 250 multiple choice questions. You then have to wait a few weeks before you get your results, at which point you can then apply for the certification from ISACA. You need to be able to demonstrate at least five years worth of experience in two or more of rhe domains as part of the certification process.
The certification lasts for three years, and in that time you need to complete a minimum of 120 hours of Continuing Professional Education (CPE), with at least 20 hours in each of the three years. I have recertified in this way once, and have already reached my target for this recertification period.