Course Description

The BCS Foundation Certificate in Information Security Management Principles online training delves into various approaches, concepts, and techniques within the realm of IT security.

Upon completing the training, you will showcase your comprehension of these aspects, as specified in the learning objectives outlined below:

You will demonstrate knowledge and understanding of Information Security Management Principles in the following areas:

Understanding concepts related to information security management (confidentiality, integrity, availability, vulnerability, threats, risks, countermeasures).
Grasping relevant current legislation and regulations impacting information security management.
Understanding relevant current national and international standards, frameworks, and organisations facilitating information security management.
Acquiring knowledge of the environments where information security management operates.
Understanding the categorisation, operation, and effectiveness of controls with different types and characteristics.

Modules Covered

Foundation CISMP Syllabus

Learning Outcomes:

Upon completion of this course, you will showcase your expertise and comprehension of Information Security Management Principles in the following domains:

Mastery of concepts about information security management, including confidentiality, integrity, availability, vulnerability, threats, risks, and countermeasures.
Proficiency in understanding current legislation and regulations that impact information security management.
Comprehensive understanding of current national and international standards, frameworks, and organisations facilitating information security management.
Acquired knowledge of the operational environments where information security management is essential.
Understanding the classification, implementation, and effectiveness of various types and characteristics of controls.

Course Outline & Weighting

Information Security Management Principles (10%)

Identify definitions, meanings, and usage of concepts and terms in information security management.
Explain the necessity for and advantages of information security.

Information Risk (10%)

Gain insight into risk assessment and management in the context of information security.
Outline threats to and vulnerabilities of information systems.
Describe processes for understanding and managing risk in information systems.

Information Security Framework (15%)

Explain the implementation of risk management in an organisation.
Interpret principles of law, legal jurisdiction, and related topics impacting information security management.
Describe common standards and procedures directly affecting information security management.

Security Lifecycle (10%)

Demonstrate understanding of the significance and relevance of the information lifecycle.
Identify stages of the information lifecycle.
Outline concepts of the design process lifecycle, including essential and non-functional requirements.
Explain the importance of technical audit, review processes, change control, and configuration management.
Describe security risks associated with systems development and support.

Procedural/People Security Controls (15%)

Explain information security risks involving people.
Describe user access controls for managing these risks.
Recognise the importance of appropriate training for individuals involved in information handling.

Technical Security Controls (25%)

Outline technical controls for protection against malicious software.
Identify information security principles related to networks and communication systems.
Recognise information security issues associated with value-added services using networks and communication systems.
Define security aspects in information systems, including operating systems, database and file management systems, network systems, and applications systems, within the IT infrastructure.

Physical and Environmental Security Controls (5%)

Outline physical security aspects in multi-layered defenses.
Explain environmental risks to information and the need for appropriate measures, such as power supplies and protection from natural disasters.

Disaster Recovery and Business Continuity Management (5%)

Describe the differences between and the necessity for business continuity and disaster recovery.

Other Technical Aspects (5%)

Demonstrate understanding of principles, common practices, legal constraints, and obligations related to investigations.
Describe the role of cryptography in system and asset protection, including awareness of relevant standards and practices.

Accreditation

This course is nationally accredited by BCS - The Chartered Institute for IT.

BCS, The Chartered Institute for IT, is dedicated to fostering broader societal and economic advancement by promoting the development of information technology theory and application. Since its inception in 1957, BCS has remained steadfast in pursuit of this objective.

Benefits

Fast-Track a career in Information Security
1-year BCS membership included
Certified & Experienced Trainers
Accredited by BCS

Eligibility

Please note this is a paid qualification, therefore you will have to pay the course fee in order to start studying.

Is the BCS Foundation Certificate in Information Security Management Principles suitable for me?

If you seek comprehension of information security management principles, especially if you're involved in information security responsibilities or contemplating a career transition into this domain, this course is tailored for you.

Additionally, it offers existing professionals the chance to augment or update their expertise, leading to an industry-recognised qualification that validates their acquired knowledge level.

Prerequisites

There are no formal entry requirements however, you should have basic working IT knowledge and an awareness of the issues involved with the security control activities.