BCS Certificate in Information Security Management Principles Training

A thorough, practical, 5 day course designed to provide the knowledge and skills required to manage information security, information assurance or information risk based processes. QA's CISMP course is aligned with the latest national information assurance frameworks, as well as ISO/IEC 27002 & 27001; the code of practice and standard for information security. This course is a National Cyber Security Centre (NCSC) Certified Training course.

The course follows the latest BCS syllabus and prepares delegates for the BCS examination.

This qualification provides delegates with detailed knowledge of the concepts relating to information security; (confidentiality, integrity, availability, vulnerability, threats, risks and countermeasures), along with an understanding of current legislation and regulations which impact information security management. Award holders will be able to apply the practical principles covered throughout the course ensuring normal business processes become robust and more secure.

Target Audience

Although perceived as an IT issue, Information Security is in fact a subject relevant to all business units. The CiSMP program is ideal for members of information security management teams, IT Managers, security and systems managers, Information asset owners and employees with legal compliance responsibilities.

The course will act as a stepping stone to more advanced qualifications (either managerial or technical), and also sits nicely with existing project management and service management based programs.

Continuous Professional Development (CPD)

CPD points can be claimed for NCSC accredited courses at the rate of 1 point per hour of training for NCSC accredited courses (up to a maximum of 15 points).

There are no prerequisites.

• Recognise why information security is required.
• Identify Information Security Management System (ISMS) concepts and definitions.
• Define information risk management.
• Recognise corporate governance and organisational responsibilities, policies, standards and procedures.
• Specify relevant ISO and IEC standards
• Recognise information security controls.
• Appreciate incident management and legal frameworks.
• Identify areas of cryptography.
• Investigate data communications and networks, physical security and security auditing, training and awareness.
• Recognise business continuity and disaster recovery.
• Identify areas of testing, audit and review, and system development.
• Examine security investigations and forensics.

• The need for Information Security
• Information Security Management System (ISMS) concepts & definitions
• Information risk management
• Corporate governance
• Organisational responsibilities
• Policies, standards & procedures
• ISO/IEC 27002, 27001 & 13335
• Information security controls
• Incident management
• Legal framework - personal data, DPA, CMA, IPR & copyright, HR & employment issues
• Cryptographic models
• Data Communications & networks
• Physical security
• Auditing & gap analysis
• Training & raising awareness
• Business continuity
• Security investigations & forensics

Exam

• The course will prepare leaners for the BCS Certificate in Information Security Management Principles (BCS CISMP) through practical learning and mock exam preparation.
• The exam consists of 100 multiple-choice questions to be completed in a 2-hour exam, with learners needing 65% to attain certification.
• The exam is to be booked and taken outside of the Live event to allow learners to adequately prepare before taking the exam.