Module 1: Information security principles
- Core concepts
- Information security and privacy
Learning outcomes
- Describe key terms and concepts related to information security management
- Explain the importance and benefits of information security
- Outline key considerations of personal data privacy legislation
Module 2: Information risk
- Understanding risk
- Risk management
Learning outcomes
- Identify key components of risk management
- Describe the processes involved in risk management lifecycle
Module 3: Information security frameworks
- Organisational responsibilities
- Policies, standards, and procedures
- Security governance
- The legal framework
- Information assurance standards
Learning outcomes
- Explain the role of organisational structure and policies in information security
- Describe key principles of security governance and assurance
- Identify major security standards, procedures, and frameworks
Module 4: Security operations
- Information lifecycle
- Information security management
- Technical audits and reviews
- Systems development
- Software development lifecycle
Learning outcomes
- Explain security architecture models and associated technologies
- Describe threat modelling frameworks and techniques
- Identify methods for assessing and managing security vulnerabilities
- Recognise common cyberattacks and threats
Module 5: The security lifecycle and DevSecOps
- Concepts, models, and technologies
- Security architecture
- Protection from cyber threats and malicious software
- Threat modelling
- Vulnerability analysis
Learning outcomes
- Explain the stages and considerations in information security lifecycle management
- Define key terms, features, and benefits of DevSecOps
Module 6: Technical security
- Networks and communications security
- External services and cloud security
- IT infrastructure security
- Cryptography fundamentals
Learning outcomes
- Explain core principles of network and communication security
- Identify technical measures for securing IT infrastructure
Module 7: Physical and environmental security
- Physical, technical, and procedural controls
- Clear screen and desk policies
- Equipment protection
- Security in delivery areas
- Secure disposal
Learning outcomes
- Identify common physical security controls and best practices
Module 8: Disaster recovery and digital forensics
- Incident response planning
- Business continuity management
- Disaster recovery planning
- Digital forensics fundamentals
Learning outcomes
- Describe key activities involved in incident response
- Define fundamental disaster recovery concepts
- Explain principles and processes of digital forensics
Module 9: Emerging and growing technologies
- Security concerns with emerging technologies
- AI governance and AI security
- Internet of Things (IoT)
- Operational technology security
Learning outcomes
- Identify security challenges associated with emerging technologies
Module 10: Practice exam
- Exam preparation guidance
- Full-length practice exam
Hands-on learning
This course includes:
- Practical exercises covering risk management, security governance, and threat analysis
- Case studies and real-world scenarios to apply security principles
- Exam-focused practice questions to aid preparation
Exams and assessments
This course includes a BCS examination voucher. Delegates will also complete knowledge checks and a full-length practice exam to reinforce key learning outcomes.
Once registered you will receive a confirmation email directly from the BCS. This email will reference a provisional exam location, date and time and should not be mistaken for a confirmed session.
You will receive a further email from Questionmark (within 48 hours). It is at this stage that you will be provided access to the live calendar to enable you to schedule your exam session.
All BCS exams are delivered as Remote Proctored. Learners will log into their QuestionMark portal and schedule their exam for any time that suits them at a later date. This must be sat only after 5pm on the final day of the course.
Exam Requirements
If you are taking a BCS exam you must bring photographic identification with you (passport, driving license or student card), as it is a BCS requirement to produce it for the invigilator prior to the exam. Failure to produce a valid form of photographic identification will result in a candidate not being able to sit the exam. For any questions about what form of identification is acceptable please contact your Account Manager or the QA Examination Administration team on 44 (0)1793 696273.
BCS allow additional time for candidates who have a disability or whose native language differs to that of the examination paper. Full details are provided in the BCS which is available to view on the BCS website. If you believe you qualify for this then please notify the Exam Administration team on the details below as early as possible. At least two weeks' notice will be required for processing this request. Delegates failing to advise QA and provide evidence when requested, may not be allowed the additional support offered via the BCS policy. QA Exam Administration can be contacted by email exam.admin@qa.com or by phone 44(0) 1793 696162.