Introduction
Course Overview
The BCS Foundation Certificate in Information Security Management Principles online training course covers a range of approaches, concepts, and techniques within IT security.
After your training, you will be able to demonstrate your knowledge and understanding of these aspects, as specified in the learning objectives outlined below.
You will be able to demonstrate knowledge and understanding of Information Security Management Principles in the following areas:
- Knowledge of the concepts relating to information security management (confidentiality, integrity, availability, vulnerability, threats, risks, countermeasures).
- Understand the relevant current legislation and regulations which impact information security management.
- Comprehension of the relevant current national and international standards, frameworks and organisations which facilitate the management of information security.
- Knowledge of the environments in which information security management must operate.
- Understand the categorisation, operation, and effectiveness of controls of different types and characteristics.
This course benefits from 1-year BCS membership.
Course code
VHXF
Location
Varies
Price
£549
Suitability
Is the BCS Foundation Certificate in Information Security Management Principles suitable for me?
If you require an understanding of information security management principles (including those who are responsible for information security as part of their day-to-day role), or those who are considering a career change into this field, this course would be ideal for you.
It also provides the opportunity for those already within these roles to enhance or refresh their knowledge and in the process gain an industry-recognised qualification, which demonstrates the level of knowledge gained.
Prerequisites
There are no formal entry requirements however, you should have basic working IT knowledge and an awareness of the issues involved with the security control activities.
Careers
What jobs could I apply for after my BCS Information Security Management Principles training?
If you’re considering a career in IT or information security, this training course will benefit your career goals.
Typical job roles you can apply for after this training include:
- Information Security Engineer – £47,782
- IT Security Manager – £64,690
- Information Systems Security Manager – £43,936
(Source: Payscale)
Why Us
Why study the BCS Foundation CISMP with e-Careers?
We have developed an expert team over the last 10 years since our inception. In that time, we have trained over 625,000 delegates globally, which has helped offer the highest quality training.
We have also refined our processes, partner relationships, and course materials to offer you a high-quality training solution.
You will also benefit from:
- 1-year BCS membership included (worth £92).
- Fast-track learning with our Online training course.
- Industry-recognised qualifications to enhance your career prospects.
- We offer interest-free payment options.
We’re proud of our excellent rating on Trustpilot, with over 13,000 reviews from our past students.
BCS Membership Benefits
This course benefits from 1-year BCS membership worth £92, which is eligible from the moment you pass your first exam.
Benefits of this associate’s membership include:
- Professional recognition
- Career development
- Networking
- Knowledge and best practice
- Exclusive discounts and offer
Syllabus & Exams
Foundation CISMP Syllabus
Learning Outcomes
You will be able to demonstrate knowledge and understanding of Information Security Management Principles in the following areas:
- Knowledge of the concepts relating to information security management (confidentiality, integrity, availability, vulnerability, threats, risks, countermeasures).
- Understand the relevant current legislation and regulations which impact information security management.
- Comprehension of the relevant current national and international standards, frameworks and organisations which facilitate the management of information security.
- Knowledge of the environments in which information security management must operate.
- Understand the categorisation, operation, and effectiveness of controls of different types and characteristics.
Syllabus & weighting
Information Security Management Principles (10%)
- Identify definitions, meanings and use of concepts and terms across information security management.
- Explain the need for, and the benefits of information security.
Information Risk (10%)
- Gain an appreciation of risk assessment and management as it applies to information security.
- Outline the threats to and vulnerabilities of information systems.
- Describe the processes for understanding and managing risk relating to information systems.
Information Security Framework (15%)
- Explain how risk management should be implemented in an organisation.
- Interpret general principles of law, legal jurisdiction and associated topics as they affect information security management covering a broad spectrum from the security implications on compliance with legal requirements affecting business.
- Describe the number of common, established standards and procedures that directly affect information security management.
Security Lifecycle (10%)
- Demonstrate an understanding of the importance and relevance of the information lifecycle.
- Identify the following stages of the information lifecycle.
- Outline the following concepts of the design process lifecycle including essential and non-functional requirements.
- Demonstrate an understanding of the importance of appropriate technical audit and review processes, of effective change control and of configuration management.
- Explain the risks to security brought about by systems development and support.
Procedural/People Security Controls (15%)
- Explain the risks to information security involving people.
- Describe user access controls that may be used to manage those risks.
- Identify the importance of appropriate training for all those involved with information.
Technical Security Controls (25%)
- Outline the technical controls that can be used to help ensure protection from malicious software.
- Identify information security principles associated with the underlying networks and communications systems.
- Recognise the information security issues relating to value-added services that use the underlying networks and communications systems.
- Recall the information security issues relating to organisations that utilise cloud computing facilities.
- Define the following aspects of security in information systems, including operating systems, database and file management systems, network systems and applications systems and how they apply to the IT infrastructure.
Physical and Environmental Security Controls (5%)
- Outline the physical aspects of security available in multi-layered defences and explain how the environmental risks to information in terms of the need, for example, for appropriate power supplies, protection from natural risks (fire, flood, etc.) and in the everyday operations of an organisation.
Disaster Recovery and Business Continuity Management (5%)
- Describe (K1/2) the differences between and the need for business continuity and disaster recovery.
Other Technical Aspects (5%)
- Demonstrate understanding of the principles and common practices, including any legal constraints and obligations, so they can contribute appropriately to investigations.
- Describe the role of cryptography in protecting systems and assets, including awareness of the relevant standards and practices.
Foundation CISMP Exam Details
Exam format – Multiple-choice.
Duration – 120-mins.
Number of questions – 100.
Pass mark – 65/100 (65%).
Open book? – No.