BCS Foundation Certificate in Information Security Management Principles – Virtual Classroom

Introduction

Course Overview

Covering a broad range of approaches, concepts and techniques, the BCS Foundation Certificate in Information Security Management Principles will help to provide you with a good understanding of information security management issues, including risk management, security standards, legislation, and business continuity.

Our class is delivered over five days via virtual classroom .

Key Learnings Include:

  • Understanding the concepts relating to information security management
  • Become familiar with current national legislation and regulations which impact upon information security management
  • Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security
  • Learn the current business and common technical environments in which information security management must operate
  • Knowledge of the categorisation, operation, and effectiveness of controls of different types and characteristics

This course benefits from 1 year BCS membership worth £92 and our Exam Pass Guarantee*.

Course code

FKZS

Location

Varies

Price

£1674

Suitability

Is the BCS Foundation Certificate in Information Security Management Principles course right for me?

This training certificate will provide you with a thorough foundation of knowledge, to progress into more senior job roles.

Suitable for:

  • Anyone with an interest in information security – either for general knowledge or to enhance a current skill set
  • Individuals looking for a career change

For those already working in this sector, the BCS Foundation Certificate will refresh and improve existing knowledge, as well as provide a globally recognised qualification that will improve future career opportunities.

Benefits

How will the Foundation Certificate in IS Management Principles course benefit me?

You will learn the key skills, knowledge and techniques to move into IS management, or support your existing IT role in this field.

BCS Membership Benefits

This course benefits from 1-year BCS membership worth £92, which is available when you pass your first exam.

Benefits of Associate Membership include:

  • Professional recognition
  • Career development
  • Networking
  • Knowledge and best practice
  • Exclusive discounts and offers

Full BCS membership details can be found here.

Careers

What jobs can I apply for after my Foundation Certificate in IS Management Principles training?

On successful completion the following roles become accessible:

  • Information Security Analyst – £44k
  • Information Security Officer – £47k
  • Information Security Consultant – £50k
  • Information Security Specialist – £53k
  • Information Security Manager – £55k

(Source: ITJobsWatch)

Why Us

Why choose to study the BCS Foundation Certificate in Information Security Management Principles course with e-Careers?

We have developed an expert team over the last 10 years since our inception. In that time, we have trained over 625,000 delegates globally, which has helped offer the highest quality training, and we have earned a 5-star rating on Trustpilot, from over 10,000 students.

By refining our processes, partner relationships, and course materials, we can offer high-quality training solutions for our delegates.

You will also benefit from:

  • Exam Pass Guarantee*
  • 1-year BCS membership included
  • Fast-track your learning with our Virtual Classroom course
  • Enhance your career prospects
  • Learn from expert trainers, with vast experience in this field
  • We offer interest-free payment options

We’re proud of our excellent rating on Trustpilot, with over 13,000 reviews from our past students.

*How does the Exam Pass Guarantee work?

With our Exam Pass Guarantee, if you do not pass the exam after attending this training course with us, you will be eligible to attend the next class for free.

All we ask is that you:

  • Attend all class days and complete all assignments
  • Take the exam within 30 days of completing your Virtual Classroom training
  • Request your course re-enrolment within 30 days of the failed exam attempt

Please note: Students retaking the course are required to use any materials or books distributed to them in their original course session. Failure to provide these materials will result in the student being charged for replacement materials. Exam Pass Guarantee does not include the resit exam.

Syllabus & Exams

Foundation Certificate in Information Security Management Principles Syllabus

Learning Outcomes

Delegates will be able to demonstrate knowledge and understanding of Information Security Management Principles in the following areas:

  • Knowledge of the concepts relating to information security management (confidentiality, integrity, availability, vulnerability, threats, risks, countermeasures).
  • Understanding of the relevant current legislation and regulations which impact upon information security management.
  • Comprehension of the relevant current national and international standards, frameworks and organisations which facilitate the management of information security.
  • Knowledge of the environments in which information security management must operate.
  • Understanding of the categorisation, operation, and effectiveness of controls of different types and characteristics.

Information Security Management Principles (10%)

  • Identify definitions, meanings and use of concepts and terms across information security management
  • Information security
  • Asset and asset types
  • Asset value and asset valuation
  • Threat, vulnerability, impact, and risk

Information Risk (10%)

  • Threats and vulnerabilities lead to risks
  • Threats and vulnerabilities apply specifically to IT systems
  • Operational types of controls – physical, procedural (people) and technical
  • The purpose of and approaches to impact
  • Identifying and accounting for the value of information assets

Information Security Framework (15%)

  • Explain how risk management should be implemented in an organisation.
  • The organisation’s management of information security
  • Information security roles in an enterprise

Security Lifecycle (10%)

  • Demonstrate an understanding of the importance and relevance of the information lifecycle
  • Use of architecture frameworks e.g. SABSA, TOGAF
  • Agile development i.e. DevOps, DevSecOps and potential conflict with security
  • Sharing of information by design
  • Service continuity and reliability

Procedural/People Security Controls (15%)

  • Explain the risks to information security involving people
  • Organisational culture of security
  • Employee, contractor, and business partner awareness of the need for security
  • Security clearance and vetting
  • Role of contracts of employment

Technical Security Controls (25%)

  • Outline the technical controls that can be used to help ensure protection from Malicious Software.
  • Types of malicious software – Trojans, botnets, viruses, worms, active
  • Different ways systems can get infected (e.g. phishing, spear-phishing, click-bait, third party content)
  • Methods of control
  • Security by design, security by default and configuration management
  • Entry points in networks and associated authentication techniques
  • The role of cryptography in network security
  • Controlling third party access

Physical and Environmental Security Controls (5%)

  • Outline the physical aspects of security available in multi-layered
  • General controls and monitoring of access to and protection of physical sites, offices, secure areas, cabinets, and rooms
  • Protection of IT and non-IT equipment
  • Need for processes to handle intruder alerts, deliberate or accidental physical events, etc.
  • Clear screen and desk policy
  • Procedures for the disposal of equipment with digital-data retention facilities

Disaster Recovery and Business Continuity Management (5%)

  • Relationship with risk assessment and impact analysis
  • Resilience of systems and infrastructure
  • Approaches to writing and implementing plans
  • Need for documentation, maintenance and testing of plans
  • Relationship with security incident management
  • Compliance with standards

Other Technical Aspects (5%)

  • Common processes, tools, and techniques for conducting investigations, including intelligence sharing platforms
  • Legal and regulatory guidelines for disclosures, investigations, forensic readiness and evidence preservation
  • Need for relations with law enforcement, including specialist computer crime units and security advice
  • Issues when buying-in forensics and investigative support from third parties
  • Describe the role of cryptography in protecting systems and assets
  • Basic cryptographic theory, techniques and algorithm types

Information Security Management Principles Exam Details

Exam format – Multiple-choice.

Number of questions – 100.

Duration – 120-mins.

Supervised – Yes.

Open book – No.

Pass mark – 65/100 (65%).

Other Courses at DGC

Intermediate Microsoft Excel

A birds eye view of a person working on reports on a laptop

This course seeks to improve proficiency with Microsoft Excel. It includes working with multiple worksheets, adding database capabilities, split screens and more Excel functions. It also takes charting a step further and introduces passwords to Excel....

Introduction to Microsoft Word

Dumfries and Galloway College Birds Eye View with criffel in the background

Takes the inexperienced user through all the basic concepts of handling a document. After which it introduces proofing tools, text formatting, and page formatting.This can be considered the Word essentials course as it both lays the foundations of unlocking all future skills whilst giving the attendee a good working knowledge...

Using IT to Increase Productivity

A birds eye view of a person working on reports on a laptop

Learn how to choose the most appropriate IT tools and systems to use for specific tasks. - Understand the factors that can affect an IT task (such as legal guidelines and constraints)- Learn to demonstrate the use of specific IT tools and systems and review their work approach to specific tasks to work out how this could be improved in th...