Certificate in Information Security Management Principles (CISMP)

This course covers the range of concepts, approaches and techniques that are applicable to BCS Certificate in Information Security Management Principles. 

The certificate is relevant to anyone requiring an understanding of Information Security Management Principles including those who have information security responsibilities as part of their day to day role, or who are thinking of moving into an information security or related function.

It also provides the opportunity for those already within these roles to enhance or refresh their knowledge and in the process gain a qualification, recognised by industry, which demonstrates the level of knowledge gained. 

Objectives 

Candidates should be able to demonstrate knowledge and understanding of BCS Foundation Certificate in Information Security Management Principles and techniques. Key areas are:

• Knowledge of the concepts relating to information security management (confidentiality, integrity, availability, vulnerability, threats, risks, countermeasures)
• Understanding of current national legislation and regulations which impact upon information security management
• Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security
• Understanding of the current business and common technical environments in which information security management has to operate
• Knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics

It is recommended that candidates read the BCS book, ‘Information Security Management Principles’, which is the approved reference book for this qualification before taking this exam.

Target Audience

The certificate is relevant to anyone requiring an understanding of BCS Foundation Certificate in Information Security Management Principles as well as those with an interest in information security either as a potential career or as an additional part of their general business knowledge. It is very much a firm foundation on which other qualifications can be built or which provides a thorough general understanding to enable business to ensure their information is protected appropriately.

Course Syllabus:

• Information Security Management Principles
• Information Risk
• Information Security Framework 
• Procedural/People Security Controls
• Technical Security Controls
• Software Development and Lifecycle
• Physical and Environmental Security Controls 
• Disaster Recovery and Business Continuity Management
• Other Technical Aspects