BCS Foundation Certificate in Information Security Management Principles - Virtual Classroom
Covering a broad range of approaches, concepts and techniques, the BCS Foundation Certificate in Information Security Management Principles will help to provide you with a good understanding of information security management issues, including risk management, security standards, legislation, and business continuity.
Our class is delivered over five days via virtual classroom .
Key Learnings Include:
- Understanding the concepts relating to information security management
- Become familiar with current national legislation and regulations which impact upon information security management
- Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security
- Learn the current business and common technical environments in which information security management must operate
- Knowledge of the categorisation, operation, and effectiveness of controls of different types and characteristics
This course benefits from 1 year BCS membership worth £92 and our Exam Pass Guarantee*.
Is the BCS Foundation Certificate in Information Security Management Principles course right for me?
This training certificate will provide you with a thorough foundation of knowledge, to progress into more senior job roles.
- Anyone with an interest in information security - either for general knowledge or to enhance a current skill set
- Individuals looking for a career change
For those already working in this sector, the BCS Foundation Certificate will refresh and improve existing knowledge, as well as provide a globally recognised qualification that will improve future career opportunities.
How will the Foundation Certificate in IS Management Principles course benefit me?
You will learn the key skills, knowledge and techniques to move into IS management, or support your existing IT role in this field.
BCS Membership Benefits
This course benefits from 1-year BCS membership worth £92, which is available when you pass your first exam.
Benefits of Associate Membership include:
- Professional recognition
- Career development
- Knowledge and best practice
- Exclusive discounts and offers
What jobs can I apply for after my Foundation Certificate in IS Management Principles training?
On successful completion the following roles become accessible:
- Information Security Analyst - £44k
- Information Security Officer - £47k
- Information Security Consultant - £50k
- Information Security Specialist - £53k
- Information Security Manager - £55k
Why choose to study the BCS Foundation Certificate in Information Security Management Principles course with e-Careers?
We have developed an expert team over the last 10 years since our inception. In that time, we have trained over 600,000 delegates globally, which has helped offer the highest quality training, and we have earned a 5-star rating on Trustpilot, from over 10,000 students.
By refining our processes, partner relationships, and course materials, we can offer high-quality training solutions for our delegates.
You will also benefit from:
- Exam Pass Guarantee*
- 1-year BCS membership included
- Fast-track your learning with our Virtual Classroom course
- Enhance your career prospects
- Learn from expert trainers, with vast experience in this field
- We offer interest-free payment options
We're proud of our excellent rating on Trustpilot, with over 13,000 reviews from our past students.
*How does the Exam Pass Guarantee work?
With our Exam Pass Guarantee, if you do not pass the exam after attending this training course with us, you will be eligible to attend the next class for free.
All we ask is that you:
- Attend all class days and complete all assignments
- Take the exam within 30 days of completing your Virtual Classroom training
- Request your course re-enrolment within 30 days of the failed exam attempt
Please note: Students retaking the course are required to use any materials or books distributed to them in their original course session. Failure to provide these materials will result in the student being charged for replacement materials. Exam Pass Guarantee does not include the resit exam.
Syllabus & Exams
Foundation Certificate in Information Security Management Principles Syllabus
Delegates will be able to demonstrate knowledge and understanding of Information Security Management Principles in the following areas:
- Knowledge of the concepts relating to information security management (confidentiality, integrity, availability, vulnerability, threats, risks, countermeasures).
- Understanding of the relevant current legislation and regulations which impact upon information security management.
- Comprehension of the relevant current national and international standards, frameworks and organisations which facilitate the management of information security.
- Knowledge of the environments in which information security management must operate.
- Understanding of the categorisation, operation, and effectiveness of controls of different types and characteristics.
Information Security Management Principles (10%)
- Identify definitions, meanings and use of concepts and terms across information security management
- Information security
- Asset and asset types
- Asset value and asset valuation
- Threat, vulnerability, impact, and risk
Information Risk (10%)
- Threats and vulnerabilities lead to risks
- Threats and vulnerabilities apply specifically to IT systems
- Operational types of controls – physical, procedural (people) and technical
- The purpose of and approaches to impact
- Identifying and accounting for the value of information assets
Information Security Framework (15%)
- Explain how risk management should be implemented in an organisation.
- The organisation’s management of information security
- Information security roles in an enterprise
Security Lifecycle (10%)
- Demonstrate an understanding of the importance and relevance of the information lifecycle
- Use of architecture frameworks e.g. SABSA, TOGAF
- Agile development i.e. DevOps, DevSecOps and potential conflict with security
- Sharing of information by design
- Service continuity and reliability
Procedural/People Security Controls (15%)
- Explain the risks to information security involving people
- Organisational culture of security
- Employee, contractor, and business partner awareness of the need for security
- Security clearance and vetting
- Role of contracts of employment
Technical Security Controls (25%)
- Outline the technical controls that can be used to help ensure protection from Malicious Software.
- Types of malicious software – Trojans, botnets, viruses, worms, active
- Different ways systems can get infected (e.g. phishing, spear-phishing, click-bait, third party content)
- Methods of control
- Security by design, security by default and configuration management
- Entry points in networks and associated authentication techniques
- The role of cryptography in network security
- Controlling third party access
Physical and Environmental Security Controls (5%)
- Outline the physical aspects of security available in multi-layered
- General controls and monitoring of access to and protection of physical sites, offices, secure areas, cabinets, and rooms
- Protection of IT and non-IT equipment
- Need for processes to handle intruder alerts, deliberate or accidental physical events, etc.
- Clear screen and desk policy
- Procedures for the disposal of equipment with digital-data retention facilities
Disaster Recovery and Business Continuity Management (5%)
- Relationship with risk assessment and impact analysis
- Resilience of systems and infrastructure
- Approaches to writing and implementing plans
- Need for documentation, maintenance and testing of plans
- Relationship with security incident management
- Compliance with standards
Other Technical Aspects (5%)
- Common processes, tools, and techniques for conducting investigations, including intelligence sharing platforms
- Legal and regulatory guidelines for disclosures, investigations, forensic readiness and evidence preservation
- Need for relations with law enforcement, including specialist computer crime units and security advice
- Issues when buying-in forensics and investigative support from third parties
- Describe the role of cryptography in protecting systems and assets
- Basic cryptographic theory, techniques and algorithm types
Information Security Management Principles Exam Details
Exam format - Multiple-choice.
Number of questions - 100.
Duration - 120-mins.
Supervised - Yes.
Open book - No.
Pass mark – 65/100 (65%).