BCS - The Chartered Institute for IT

BCS Foundation Certificate in Information Security Management Principles Classroom Course in Edinburgh

Course Overview

Covering a broad range of approaches, concepts and techniques, the BCS Foundation Certificate in Information Security Management Principles will help to provide you with a good understanding of information security management issues, including risk management, security standards, legislation, and business continuity.

Our class is delivered over five days via virtual classroom .

Key Learnings Include:

  •  Understanding the concepts relating to information security management
  •  Become familiar with current national legislation and regulations which impact upon information security management
  •  Awareness of current national and international standards, frameworks and organisations which facilitate the management of information   security
  •  Learn the current business and common technical environments in which information security management must operate
  •  Knowledge of the categorisation, operation, and effectiveness of controls of different types and characteristics

This course benefits from 1 year BCS membership worth £92 and our Exam Pass Guarantee*.

Key features
  • Delivery Method: Virtual Classroom
  • Exam: Included
  • Duration: 5 Days
  • Join a community of over 600,000
  • Interest-free Payments
  • Experience Level: Beginner
  • Exam Pass Guarantee*
  • 1-year BCS membership included
Free course advice
Key features
  • Delivery Method: Virtual Classroom
  • Exam: Included
  • Duration: 5 Days
  • Join a community of over 600,000
  • Interest-free Payments
  • Experience Level: Beginner
  • Exam Pass Guarantee*
  • 1-year BCS membership included
About the Course
Youtube icon Youtube icon
Course Details

Is the BCS Foundation Certificate in Information Security Management Principles course right for me? 

This training certificate will provide you with a thorough foundation of knowledge, to progress into more senior job roles. 

Suitable for:

  •  Anyone with an interest in information security - either for general knowledge or to enhance a current skill set
  •  Individuals looking for a career change

For those already working in this sector, the BCS Foundation Certificate will refresh and improve existing knowledge, as well as provide a globally recognised qualification that will improve future career opportunities.

How will the Foundation Certificate in IS Management Principles course benefit me?

You will learn the key skills, knowledge and techniques to move into IS management, or support your existing IT role in this field. 

BCS Membership Benefits

This course benefits from 1-year BCS membership worth £92, which is available when you pass your first exam.

Benefits of Associate Membership include:

  •  Professional recognition
  •  Career development
  •  Networking
  •  Knowledge and best practice
  •  Exclusive discounts and offers

 Full BCS membership details can be found here.

What jobs can I apply for after my Foundation Certificate in IS Management Principles training? 

On successful completion the following roles become accessible:

  •  Information Security Analyst - £44k
  •  Information Security Officer - £47k
  •  Information Security Consultant - £50k
  •  Information Security Specialist - £53k
  •  Information Security Manager - £55k

(Source: ITJobsWatch)

Why choose to study the BCS Foundation Certificate in Information Security Management Principles course with e-Careers? 

We have developed an expert team over the last 10 years since our inception. In that time, we have trained over 600,000 delegates globally, which has helped offer the highest quality training, and we have earned a 5-star rating on Trustpilot, from over 10,000 students. 

By refining our processes, partner relationships, and course materials, we can offer high-quality training solutions for our delegates. 

You will also benefit from:

  •  Exam Pass Guarantee*
  •  1-year BCS membership included
  •  Fast-track your learning with our Virtual Classroom course
  •  Enhance your career prospects
  •  Learn from expert trainers, with vast experience in this field
  •  We offer interest-free payment options

We're proud of our excellent rating on Trustpilot, with over 10,000 reviews from our past students.

*How does the Exam Pass Guarantee work?

With our Exam Pass Guarantee, if you do not pass the exam after attending this training course with us, you will be eligible to attend the next class for free.

All we ask is that you:

  •  Attend all class days and complete all assignments
  •  Take the exam within 30 days of completing your Virtual Classroom training
  •  Request your course re-enrolment within 30 days of the failed exam attempt

Please note: Students retaking the course are required to use any materials or books distributed to them in their original course session. Failure to provide these materials will result in the student being charged for replacement materials. Exam Pass Guarantee does not include the resit exam.

Foundation Certificate in Information Security Management Principles Syllabus

Learning Outcomes

Delegates will be able to demonstrate knowledge and understanding of Information Security Management Principles in the following areas:

  •  Knowledge of the concepts relating to information security management (confidentiality, integrity, availability, vulnerability, threats, risks, countermeasures).
  •  Understanding of the relevant current legislation and regulations which impact upon information security management.
  •  Comprehension of the relevant current national and international standards, frameworks and organisations which facilitate the management of information security.
  •  Knowledge of the environments in which information security management must operate.
  •  Understanding of the categorisation, operation, and effectiveness of controls of different types and characteristics.

Information Security Management Principles (10%)

  •  Identify definitions, meanings and use of concepts and terms across information security management
  •  Information security
  •  Asset and asset types
  •  Asset value and asset valuation
  •  Threat, vulnerability, impact, and risk

Information Risk (10%)

  •  Threats and vulnerabilities lead to risks
  •  Threats and vulnerabilities apply specifically to IT systems
  •  Operational types of controls – physical, procedural (people) and technical
  •  The purpose of and approaches to impact
  •  Identifying and accounting for the value of information assets

Information Security Framework (15%)

  •  Explain how risk management should be implemented in an organisation.
  •  The organisation’s management of information security
  •  Information security roles in an enterprise

Security Lifecycle (10%)

  •  Demonstrate an understanding of the importance and relevance of the information lifecycle
  •  Use of architecture frameworks e.g. SABSA, TOGAF
  •  Agile development i.e. DevOps, DevSecOps and potential conflict with security
  •  Sharing of information by design
  •  Service continuity and reliability

Procedural/People Security Controls (15%)

  •  Explain the risks to information security involving people
  •  Organisational culture of security
  •  Employee, contractor, and business partner awareness of the need for security
  •  Security clearance and vetting
  •  Role of contracts of employment

Technical Security Controls (25%)

  •  Outline the technical controls that can be used to help ensure protection from Malicious Software.
  •  Types of malicious software – Trojans, botnets, viruses, worms, active
  •  Different ways systems can get infected (e.g. phishing, spear-phishing, click-bait, third party content)
  •  Methods of control
  •  Security by design, security by default and configuration management
  •  Entry points in networks and associated authentication techniques
  •  The role of cryptography in network security
  •  Controlling third party access

Physical and Environmental Security Controls (5%)

  •  Outline the physical aspects of security available in multi-layered
  •  General controls and monitoring of access to and protection of physical sites, offices, secure areas, cabinets, and rooms
  •  Protection of IT and non-IT equipment
  •  Need for processes to handle intruder alerts, deliberate or accidental physical events, etc.
  •  Clear screen and desk policy
  •  Procedures for the disposal of equipment with digital-data retention facilities

Disaster Recovery and Business Continuity Management (5%)

  •  Relationship with risk assessment and impact analysis
  •  Resilience of systems and infrastructure
  •  Approaches to writing and implementing plans
  •  Need for documentation, maintenance and testing of plans
  •  Relationship with security incident management
  •  Compliance with standards

Other Technical Aspects (5%)

  •  Common processes, tools, and techniques for conducting investigations, including intelligence sharing platforms
  •  Legal and regulatory guidelines for disclosures, investigations, forensic readiness and evidence preservation
  •  Need for relations with law enforcement, including specialist computer crime units and security advice
  •  Issues when buying-in forensics and investigative support from third parties
  •  Describe the role of cryptography in protecting systems and assets
  •  Basic cryptographic theory, techniques and algorithm types

Information Security Management Principles Exam Details 

Exam format - Multiple-choice.

Number of questions - 100.

Duration - 120-mins.

Supervised - Yes.

Open book - No.

Pass mark – 65/100 (65%).

Our Edinburgh Venue
Edinburgh is the capital city of Scotland, best known for financial services, scientific research and higher education. Edinburgh is the headquarters for major companies such as Royal Bank of Scotland, Natwest and Skyscanner.
Location

St Andrew Square,

Edinburgh Town,

Edinburgh

EH2 2AF

Telephone +44 (0) 203 457 3809

Our Student Support lines are available Mon-Fri 9am to 6pm (GMT).

Our offices are closed at weekends and an UK public holidays.

We're Trusted by
Hundreds of thousands of individuals, small businesses and large corporations continuously put their trust in e-Careers.​
We are proud to have trained individuals who work for some of the world’s largest companies, including:​
Trusted by Trusted by