Call us: 02045797300
Email us: info@trainingdeals.co.uk
For all your training needs.
Lines are open 24 Hours, Monday to Sunday

Certificate in Information Security Management Principles Training

CISMP is a foundation information security certification which measures knowledge of the basic principles of information security management.

  • Our CISMP training courses include everything required to pass the CISMP exam and master the syllabus
  • Boost your information security career with a CISMP qualification, the globally recognised information security certification
  • CISMP holders are highly respected for their skills and knowledge of information security and can earn high salaries
  • Enrol today and receive expert tuition from trusted CISMP trainers with years of industry experience

Browse our list of upcoming courses below

Book Online or Call 0800 0353 257 to speak to a training advisor

Course Date Venue Duration Price Book Online
BCS CISMP (Certificate in Information Security Management Principles)Home Virtual deal - 20% off 29/04/2024 Home Virtual 5 days £1995 Book OnlineEnquire
BCS CISMP (Certificate in Information Security Management Principles)Home Virtual deal - 20% off 27/08/2024 Home Virtual 5 days £1995 Book OnlineEnquire
BCS CISMP (Certificate in Information Security Management Principles)Home Virtual deal - 20% off 02/12/2024 Home Virtual 5 days £1995 Book OnlineEnquire
Previous Page Page 1 of 1
Next Page

FAQs

  • Is this course accredited?

    Yes our course is fully accredited

  • What do you provide me on the course?

    We will provide you with a courseware folder, exam, certificate, refreshments, experienced instructor and relevant course materials

  • Does the course include exams?

    Yes, we are pleased to say that the exam is included in the course fee

  • What time shall I arrive at the venue?

    Please arrive at 08:45am for a prompt 09:00 start

Overview

The course focuses on the need for management and technical solutions to tackle the information related risks which can jeopardise an organisation's ability to achieve its business objectives. It provides a comprehensive overview of how organisations should select and implement controls based on the security risks they face. It should be stressed this is not a technical course and whilst technical controls (amongst other controls) are discussed, it is from an overview and principles perspective.

Course Audience

The course will benefit members of information security management team, IT managers, security/systems administrators and co-ordinators, internal auditors, staff with a local security co-ordination role, staff responsible for legal and corporate governance, staff responsible for information assets and systems.

Course Pre-Requisites

There are no formal requirements for entry to the course but we advise the following:

A knowledge of IT would be advantageous but not essential
 
An understanding of the general principles of information technology security would be useful
 
Awareness of the issues involved with security control activity would be advantageous
 
Course Agenda
 
The need for, and benefits of, information security: Corporate Governance.

Information risk management.

Information security organisation & responsibilities: Legal and regulatory obligations.

Policies, standards & procedures: Delivering a balanced ISMS. Security procedures.

Information security governance: Policy reviews. Security audits.

Security incident management: Objectives and stages of incident management.

Information security implementation: Getting management buy-in.

Legal framework: Processing personal data. Employment issues. Computer misuse. Intellectual property rights. Data Protection Act.

Security standards & procedures: ISO/IEC 27002 and ISO/IEC 15408.

Threats to, and vulnerabilities of, information systems.

People security: Organisational culture. Acceptable use policies.

Systems development & support: Linking security to whole business process. Change management process. Handling security patches.

Role of cryptography: Common encryption models.

Protection from malicious software: Methods of control.

User access controls: Authentication and authorisation mechanisms.

Networks & communications: Partitioning networks. Role of cryptography. Controlling 3rd party access. Intrusion monitoring. Penetration testing, cloud computing.

External services: Protection of Web servers and e-commerce applications.

IT infrastructure: Operating, network, database and file management systems.

Testing, audit & review: Strategies for security testing of business systems.

Training: The purpose and role of training. Promoting awareness.

Physical & environmental security: Controlling access and protecting physical sites and assets.

Disaster recovery & business continuity management: Relationship between risk assessment and impact analysis.

Investigations & forensics: Common processes, tools and techniques. Legal and regulatory guidelines.

What's Included

  • The courseware folder
  • Course Materials
  • Exam
  • Certificate
  • Experienced Instructor
  • Refreshments

Testimonials

There hasn't been any testimonials submitted to this topic

Video

We do not currently have a video for this topic

Special Bundle Offers

Choose a learning package and
start learning today!

View deals

Onsite offers

Send us your onsite requirements and we will provide a tailor made course for you!

Contact

T.  02036038880
E: info@trainingdeals.co.uk

1 Bell Street, Maidenhead, Berkshire, SL6 1BU

The course focuses on the need for management and technical solutions to tackle the information related risks which can jeopardise an organisation's ability to achieve its business objectives. It provides a comprehensive overview of how organisations should select and implement controls based on the security risks they face. It should be stressed this is not a technical course and whilst technical controls (amongst other controls) are discussed, it is from an overview and principles perspective.

Course Audience

The course will benefit members of information security management team, IT managers, security/systems administrators and co-ordinators, internal auditors, staff with a local security co-ordination role, staff responsible for legal and corporate governance, staff responsible for information assets and systems.

Course Pre-Requisites

There are no formal requirements for entry to the course but we advise the following:

A knowledge of IT would be advantageous but not essential
 
An understanding of the general principles of information technology security would be useful
 
Awareness of the issues involved with security control activity would be advantageous
 
Course Agenda
 
The need for, and benefits of, information security: Corporate Governance.

Information risk management.

Information security organisation & responsibilities: Legal and regulatory obligations.

Policies, standards & procedures: Delivering a balanced ISMS. Security procedures.

Information security governance: Policy reviews. Security audits.

Security incident management: Objectives and stages of incident management.

Information security implementation: Getting management buy-in.

Legal framework: Processing personal data. Employment issues. Computer misuse. Intellectual property rights. Data Protection Act.

Security standards & procedures: ISO/IEC 27002 and ISO/IEC 15408.

Threats to, and vulnerabilities of, information systems.

People security: Organisational culture. Acceptable use policies.

Systems development & support: Linking security to whole business process. Change management process. Handling security patches.

Role of cryptography: Common encryption models.

Protection from malicious software: Methods of control.

User access controls: Authentication and authorisation mechanisms.

Networks & communications: Partitioning networks. Role of cryptography. Controlling 3rd party access. Intrusion monitoring. Penetration testing, cloud computing.

External services: Protection of Web servers and e-commerce applications.

IT infrastructure: Operating, network, database and file management systems.

Testing, audit & review: Strategies for security testing of business systems.

Training: The purpose and role of training. Promoting awareness.

Physical & environmental security: Controlling access and protecting physical sites and assets.

Disaster recovery & business continuity management: Relationship between risk assessment and impact analysis.

Investigations & forensics: Common processes, tools and techniques. Legal and regulatory guidelines.