This course follows the latest BCS syllabus and prepares delegates for the BCS examination.
You will gain an understanding of the main principals required to be an effective member of an information security team with security responsibilities as part of your day to day role.
This qualification will prove that the holder has knowledge of the concepts relating to information security, along with an understanding of current regulations and legislation.
An exam voucher is included with this course
TARGET AUDIENCE:
Anyone with an interest in information security, whether as a career or for general business knowledge.
COURSE PREREQUISITES:
Attendees should meet the following pre-requisites:
• A working knowledge of IT is essential
• An understanding of the general principles of information technology security would be useful
• Awareness of the issues involved with security control activity would be advantageous
COURSE CONTENT:
1. Information Security Management Principles – 10%
• 1.1 Concepts and definitions
• 1.2 The need for & benefits of Information Security
2. Information Risk – 10%
• 2.1 Threats to & vulnerabilities of information systems
• 2.2 Risk Management
3. Information Security Framework – 15%
• 3.1 Organisation and responsibilities
• 3.2 Legal framework
• 3.3 Security standards and procedures
4. Security Lifecycle – 10%
• 4.1 Importance and Relevance of Security Lifecyle
• 4.2 Stages of the Information Lifecyle
• 4.3 Lifecycle Design Process
• 4.4 Audit, Review and Change Control
• 4.5 Systems Development
5. Procedural/people security controls – 15%
• 5.1 People
• 5.2 User access controls
• 5.3 Training
6. Technical security controls – 25%
• 6.1 Protection from malicious software
• 6.2 Networks and communications
• 6.3 External services
• 6.4 Cloud computing
• 6.5 IT infrastructure
7. Physical and Environmental Security Controls – 5%
• 7.1 Physical and Environmental Considerations
8. Disaster recovery and business continuity management – 5%
• 8.1 Differences between Disaster Recovery and Business Continuity
9. Other technical aspects – 5%
• 9.1 Investigations & forensics
• 9.2 Role of cryptography
COURSE OBJECTIVE:
After completing this course you should have:
• Knowledge of the concepts relating to information security management (confidentiality, availability, vulnerability, threats, risks and countermeasures etc.)
• An understanding of current legislation and regulations which impact upon information security management in the UK; Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security;
• An understanding of the current business and technical environments in which information security management has to operate;
• Knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics.
FOLLOW ON COURSES:
Not available. Please contact.