BCS - The Chartered Institute for IT

BCS Foundation Certificate in Information Security Management Principles - Virtual Classroom

Course Overview

Our BCS Foundation Certificate in Information Security Management Principles, will help you gain a clear understanding of information security management issues, such as risk management, security standards, legislation, and business continuity.

Upon completion of this training course, delegates should be able to demonstrate:

  •    Knowledge of the concepts relating to information security management.
  •    Understanding of current national legislation and regulations which impact upon information security management.
  •    Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security. 
  •    Understanding of the current business and common technical environments in which information security management must operate.
  •    Knowledge of the categorisation, operation, and effectiveness of controls of different types and characteristics.

This BCS certificate covers a broad range of approaches, concepts, and techniques, applicable to the BCS Foundation Certificate in Information Security Management Principles.

This course benefits from 1-year BCS membership and our Exam Pass Guarantee*.

Key features
  • Delivery Method: Virtual Classroom
  • Exam: Included
  • Duration: 4 Days
  • Join a community of over 615,000
  • Interest-free Payments
  • Experience Level: Beginner
  • Exam Pass Guarantee*
  • 1-year BCS membership included
Free course advice
Key features
  • Delivery Method: Virtual Classroom
  • Exam: Included
  • Duration: 4 Days
  • Join a community of over 615,000
  • Interest-free Payments
  • Experience Level: Beginner
  • Exam Pass Guarantee*
  • 1-year BCS membership included
Course Reviews
Youtube icon Youtube icon
Course Details

Why study the BCS Foundation Certificate in Information Security Management Principles course with e-Careers? 

We have developed an expert team over the last 10 years since our inception. In that time, we have trained over 600,000 delegates globally, which has helped offer the highest quality training.

By refining our processes, partner relationships, and course materials, we can offer high-quality training solutions for our delegates. 

You will also benefit from:

  •    Exam Pass Guarantee*.
  •    1-year BCS membership included (£92).
  •    Fast-track your learning with our Virtual Classroom course.
  •    Enhance your career prospects.
  •    Learn from expert trainers, with vast experience in this field.
  •    We offer interest-free payment options.

We're proud of our excellent rating on Trustpilot, with over 13,000 reviews from our past students.

BCS Membership Benefits

This course benefits from 1 years BCS membership worth £92, which is eligible from the moment you pass your first exam.

Benefits of this associate’s membership include:

  •    Professional recognition
  •    Career development
  •    Networking 
  •    Knowledge and best practice 
  •    Exclusive discounts and offer

Read the full membership details

How does the Exam Pass Guarantee work?

We have found our Virtual Classroom training has provided higher pass rates, which has made us confident to offer an Exam Pass Guarantee, so you know we’ll support you until you are certified.

With our Exam Pass Guarantee, if you do not pass the exam after attending this training course with us, you will be eligible to attend the same training again for free.

All we ask is that you:

  •    Attend all class days and complete all assignments
  •    Take the exam within 30 days of completing your Virtual Classroom training
  •    Request your course re-enrolment within 30 days of the failed exam attempt

Please Note:

Students retaking the course are required to use any materials or books distributed to them in their original course session. Failure to provide these materials will result in the student being charged for replacement materials.

*Exam Pass Guarantee does not include the resit exam; this would need to be purchased at an additional cost.

Is the BCS Foundation Certificate in Information Security Management Principles course suitable for me? 

This course is suitable for anyone who has an interest in information security, either for general business knowledge to enhance your current skill set, or to work towards a career change into this area. This training certificate will provide you with a firm foundation of knowledge, which other qualifications can be built on, to progress into more senior job roles. 

Those who already work in this sector, will be able to enhance or refresh their current knowledge and gain an industry recognised qualification, demonstrating the level of knowledge gained.

What jobs can I apply for after my Foundation Certificate in Information Security Management Principles training? 

Typically, our delegates go on to work in the following job roles:

  •    Information Security Analyst - £44k
  •    Information Security Officer - £47k
  •    Information Security Consultant - £50k
  •    Information Security Specialist - £53k
  •    Information Security Manager - £55k

(Source: Payscale)

Foundation Certificate in Information Security Management Principles Syllabus

Learning Outcomes

Delegates will be able to demonstrate knowledge and understanding of Information Security Management Principles in the following areas:

  •    Knowledge of the concepts relating to information security management (confidentiality, integrity, availability, vulnerability, threats, risks, countermeasures).
  •    Understanding of the relevant current legislation and regulations which impact upon information security management.
  •    Comprehension of the relevant current national and international standards, frameworks and organisations which facilitate the management of information security.
  •    Knowledge of the environments in which information security management must operate.
  •    Understanding of the categorisation, operation, and effectiveness of controls of different types and characteristics.

Information Security Management Principles (10%)

  •    Identify definitions, meanings and use of concepts and terms across information security management.
  •    Information security
  •    Asset and asset types
  •    Asset value and asset valuation
  •    Threat, vulnerability, impact, and risk, and more.

Information Risk (10%)

  •    Threats and vulnerabilities lead to risks
  •    Threats and vulnerabilities apply specifically to IT systems
  •    Operational types of controls – physical, procedural (people) and technical
  •    The purpose of and approaches to impact
  •    Identifying and accounting for the value of information assets

Information Security Framework (15%)

  •    Explain how risk management should be implemented in an organisation.
  •    The organisation’s management of information security
  •    Information security roles in an enterprise

Security Lifecycle (10%)

  •    Demonstrate an understanding of the importance and relevance of the information lifecycle
  •    Use of architecture frameworks e.g. SABSA, TOGAF
  •    Agile development i.e. DevOps, DevSecOps and potential conflict with security
  •    Sharing of information by design
  •    Service continuity and reliability, and more.

Procedural/People Security Controls (15%)

  •    Explain the risks to information security involving people.
  •    Organisational culture of security
  •    Employee, contractor, and business partner awareness of the need for security
  •    Security clearance and vetting
  •    Role of contracts of employment

Technical Security Controls (25%)

  •    Outline the technical controls that can be used to help ensure protection from Malicious Software.
  •    Types of malicious software – Trojans, botnets, viruses, worms, active
  •    Different ways systems can get infected (e.g. phishing, spear-phishing, click-bait, third party content)
  •    Methods of control
  •    Security by design, security by default and configuration management
  •    Entry points in networks and associated authentication techniques
  •    The role of cryptography in network security
  •    Controlling third party access

Physical and Environmental Security Controls (5%)

  •    Outline the physical aspects of security available in multi-layered
  •    General controls and monitoring of access to and protection of physical sites, offices, secure areas, cabinets, and rooms
  •    Protection of IT and non-IT equipment
  •    Need for processes to handle intruder alerts, deliberate or accidental physical events, etc.
  •    Clear screen and desk policy
  •    Procedures for the disposal of equipment with digital-data retention facilities

Disaster Recovery and Business Continuity Management (5%)

  •    Relationship with risk assessment and impact analysis
  •    Resilience of systems and infrastructure
  •    Approaches to writing and implementing plans
  •    Need for documentation, maintenance and testing of plans
  •    Relationship with security incident management
  •    Compliance with standards

Other Technical Aspects (5%)

  •    Common processes, tools, and techniques for conducting investigations, including intelligence sharing platforms
  •    Legal and regulatory guidelines for disclosures, investigations, forensic readiness and evidence preservation
  •    Need for relations with law enforcement, including specialist computer crime units and security advice
  •    Issues when buying-in forensics and investigative support from third parties
  •    Describe the role of cryptography in protecting systems and assets
  •    Basic cryptographic theory, techniques and algorithm types

Information Security Management Principles Exam Details 

Exam Type - Multiple-choice.

Number of questions - 100.

Duration - 120-mins.

Supervised - Yes.

Open book - No.

Pass mark – 65/100 (65%).

Career Advice

​Our experts offer valuable advice sharing their experience and insights which will enable you to make informed decisions throughout your career.
Blogs
Our panel of industry experts proudly bring you the latest news and views, covering all our categories, to keep you well informed.
IT & Networking
Our how to series continues by giving you advice on how you can get into a career in IT!
Read Blog
IT & Networking
Ever considered a job in IT? If you have these skills, you're already well on your way...
Read Blog
IT & Networking
We check out 10 ways AI is changing!
Read Blog
We're Trusted by
Hundreds of thousands of individuals, small businesses and large corporations continuously put their trust in e-Careers.​
We are proud to have trained individuals who work for some of the world’s largest companies, including:​
Trusted by Trusted by