Overview
A thorough, practical, 5 day course designed to provide the knowledge and skills required to manage information security, information assurance or information risk based processes. QA’s CISMP course is aligned with the latest national information assurance frameworks (IAMM), as well as ISO/IEC 27002 & 27001; the code of practice and standard for information security. This course is a National Cyber Security Centre (NCSC) Certified Training course.
The course follows the latest BCS syllabus and prepares delegates for the 2 hour multiple choice BCS examination which is sat on the afternoon of the last day of the course.
This qualification provides delegates with detailed knowledge of the concepts relating to information security; (confidentiality, integrity, availability, vulnerability, threats, risks and countermeasures), along with an understanding of current legislation and regulations which impact information security management. Award holders will be able to apply the practical principles covered throughout the course ensuring normal business processes become robust and more secure.
Target Audience
Although perceived as an IT issue, Information Security is in fact a subject relevant to all business units. The CiSMP program is ideal for members of information security management teams, IT Managers, security and systems managers, Information asset owners and employees with legal compliance responsibilities.
The course will act as a stepping stone to more advanced qualifications (either managerial or technical), and also sits nicely with existing project management and service management based programs.
IISP Skills Alignment
This course is aligned to the following Institute of Information Security Professionals (IISP) Skills. More details on the IISP skills framework can be found here.
- A1, A2, A3, A5, A6, B1, B2, C1, C2, D1, D2, E1, E2, E3, F1, F3, G1
Continuous Professional Development (CPD)
CPD points can be claimed for NCSC accredited courses at the rate of 1 point per hour of training for NCSC accredited courses (up to a maximum of 15 points).
Prerequisites
- If you are taking a BCS exam you must bring photographic identification with you (passport, driving license or student card), as it is a BCS requirement to produce it for the invigilator prior to the exam. Failure to produce a valid form of photographic identification will result in a candidate not being able to sit the exam. For any questions about what form of identification is acceptable please contact your Account Manager or the QA Examination Administration team on 44 (0)1793 696273.
- BCS allow additional time for candidates who have a disability or whose native language differs to that of the examination paper. Full details are provided in the BCS Reasonable Adjustments Policy which is available to view on the BCS website. If you believe you qualify for this then please notify the Exam Administration team on the details below as early as possible. At least two weeks’ notice will be required for processing this request. Delegates failing to advise QA and provide evidence when requested, may not be allowed the additional support offered via the BCS policy. QA Exam Administration can be contacted by email exam.admin@qa.com or by phone 44(0) 1793 696162.
Course Outline
- The need for Information Security
- Information Security Management System (ISMS) concepts & definitions
- Information risk management
- Corporate governance
- Organisational responsibilities
- Policies, standards & procedures
- ISO/IEC 27002, 27001 & 13335
- Information security controls
- Incident management
- Legal framework – personal data, DPA, CMA, IPR & copyright, HR & employment issues
- Cryptographic models
- Data Communications & networks
- Physical security
- Auditing & gap analysis
- Training & raising awareness
- Business continuity
- Security investigations & forensics