ISEB Certificate in Information Security Management Principles

QA Ltd.
Aberdeen, Birmingham, Bristol, Edinburgh, Exeter, Glasgow, Leeds, London, Manchester, Slough, United Kingdom

Course Format: Classroom | E-learning | Virtual Class | Online | On-site | Blended | Self-paced

Course Description:

'' This intensive and highly practical 5-day course has been accredited by the Information Systems Examination Board (ISEB) of the British Computer Society (BCS). The course has been designed to provide the necessary information and guidance in order for delegates to be able to fulfil their roles as information security officers or information risk decision takers. It defines the business case for information security, the role of security as an enabler for business, and how to identify and manage information risks.

Delegates will be provided with a comprehensive understanding of the main concepts which underpin information security and how they relate to each other. The course covers such concepts as confidentiality, integrity and availability, threats, risks and vulnerabilities, as well as a range of technical and management controls capable of mitigating the risks.

The course examines current legislation and regulations which impact on information security as well as standards (BS 7799) and frameworks which facilitate best practice.

The course will enable delegates to confidently sit the 2-hour multiple choice BCS/ISEB Certificate in Information Security Management Principles (CiISMP) exam which is taken on the final afternoon of the course.

Who Should Attend?
The course will benefit: any member of an information security management team; IT managers; security/systems administrators; internal auditors; staff with a local security co-ordination role; staff responsible for compliance with legislation and regulation relating to information technology, and corporate governance; staff working in business operational functions with responsibility for information assets and systems.

Prerequisites
The recommended prerequisite for attending this course and sitting the exam is a minimum of one year’s experience in an IT function.

Delegates will learn how to
Specify the business case for information security;
Understand the challenges posed in managing information risk;
Address the business issues relating to legislation, regulation and corporate governance as it affects information security;
Understand the issues and risks relating to information and have a clear insight into the controls needed to manage them;
Uunderstand how the different concepts of information security relate to each other;
Confidently sit the CiISMP exam.
Outline
Information security concepts & definitions
Information Security Management System (ISMS) concept.
The need for, and benefits of, information security: Corporate Governance.
Information risk management.
Information security organisation & responsibilities: Legal and regulatory obligations.
Policies, standards & procedures: Delivering a balanced ISMS. Security procedures.
Information security governance: Policy reviews. Security audits.
Security incident management: Objectives and stages of incident management.
Information security implementation: Getting management buy-in.
Legal framework: Processing personal data. Employment issues. Computer misuse. Intellectual property rights. Data Protection Act.
Security standards & procedures: ISO/IEC 17799 and ISO/IEC TR 13335.
Threats to, and vulnerabilities of, information systems.
People security: Organisational culture. Acceptable use policies.
Systems development & support: Linking security to whole business process. Change management process. Handling security patches.
Role of cryptography: Common encryption models.
Protection from malicious software: Methods of control.
User access controls: Authentication and authorisation mechanisms.
Networks & communications: Partitioning networks. Role of cryptography. Controlling 3rd-party access. Intrusion monitoring. Penetration testing.
External services: Protection of Web servers and e-commerce applications.
IT infrastructure: Operating, network, database and file management systems.
Testing, audit & review: Strategies for security testing of business systems.
Training: The purpose and role of training. Promoting awareness.
Physical & environmental security: Controlling access and protecting physical sites and assets.
Disaster recovery & business continuity management: Relationship between risk assessment and impact analysis.
Investigations & forensics: Common processes, tools and techniques. Legal and regulatory guidelines. ...''

Elements of this syllabus are subject to change.

Phone:0844 871 2080

School Address:

TEL: 0844 871 2080
E-mail us: info@qa.com

Jobs & Resumes: Aberdeen, Birmingham, Bristol, Edinburgh, Exeter, Glasgow, Leeds, London, Manchester, Slough
Houses & Roommates: Aberdeen, Birmingham, Bristol, Edinburgh, Exeter, Glasgow, Leeds, London, Manchester, Slough
Travel Agencies: Birmingham, Bristol, Edinburgh, Leeds, London, Manchester,

Search other schools for ISEB Certificate in Information Security Management Principles training resources.

Freedom of Information Act
ISEB02 Certificate in Data Protection
CFIA Forensic Artefacts �Hands On
CISSP
CSTA Ethical Hacking �Hands On 1
CSTP Ethical Hacking �Hands On 2
Hacking Insight for Managers
Information Security Risk Assessment
IT Security Fundamentals
WiFi Security �Hands On
Architecting and Designing J2EE Applications
Java Programming Language
Developing Applications with the Java SE Platform
Accelerated Migration to Java Enterprise Edition 5
Advanced Java

Notice: The course description on this page was captured from the Internet as historical reference or submitted by visitors. It was archived statically and not updated from day to day.
 

Facts: We serve the schools and students around the world. Major visitors come from India, United States, United Kingdom, Canada, Australia, Philippines, Malaysia, Singapore and South Africa.