BCS - The Chartered Institute for IT

BCS Foundation Certificate in Information Security Management Principles (CISMP)

Course Overview

The BCS Foundation Certificate in Information Security Management Principles online training course covers a range of approaches, concepts, and techniques within IT security.

After your training, you will be able to demonstrate your knowledge and understanding of these aspects, as specified in the learning objectives outlined below.

You will be able to demonstrate knowledge and understanding of Information Security Management Principles in the following areas:

  • Knowledge of the concepts relating to information security management (confidentiality, integrity, availability, vulnerability, threats, risks, countermeasures).
  • Understand the relevant current legislation and regulations which impact information security management.
  • Comprehension of the relevant current national and international standards, frameworks and organisations which facilitate the management of information security.
  • Knowledge of the environments in which information security management must operate.
  • Understand the categorisation, operation, and effectiveness of controls of different types and characteristics.

This course benefits from 1-year BCS membership.

£549£445Inc. VAT
FREE Course Advice
About the Course
Youtube icon Youtube icon
Course Details

Is the BCS Foundation Certificate in Information Security Management Principles suitable for me?

If you require an understanding of information security management principles (including those who are responsible for information security as part of their day-to-day role), or those who are considering a career change into this field, this course would be ideal for you.

It also provides the opportunity for those already within these roles to enhance or refresh their knowledge and in the process gain an industry-recognised qualification, which demonstrates the level of knowledge gained.

Prerequisites

There are no formal entry requirements however, you should have basic working IT knowledge and an awareness of the issues involved with the security control activities.

What jobs could I apply for after my BCS Information Security Management Principles training?

If you’re considering a career in IT or information security, this training course will benefit your career goals.

Typical job roles you can apply for after this training include:

  •    Information Security Engineer – £47,782
  •    IT Security Manager – £64,690
  •    Information Systems Security Manager – £43,936

(Source: Payscale)

Why study the BCS Foundation CISMP with e-Careers?

We have developed an expert team over the last 10 years since our inception. In that time, we have trained over 595,000 delegates globally, which has helped offer the highest quality training. 

We have also refined our processes, partner relationships, and course materials to offer you a high-quality training solution. 

You will also benefit from:

  •    1-year BCS membership included (worth £92).
  •    Fast-track learning with our Online training course.
  •    Industry-recognised qualifications to enhance your career prospects.
  •    We offer interest-free payment options.

BCS Membership Benefits

This course benefits from 1-year BCS membership worth £92, which is eligible from the moment you pass your first exam. 

Benefits of this associate’s membership include:

  •    Professional recognition
  •    Career development
  •    Networking
  •    Knowledge and best practice
  •    Exclusive discounts and offer

Read the full membership details.

Foundation CISMP Syllabus

Learning Outcomes

You will be able to demonstrate knowledge and understanding of Information Security Management Principles in the following areas:

  •    Knowledge of the concepts relating to information security management (confidentiality, integrity, availability, vulnerability, threats, risks, countermeasures).
  •    Understand the relevant current legislation and regulations which impact information security management.
  •    Comprehension of the relevant current national and international standards, frameworks and organisations which facilitate the management of information security.
  •    Knowledge of the environments in which information security management must operate.
  •    Understand the categorisation, operation, and effectiveness of controls of different types and characteristics.

Syllabus & weighting

Information Security Management Principles (10%) 

  • Identify definitions, meanings and use of concepts and terms across information security management. 
  • Explain the need for, and the benefits of information security. 

Information Risk (10%) 

  • Gain an appreciation of risk assessment and management as it applies to information security. 
  • Outline the threats to and vulnerabilities of information systems. 
  • Describe the processes for understanding and managing risk relating to information systems.

Information Security Framework (15%) 

  • Explain how risk management should be implemented in an organisation. 
  • Interpret general principles of law, legal jurisdiction and associated topics as they affect information security management covering a broad spectrum from the security implications on compliance with legal requirements affecting business.
  • Describe the number of common, established standards and procedures that directly affect information security management. 

Security Lifecycle (10%) 

  • Demonstrate an understanding of the importance and relevance of the information lifecycle. 
  • Identify the following stages of the information lifecycle. 
  • Outline the following concepts of the design process lifecycle including essential and non-functional requirements. 
  • Demonstrate an understanding of the importance of appropriate technical audit and review processes, of effective change control and of configuration management. 
  • Explain the risks to security brought about by systems development and support. 

Procedural/People Security Controls (15%) 

  • Explain the risks to information security involving people. 
  • Describe user access controls that may be used to manage those risks. 
  • Identify the importance of appropriate training for all those involved with information. 

Technical Security Controls (25%) 

  • Outline the technical controls that can be used to help ensure protection from malicious software. 
  • Identify information security principles associated with the underlying networks and communications systems.
  • Recognise the information security issues relating to value-added services that use the underlying networks and communications systems. 
  • Recall the information security issues relating to organisations that utilise cloud computing facilities. 
  • Define the following aspects of security in information systems, including operating systems, database and file management systems, network systems and applications systems and how they apply to the IT infrastructure. 

Physical and Environmental Security Controls (5%) 

  • Outline the physical aspects of security available in multi-layered defences and explain how the environmental risks to information in terms of the need, for example, for appropriate power supplies, protection from natural risks (fire, flood, etc.) and in the everyday operations of an organisation.

Disaster Recovery and Business Continuity Management (5%)

  • Describe (K1/2) the differences between and the need for business continuity and disaster recovery. 

Other Technical Aspects (5%) 

  • Demonstrate understanding of the principles and common practices, including any legal constraints and obligations, so they can contribute appropriately to investigations. 
  • Describe the role of cryptography in protecting systems and assets, including awareness of the relevant standards and practices. 

Foundation CISMP Exam Details

Exam format – Multiple-choice.

Duration – 120-mins.

Number of questions – 100.

Pass mark – 65/100 (65%).

Open book? - No.

We're Trusted by
Hundreds of thousands of individuals, small businesses and large corporations continuously put their trust in e-Careers.​
We are proud to have trained individuals who work for some of the world’s largest companies, including:​
Trusted by Trusted by