Information Security Foundation
- Course Code S-ISF
- Duration 2 days
Course Delivery
Jump to:
Course Delivery
This course is available in the following formats:
-
Public Classroom
Traditional Classroom Learning
Request this course in a different delivery format.
Course Overview
TopThe Information Security Foundation (ISF) course provides you with a comprehensive introduction to information security management. The course covers a wide range of topics, from fundamental security concepts and terminology to effective information security controls.
During the course, you will familiarise yourself with ISO 27001, the most widely used information security standard that provides requirements for implementing and continually improving an information security management system (ISMS). You will understand what focus areas information security needs to address to ensure appropriate protection against information security threats. With the help of ISO 27001 and its supporting code of practice, ISO 27002, you will gain insight into commonly accepted information security controls. At the end of the course, you will communicate with confidence about information security topics. You will have a good understanding of information security risks, and you will be able to link them with best-practice physical, organisational and technical information security measures.
ISF gives you a solid grounding in information security management principles. The knowledge you build up in this course enables you to follow our Practitioner training and try your hand at complex implementation tasks, such as performing an information security risk assessment and designing an information security awareness program.
- Learn how to use ISO 27001 and 27002 to build an information security management system (ISMS);
- Get an in-depth overview of information security threats and controls with insights from real-world security experts;
- Prepare for your certification assessment with a free sample exam.
Course Schedule
TopTarget Audience
TopThe Information Security Foundation certifcation (S-ISF) is suitable for anyone in charge of handling information in any capacity.
This certification is also suitable for entrepreneurs in small and medium enterprises who need to possess a basic knowledge of information security.
This certification is an ideal start for new information security professionals. Should you want to specialize further, you can attain the next levels of certification:
- S-ISP Information Security Practitioner
- S-ISME Information Security Management Expert
Training and certification for each of these certifications is available through Global Knowledge.
Course Objectives
TopThe Information Security Foundation certifcation (S-ISF) equips you with the knowledge and skills you need to lay the foundations of your security education and career.
By passing the ISF certification exam and earning a SECO-Information Security Foundation (S-ISF) certificate, you demonstrate your ability to
- Adopt a holistic approach to information security;
- Understand fundamental security and risk management concepts;
- Understand quality improvement cycles and their importance for management systems;
- Understand and apply the main objectives of information security (confidentiality, integrity and availability or ‘the CIA triad’);
- Understand the importance and scope of influence of information security;
- Understand the importance of effective information security governance;
- Understand information security roles and responsibilities;
- Describe common information security threats and identify effective preventive, detective, repressive and corrective countermeasures;
- Describe best-practice physical, technical and organisational security measures;
- Grasp the basics of information security incident management;
- Understand the relationship between information security and business continuity management;
- Understand legal and regulatory requirements relevant to information security.
Course Content
TopModule 1: Code of Information Security ISO / IEC 27001/27002
- What is a standard and what is the difference between a standard and a framework?
- ISO / IEC 27001 and ISO / IEC 27002: 2013 in a nutshell
- Continuous improvement: the Deming cycle (Plan - Do - Check - Act)
- Implementation of the ISO / IEC 27001 and ISO / IEC 27002
- Management objectives and control measures
Module 2: Information and security
- Information and security: the concept, value, importance and reliability of information
- The cornerstones of information security: availability, integrity and confidentiality (together form the BIV triangle)
- The influence of information security on operational processes, information architecture and information management
- Different types of information and information systems
Module 3: Threats and Risks
- The concept of threat and risk and its relationship to the reliability of information
- Different types of risk analysis and risk assessment
- Different types of threats and ways to deal with threats
- Various types of damage
- Different ways to deal with risks
- Information security measures
- Preventing risks and performing security procedures
Module 4: Approach and organization
- The information security policy, the organization of information security and the management of security incidents
- What is a code of conduct?
- Tasks and responsibilities in an organization
Module 5: Measures
- The importance of physical, technical and organizational measures
- Different types and categories of security procedures
- The importance of access control
- Identification, authentication and authorization
- Business continuity management (BCM) aspects
Module 6: Laws and regulations
- The most important laws and regulations in relation to information security
- The importance of compliance
- Different types of compliance
Course Prerequisites
TopThe Information Security Foundation course is an entry-level course. No previous knowledge or experience is required.
The course is suitable for absolute beginners with a basic knowledge of computers and technology. If you already have a good understanding of information security management principles and you are interested in practicing a Security Officer’s tasks, we advise you to register for the Practitioner level.
Follow on Courses
Top- #000000
- S-ISF
- Information Security Foundation
- Information Security Management and-or Cybersecurity Management
- TRAINING | Information Security Foundation | S-ISF
- Seco Institute