Certificate in Information Security Management Principles (CISMP)
- Course Code CISMP
- Duration 5 days
Additional Payment Options
GTC 35 inc. VAT
GTC, Global Knowledge Training Credit, please contact Global Knowledge for more details
This course is available in the following formats:
Event at company
Traditional Classroom Learning
Learning that is virtual
Request this course in a different delivery format.
This course is to provide training for their CISMP examination. The course will provide you with the knowledge and understanding of the main principals required to be an effective member of an information security team with security responsibilities as part of your day to day role. It will also prepare individuals who are thinking of moving into information security or related functions.
You will be thoroughly prepared to undertake the BCS examination, The achieved qualification will prove that the holder has a good knowledge and basic understanding of the wide range of subject areas that make up information security management.
These events can be delivered exclusively for your company at our locations or yours, specifically for your delegates and your needs. The Company Events can be tailored or standard course deliveries.
- Knowledge of the concepts relating to information security management (confidentiality, availability, vulnerability, threats, risks and countermeasures etc.)
- Understanding of current legislation and regulations which impact upon information security management in the UK; Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security;
- Understanding of the current business and technical environments in which information security management has to operate;
- Knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics.
- 1. Information Security Management Principles – 10%
- 1.1 Concepts and definitions
- 1.2 The need for & benefits of Information Security
- 2. Information Risk – 10%
- 2.1 Threats to & vulnerabilities of information systems
- 2.2 Risk Management
- 3. Information Security Framework – 20%
- 3.1 Organisation and responsibilities
- 3.2 Legal framework
- 3.3 Security standards and procedures
- 4. Procedural/people security controls – 15%
- 4.1 People
- 4.2 User access controls
- 4.3 Training
- 5. Technical security controls – 25%
- 5.1 Protection from malicious software
- 5.2 Networks and communications
- 5.3 External services
- 5.4 Cloud computing
- 5.5 IT infrastructure
- 6. Software development – 5%
- 6.1 Testing, audit & review
- 6.2 Systems development & support
- 7. Physical and environmental controls – 5%
- 8. Disaster recovery and business continuity management – 5%
- 9. Other technical aspects – 5%
- 9.1 Investigations & forensics
- 9.2 Role of cryptography
- A minimum of 12 months experience within any IT job is beneficial. No technical skill or Security background is required.