/ Home / BCS Certificate in Information Security Management Principles CISMP

BCS Certificate in Information Security Management Principles CISMP

in
BCS Certificate in Information Security Management Principles CISMP
 
This five-day course will run week commencing 03/09/2012 in Cardiff City Hall reduced from £2000 to £1175.
 
This course has been commissioned by Cardiff City Council and is being offered to Continuity Forum members, at cost, at the significantly discounted rate of £1175 + VAT. The advertised rate of this course is usually in the region of £2000 + VAT so this presents a fantastic saving for anyone wishing to attend this particular offering.
 
All course materials, the course exam, refreshments and lunch are included. 

Please note places are limited so early booking is advised. The rate may be negotiable for multiple bookings.
 
Summary:
 
This intensive and highly practical 5-day course has been accredited by the Information Systems Examination Board (ISEB) of the British Computer Society (BCS). The course has been designed to provide the necessary information and guidance in order for delegates to be able to fulfill their roles as information security officers or information risk decision takers.
 
Delegates will be provided with a comprehensive understanding of the main concepts which underpin information security and how they relate to each other. The course covers such concepts as confidentiality, integrity and availability, threats, risks and vulnerabilities, as well as a range of technical and management controls capable of mitigating the risks.
 
BCS ISEB Examination:
 
Delegates will sit the 2 hour examination, set by BCS ISEB, on the final afternoon. The examination will comprise 100 multiple choice questions. Students will need to obtain a pass mark of at least 65% to pass the exam. A Distinction is obtained by those achieving a score of 80% or higher.
 
Course style:
 
The CISMP course is a mixture of traditional classroom training, syndicate exercises, mock exams and group discussions. Delegates are encouraged to participate throughout the course and are presented with draft policies and worked examples for discussion.
 
There is a small amount of evening work which is mainly the revision of the comprehensive courseware notes. Our consultants are on hand throughout the week, including the evenings, to answer delegates' questions and queries.
 
Skills Gained:
 
The training program aims to provide CISMP students with the skills and knowledge required to pass the "The Certificate in Information Security Management Principles"(CISMP) examination by demonstrating the following:
 
Knowledge of the concepts relating to information security management (confidentiality, availability, vulnerability, threats, risks and countermeasures etc.) 
Understanding of current legislation and regulations which impact upon information security management in the UK; Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security; 
Understanding of the current business and technical environments in which information security management has to operate; 
Knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics. 
 
Course Outline:
 
Information security concepts & definitions 
Information Security Management System (ISMS) concept 
The need for, and benefits of, information security: Corporate Governance 
Information risk management 
Information security organisation & responsibilities: Legal and regulatory 
obligations 
Policies, standards & procedures: Delivering a balanced ISMS. Security 
procedure 
Information security governance: Policy reviews. Security audits 
Security incident management: Objectives and stages of incident 
management 
Information security implementation: Getting management buy-in 
Legal framework: Processing personal data 
Employment issues. Computer misuse 
Intellectual property rights. Data Protection Act 
Security standards & procedures: ISO/IEC 27001/27002 and ISO/IEC 
13335 
Threats to, and vulnerabilities of, information systems 
People security: Organisational culture 
Acceptable use policies 
Systems development & support: Linking security to whole business 
process. Change management process. 
Handling security patches 
Role of cryptography: Common encryption models 
User access controls: Authentication and authorisation mechanisms 
Networks & communications: Partitioning networks. Role of cryptography. 
Controlling 3rd party access. Intrusion monitoring. Penetration testing 
External services: Protection of Web servers and e-commerce applications 
IT infrastructure: Operating, network, database and file management 
systems 
Testing, audit & review: Strategies for security testing of business systems 
Training: The purpose and role of training. Promoting awareness 
Physical & environmental security: Controlling access and protecting 
physical sites and assets 
Disaster recovery & business continuity management: Relationship 
between risk assessment and impact analysis 
Investigations & forensics: Common processes, tools and techniques. Legal 
and regulatory guidelines 
 
Course Tutor:
 
Simon Taylor MSc CLAS CISSP CISMP PCIRM 
With an MSc in Information Security from Royal Holloway College, University of London and over 10 years as an Information Assurance professional both as a consultant for Insight Consulting and previously as the Information Security Officer for Equity Insurance, Simon has developed and presents a suite of Information Assurance training courses to fit today's demanding requirements. As an IA and CLAS consultant, CISSP and ISO 27001 Lead Auditor, Simon brings both a wide and a deep knowledge of Information Assurance topics and experience across a broad range of organisations. 
 
Booking: 
 
Please email tcroall@hotmail.com if you would like to book a place / discuss further.