QA Total Learning™ is our newest and most effective way to learn.

This course is for security professionals who want to begin their certification journey within the Information Security field by attaining a BCS accredited qualification in Information Security Management Principles.

Learners will be Security Professionals who are looking to begin their certification and badging journey in the Cyber Security field. Alternatively, learners may be looking to begin their career in Cyber Security by learning about Information Security principles and practices.

In this Total Learning course, learners will have the best of both digital and live learning to learn the fundamental skills needed to secure information whilst also preparing themselves for official certification. The digital learning component (either exam- or skills-focused), involves sample exam questions, quizzes, and combination of video and written content.

Read more


There are no specific prerequisites for this course. It is ideal for members of information security management teams, IT managers, security and systems managers, information asset owners, and employees with legal compliance responsibilities.

Read more

At the end of this course, the learner will be able to:

At the end of this course, the learner will be able to:

  • Recognise why information security is required.
  • Identify Information Security Management System (ISMS) concepts and definitions
  • Define information risk management
  • Recognise corporate governance and organisational responsibilities, policies, standards, and procedures
  • Specify relevant ISO and IEC standards
  • Recognise information security controls
  • Appreciate incident management and legal frameworks
  • Identify areas of cryptography
  • Investigate data communications and networks, physical security and security auditing, training, and awareness
  • Recognise business continuity and disaster recovery
  • Identify areas of testing, audit and review and system development
  • Examine security investigations and forensics
Read more


This Total Learning course consists of three key stages, all explained during a 1-hour virtual kick off session, which includes a Q&A session:

  • Digital stage: 25 hours structured digital self-paced learning, completed over a minimum of 4 weeks.
  • Live stage: 3 day virtual event.
  • Exam: A two-hour, online multiple-choice exam.

The Digital Stage

The Digital Learning is valid for 3 months from the date of the kick off session

The Digital stage provides learners with the Foundational knowledge that is developed later in the Live stage. It is a self-paced, online learning experience, supplemented by videos to highlight key areas from industry experts. Regular review questions help learners judge and measure their progress and understanding.

The Digital stage is divided into eight Learning Paths:

  • Learning Path 1: An introduction to information risk management
  • Learning Path 2: Information security framework
  • Learning Path 3: Security Lifecycle
  • Learning Path 4: Procedural and people security
  • Learning Path 5: Technical and Security Controls
  • Learning Path 6: Introduction to Cryptography
  • Learning Path 7: Physical and Environmental Controls
  • Learning Path 8: Disaster Recovery and Business Continuity

These Learning Paths cover:

  • Information Risk Management
  • Risk Management Lifecycle & Treatment
  • Introduction to the Information Security Framework
  • Security Strategy and Legislation
  • Information Assurance & Standards
  • Information Lifecycle & Testing
  • Testing, Audit and Review
  • Procedural and People Security Controls
  • Protection from Malware
  • Network Communications
  • External Services
  • Virtualisation and Cloud Computing
  • IT Infrastructure Security
  • Cryptography
  • Physical & Environmental Controls
  • Security Incident Management
  • Business Continuity Management and Disaster Recovery
  • Preparing for the Exam

Live Event

In the Live event, a facilitator supports learners, as they explore case studies and scenarios to develop and deepen the knowledge and skills they gained in the Digital stage.

The Live event is highly collaborative, and learners interact with one another and the facilitator using Miro, an online collaboration tool. Learners will also complete daily quizzes to help consolidate what they learn.

The Live event will also help learners prepare for the CISMP exam: a mock exam provides exam day practice, and the facilitator will share tips and techniques to build exam day confidence.

Day 1 Exercises

  • Cyber Kill Chain scenario
  • Recap Confidentiality. Integrity and availability
  • Threat Management and Conduct scenario
  • Mobile phone security scenario
  • Security Architecture scenario
  • Supply Chain security scenario
  • Common Criteria scenario (ISO15408)
  • Recap Data Classification
  • Intellectual property Rights (Patent, Trademark, Trade secret and copyright) scenario
  • New Database Scenario

Day 2 Exercises

  • Insider threat Scenario
  • Permission Creep Scenario
  • DDOS attack activity
  • Threat Vector (offensive/defensive) Scenario
  • Training Plan for a Security Operations centre Scenario
  • Virus Containment Scenario
  • Recap Cyber- Firewalls/Honeypots/AI/Machine Learning
  • Recap Cryptography
  • Disposal of equipment Scenario
  • Forensic Readiness Plan

Day 3 Exercises

  • Ransomware scenario (Based on a real-world example)
  • ‘White Tailed Eagle’ scenarios (threats/Vulnerabilities/ISO 27001/Business Impact Assessment/risk assessments/ Information assurance/end user code of practice)
  • Q&A
  • Mock exam quiz to help delegates prepare for their CISMP exam.


The course will prepare leaners for the BCS Certificate in Information Security Management Principles (BCS CISMP) through practical learning and mock exam preparation.

The exam consists of 100 multiple-choice questions to be completed in a 2-hour exam, with learners needing 65% (65/100) to attain certification.

The exam is to be booked and taken outside of the Live event to allow learners to adequately prepare before taking the exam.

Read more

QA Total Learning™

Our most effective way to learn.

  • Flexible learning
  • Higher pass rates
  • Better workplace outcomes

Learn more about Total Learning

Dates & Locations

Frequently asked questions

See all of our FAQs

How can I create an account on myQA.com?

There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.

If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".

If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.

Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.

How do QA’s virtual classroom courses work?

Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.

We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting (more details in the link below) to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.

Learn more about our Virtual Classrooms.

How do QA’s online courses work?

QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course. When you book a QA online learning course you will receive immediate access to it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.

All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.

Learn more about QA’s online courses.

When will I receive my joining instructions?

Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.

When will I receive my certificate?

Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.

Contact Us

Please contact us for more information