A thorough, practical, online course designed to provide the knowledge and skills required to manage information security, information assurance or information risk based processes. QA's CISMP course is aligned with the latest national information assurance frameworks (IAMM), as well as ISO/IEC 27002 & 27001; the code of practice and standard for information security. This course is a GCHQ Certified Training (GCT) course.
The course follows the latest BCS syllabus and prepares delegates for the 2 hour multiple choice BCS examination (not included).
This qualification provides delegates with detailed knowledge of the concepts relating to information security; (confidentiality, integrity, availability, vulnerability, threats, risks and countermeasures), along with an understanding of current legislation and regulations which impact information security management. Award holders will be able to apply the practical principles covered throughout the course ensuring normal business processes become robust and more secure.
Although perceived as an IT issue, Information Security is in fact a subject relevant to all business units. The CiSMP program is ideal for members of information security management teams, IT Managers, security and systems managers, Information asset owners and employees with legal compliance responsibilities.
The course will act as a stepping stone to more advanced qualifications (either managerial or technical), and also sits nicely with existing project management and service management based programs.
IISP Skills Alignment
This course is aligned to the following Institute of Information Security Professionals (IISP) Skills. More details on the IISP skills framework can be found here.
- A1, A2, A3, A5, A6, B1, B2, C1, C2, D1, D2, E1, E2, E3, F1, F3, G1
Continuous Professional Development (CPD)
CPD points can be claimed for GCT accredited courses at the rate of 1 point per hour of training for GCHQ accredited courses (up to a maximum of 15 points).
- The need for Information Security
- Information Security Management System (ISMS) concepts & definitions
- Information risk management
- Corporate governance
- Organisational responsibilities
- Policies, standards & procedures
- ISO/IEC 27002, 27001 & 13335
- Information security controls
- Incident management
- Legal framework - personal data, DPA, CMA, IPR & copyright, HR & employment issues
- Cryptographic models
- Data Communications & networks
- Physical security
- Auditing & gap analysis
- Training & raising awareness
- Business continuity
- Security investigations & forensics