The objective of the course is to provide a comprehensive but necessarily high level overview of Information Assurance and how it is addressed within HMG organisations and commercial supply chain companies. It will provide delegates with an initial understanding of the basic concepts and language of Information Assurance so that they can subsequently work directly in this complex field or work indirectly with security professionals. This course contributes to the attainment of the CESG Certified Professional Scheme (CCPS) and the following specific CCP roles at the Practitioner level.
The course is related to other Information Assurance courses and provides the basis for the Information Assurance Risk Management for HMG and the Introduction to Accreditation courses. Where appropriate this course links to aspects covered in both of those courses, such as how risk management can be conducted and the possible role in that process of an Accreditor.
The course objectives are:
- To give delegates an overview of what Information Assurance is, what it comprises, the terminology used and why it is relevant to them.
- To explain what the nature of cyber security threats are and how they can be realized.
- To describe information risk management and explain how it can be used to mitigate risks to the business.
- To tell delegates where they can get advice and guidance on all aspects of security.
This course is aimed at those in government organisations or commercial companies with little or no previous knowledge of cyber security. Ideally delegates should have some understanding of wider business risk management and of security in general. It is designed to teach the fundamentals of Information Assurance for HMG and is intended to provide sufficient understanding of the subject to enable delegates to progress to other aspects of security.
The course will benefit:
- Those who are new to Information assurance and who want a baseline of understanding so that they can go on to learn more about the subject.
- Government staff who want a better understanding of the subject to be able to assess how it can affect them in their own roles.
- Staff who have taken on responsibilities where a knowledge of cyber security is required.
- Senior managers of both government organisations and HMG supply chain companies who want a better understanding of Information assurance and how it impacts their business so that they can make better informed decisions;
- Project manager's delivering IT projects to government and who need to demonstrate that security risks have been balanced with business benefit.
- Those who are tasked with providing awareness training on Information Assurance in their organisations.
- Those who are concerned with the review of Information assurance in their organisation in response to a contractual or other compliance requirement.
Support for CESG Certified Professional
This course contributes to the attainment of the CESG Certified Professional Scheme (CCPS) and the following specific CCP roles at the Practitioner level:
Security and Information Risk Advisor, IA Auditor, Accreditor, IT Security Officer, Security Architect, Penetration Tester, Communications Security roles.
The course supports CCP Level 1: Awareness (understands the skill and its application). It provides skills against the following competencies used in the CCP assessment process:
A1: Governance, A2: Policy and Standards, A6: Legal and Regulatory Environment, B1: Risk Assessment, B2: Risk Management, D1: IA Methodologies.
IISP Skills Alignment
This course is aligned to the following Institute of Information Security Professionals (IISP) Skills. More details on the IISP skills framework can be found here.
- A1, A2, A5, A6, B1, G1
Continuous Professional Development (CPD)
CPD points can be claimed for GCT accredited courses at the rate of 1 point per hour of training for GCHQ accredited courses (up to a maximum of 15 points).