Information Security Foundation course
Fundamental understanding of information security and a comprehensive introduction to information security management
Information Security Foundation (ISF) provides a comprehensive understanding of information security and risk management. Participants will learn about the importance of information security and how to integrate risk management into their organization’s plans and governance. The course covers strategies to mitigate human, organizational, and technological risks. By the end of the course, participants will be equipped to protect sensitive information, ensure compliance, and foster a security-conscious culture within their organization.
This Foundation training is the first level of SECO’s unique complete information security training & certification track. It readies you for the Practitioner level (Information Security Officer-level training with hands-on policy development, risk assessment, awareness planning, standard implementation and post-audit improvement planning exercises). The track culminates in an Expert – CISO training focused on strategic information security leadership.
Lies Alderlieste-de Wit
Author & Trainer
CISO at Stater
Chris Wauters
Author & Trainer
Security Transition Manager,
Agile & Security Leadership
Koen Maris
Advisory Board
Cyber Security Leader
at PwC Luxembourg
Michael Garceau
Trainer
Senior Risk Manager,
Founder CipherQuest
Mario Procopio
Trainer
Interim CISO &
Founder at Pro CISO®
At a Glance
Entry level
Information Security Foundation
3 days, 4.5 hours a day
Career starters and career switchers looking for an entry-level certification in information security. Anyone who wants or needs to learn the fundamentals of information security and information security management.
Gain a comprehensive introduction to information security and information security management.
Understand how to use ISO 27001 and ISO 27002, and gain insight into the topics covered.
Learn how to identify potential information security threats
Explore physical, technical and organisational control measures for protecting information.
Understand the fundamentals of information security risk management and risk assessment.
Understand information security roles and responsibilities within and outside the internal information security organisation.
Understand legal and regulatory requirements relevant to information security.
What’s included
- Official SECO-Institute course materials
- Training by passionate trainers with exceptional skills and industry experience
- Access to a SECO member portal where we share additional resources and knowledge events
- Practice exam
- Exam voucher
- Membership to SECO’s Alumni Network after passing the exam
Syllabus
Information and Security
Topics:
- What is information security?
- The importance of information security for organizations and employees
- The evolution of information security
- The information security process in a continuously changing environment
- Roles and responsibilities to manage information security
Topics:
- Elements and objectives of the risk management process
- Standards, laws and regulations, social obligations
- Relationship with other business plans
- Data protection & privacy
- How information risk management is governed
- Information and enterprise-wide risk management processes
- Qualitative and quantitative risk assessments
- Risk assessments & threat modeling
- Risk governance
Topics:
- What is information security awareness?
- The boundaries of awareness programs
Topics:
- The information security framework
- The use of standards and best practices
Topics:
- Asset management
- Identity and access management
- Data protection
- Vulnerability management
- Incident response
- Security intelligence
Topics:
- Conclude with a practice exam
Collect your badge of honor
Exam
- Language: English
- Delivered: Online via a certified proctor
- Questions: 40 multiple choice
- Time: 60 minutes