Governance of Information Security Foundation
This course is currently not scheduled on the open calendar, but can be organized on request.Request Course
The target group of ISFS is everyone in the organization. The basic knowledge that is tested in this module contributes to the understanding that information is vulnerable and that measures are necessary to protect this information. The module is also suitable for small independent businesses for whom some basic knowledge of information security is necessary. This module can be a good start for new information security professionals.
Individuals certified at this level will have demonstrated their understanding of: The concept, importance and the reliability of information; The types of risks, threats and damages, and the available risk strategies and the security measures you can take; The security policy and organization, inclusive code of conduct, ownership, and roles and responsibilities. Moreover you learn how to manage security incidents.; The various security measures; Physical measures such as identity passes and finger scans; Technical measures such as cryptography, and you will learn how to deal with attacks such as phishing, spam and malware; Organizational measures you can take such as access management and Business Continuity Management.; The most important legislation and regulations.
Class training alternated with exercises.
Information Security is gaining importance in the Information Technology (IT). Globalization of the economy leads to a growing exchange of information between organizations (their employees, customers and suppliers). It also leads to a growing use of networks, such as the internal company network, connection with the networks of other companies and the Internet. Furthermore, activities of many companies now rely on IT, and information has become a valuable asset. Protection of information is crucial for the continuity and proper functioning of the organization: information must be reliable. In the Information Security Foundation module, based on ISO/IEC 27002 (ISFS), the basic concepts of information security and their coherence are tested.
EXIN Information Security Foundation is part of the Certified Integrator Program and is one of the prerequisites to attain the title: EXIN Certified Integrator Secure Cloud Services.You will receive the certificate EXIN Certified Integrator Secure Cloud Services when you possess the certificates: EXIN Information Security Foundation, EXIN Cloud Computing Foundation and EXIN IT Service Management Foundation.
In-Course Assessment The candidate must have successfully completed four (4) practical assignments (3 hours each in length): • Assignment in evidence gathering (documents) • Assignment in planning an audit (based on a case study) • Assignment in planning improvements for an organization who has failed an audit • Assignment in writing conformity, observation and non-conformity statements
- Welcome and Introduction
- Information and Security
- Threats and Risks
- Approach and Organization
- Sample Exam & Review
- Information Security Foundation based on ISO/IEC 27002 Certification Exam