Cyber Security Certification: Information Security Management Professional based on ISO/IEC 27001

Information Security Management Professional based on ISO/IEC 27001

Training available in 3 learning modes

Summary

The module Information Security Management Professional based on ISO/IEC 27001 (ISMP.EN) tests understanding of the organizational and managerial aspects of information security.

The Information Security Management Professional Certificate builds on the Information Security Foundation Certificate in which the basic concepts of information security are tested.

Training objectives

The subjects of this training are:

Information security perspectives: business, customer, service provider/supplier
Risk Management: analysis, controls, remaining risks
Information security controls: organizational, technical, physical.

Target group

Security professionals. This module is intended for everyone who is involved in the implementation, evaluation and reporting of an information security program, such as an Information Security Manager (ISM), Information Security Officer (ISO) or a Line Manager, Process Manager or Project Manager with security responsibilities.

Bloom level

The Information Security Management Professional based on ISO/IEC 27001 certification tests candidates at Bloom Levels 3 and 4 according to Bloom’s Revised Taxonomy:

Bloom Level 3: Applying – shows that candidates have the ability to make use of information in a context different from the one in which it was learned. This type of questions aims to demonstrate that the candidate is able to solve problems in new situations by applying acquired knowledge, facts, techniques and rules in a different, or new way. The question usually contains a short scenario.
Bloom level 4: Analyzing – shows that candidates have the ability to break learned information into its parts to understand it. This Bloom level is mainly tested in the Practical Assignments. The Practical Assignments aim to demonstrate that the candidate is able to examine and break information into parts by identifying motives or causes, make inferences and find evidence to support generalizations.

Training duration

Contact hours (face to face learning)

The minimum number of contact hours for the course is 20. This number includes practical

assignments, exam preparation and short coffee breaks. Not included are: homework, the logistics related to the exam session, the exam session and lunch breaks.

Indication study effort

120 hours, depending on existing knowledge.

Training prerequisites

Basic knowledge of Information Security is recommended, for instance through the Information Security Foundation based on ISO/IEC 27001 certification.