Information Security Management Professional based on ISO/IEC 27001
Training available in 3 learning modes
The module Information Security Management Professional based on ISO/IEC 27001 (ISMP.EN) tests understanding of the organizational and managerial aspects of information security.
The Information Security Management Professional Certificate builds on the Information Security Foundation Certificate in which the basic concepts of information security are tested.
The subjects of this training are:
- Information security perspectives: business, customer, service provider/supplier
- Risk Management: analysis, controls, remaining risks
- Information security controls: organizational, technical, physical.
Security professionals. This module is intended for everyone who is involved in the implementation, evaluation and reporting of an information security program, such as an Information Security Manager (ISM), Information Security Officer (ISO) or a Line Manager, Process Manager or Project Manager with security responsibilities.
The Information Security Management Professional based on ISO/IEC 27001 certification tests candidates at Bloom Levels 3 and 4 according to Bloom’s Revised Taxonomy:
- Bloom Level 3: Applying – shows that candidates have the ability to make use of information in a context different from the one in which it was learned. This type of questions aims to demonstrate that the candidate is able to solve problems in new situations by applying acquired knowledge, facts, techniques and rules in a different, or new way. The question usually contains a short scenario.
- Bloom level 4: Analyzing – shows that candidates have the ability to break learned information into its parts to understand it. This Bloom level is mainly tested in the Practical Assignments. The Practical Assignments aim to demonstrate that the candidate is able to examine and break information into parts by identifying motives or causes, make inferences and find evidence to support generalizations.
Contact hours (face to face learning)
The minimum number of contact hours for the course is 20. This number includes practical
assignments, exam preparation and short coffee breaks. Not included are: homework, the logistics related to the exam session, the exam session and lunch breaks.
Indication study effort
120 hours, depending on existing knowledge.
Basic knowledge of Information Security is recommended, for instance through the Information Security Foundation based on ISO/IEC 27001 certification.