Course Description
This non technical course delivers a rapid overview and awareness of key topics related to information security, including concepts, business challenges, business benefits, and related security standards and frameworks. All general executives are ultimately collectively responsible for information security and should complete this course, as part of developing a positive cyber security culture.
Executives working in UK commercial and third sector companies of any size need to be aware of the requirements for information security. They also need to be aware of the context of their role and the roles of others in defining and implementing company policies and processes, and in some cases implementing management systems for meeting the requirements of standards which the company may be certified against. Information security is increasingly becoming critically important and good practices will ultimately benefit the company and its customers. This course delivers an overview and awareness of key topics for executives enabling them to understand the requirements and best practice activities for consideration in the context of their business. The key topics covered include those referenced in best practices guidance as set out in the National Cyber Security Centre (NCSC) and standards such as Cyber Essentials and ISO 27001 as well as references to related laws.
Who is the course for?
This course should be taken by all general executives and senior managers who need a very high level of awareness and rapid introduction to the subject which should enable them to engage effectively with another executive or senior manager to whom specific responsibilities have been assigned and who then reports directly into the board on matters of information security.
If you are a business owner or an executive / senior manager tasked with day to day operational accountability for cyber security, or indeed wish to attain a greater level of awareness of the practical considerations and best practices for businesses then please see this course IS03- Information Security Awareness for Accountable Executives
This course is not intended for public sector or government organisations where special rules apply.
What training pre requisites are there for taking the course?
There are no training pre requisites. The training is best used when the organisation has established policies with regard to information security.
What level of knowledge is required?
No specific specialist knowledge is required. It is assumed that all employees have undertaken a company induction as it would be advantageous for the student to be aware of the location of and have access to company-specific policies, processes, and procedures.
What knowledge will be gained after taking the course
This particular course is not intended to provide training to be able to implement information security management systems, but will provide the executive with the following:
-
- Awareness of Information Security principles and Objectives
- Awareness of the Law
- Awareness of the challenges and benefits of cyber security
- Awareness of roles, responsibilities and benefits of a positive cyber security culture
- Awareness of Baseline best practices and common threats
- Awareness of Regulatory compliance requirements
- Awareness of Frameworks and certification options