You must login / register an account before enrolling in a free course or purshasing a premium course.
Course Description
**Note: This course has been superseded by different options and restructured courses for executives. This course still remains perfectly valid, and our blog post explains what we have done. You can also click here for details of new courses to find the most appropriate one for you. You can still access this course with a valid User License**
Executives working in UK commercial and third sector companies of any size need to be aware of the requirements for information security. They also need to be aware of the context of their role and the roles of others in defining and implementing company policies and processes, and in some cases implementing management systems for meeting the requirements of standards which the company may be certified against. Information security is increasingly becoming critically important and good practices will ultimately benefit the company and its customers.
This course delivers an overview and awareness of key topics for executives enabling them to undertand the requirements and best practice activities for consideration in the context of their business. The key topics covered include those referenced in best practices guidance as set out in the National Cyber Security Centre (NCSC) and standards such as Cyber Essentials and ISO 27001 as well as references to related laws.
Who is the course for?
The course should be taken by executives and senior managers who are ultimately responsible for information security. This course is not intended for public sector or government organisations where special rules apply.
What training pre requisites are there for taking the course?
There are no training pre requisites. The training is best used when the organisation has established policies with regard to information security.
What level of knowledge is required?
No specific specialist information security knowledge is required. It is assumed that all executives have a good knowledge of the business in order to be able to consider the context of the training content with their own organisation.
What knowledge will be gained after taking the course
This particular course is not intended to provide training to be able to implement information security management systems, but will provide the executive with the following:
- Awareness and understanding of Information Security terms, concepts and frameworks
- Awareness and general understanding of the principles and objectives of information security.
- Awareness of the Law
- Awareness of governance best practices
- Awareness of core topics including Remote working, mobile devices, passwords, social engineering, phishing, malware, use of social media, physical security
- Awareness of roles and responsibilities to be delegated including Training, Identity and Access management, privilege access, patching, secure configuration, change management, backup, asset management, network security, operations and IT security
- Awareness of Risk management and controls
- Awareness of frameworks including NCSC Best practices, Cyber Essentials and ISO27001
- Awareness of incident management and reporting
- Awareness of Information security relating to business continuity management