Information Security and IT Governance training has become a priority in recent years as organisations need to build the skills to deal with compliance and performance issues. With information at the heart of the modern economy, Information Security and IT Governance are topics for all business managers - not just CIOs. The positive news is that in a recent survey 75% of organisations have adopted at least one recognised governance framework such as COBIT, ITIL or ISO27001.
Our IT Governance and Information Security training courses are available in London, Aberdeen, Bedford, Birmingham, Cambridge, Manchester, Leeds, Glasgow, Warwick & 20 UK cities. As well as the most comprehensive schedule of courses aligned to international certifications, Focus offers introductory security courses, and specialist training in areas such as Cloud computing, and Malware. Cloud security training includes the CCSK course from the Cloud Security Alliance.
A thorough, practical, 5 day course designed to provide the knowledge and skills required to manage information security, information assurance or information risk based processes.Course Info
Explore Security and Governance Courses by Type
(ISC)² Training Courses
The International Information Systems Security Certification Consortium (ISC)², is a global leader in educating and certifying information security professionals throughout their careers. ISC2 training courses help candidates prepare for well recognised certifications such as CISSP and CSSLP.
BCS Security-Data-Green Courses
Information risk, security and compliance training courses are essential for organisations wishing to operate within the latest data protection, information security and freedom of information legislation. There is a popular set of courses accredited by the professional examination arm of the British Computer Society (BCS). They will ensure that you meet statutory requirements, protect your organisation and operate efficiently. Each course leads to a well-recognised certification, with popular options including:
- BCS-ISEB Data Protection Certificate
- BCS-ISEB Freedom of Information
- BCS-ISEB Information Security Management Principles (CISMP)
Business Continuity Training Courses
Business continuity training courses from Focus include those accredited by the Business Continuity Institute (BCI) and the ISEB (British Computer Society).
The art of Business Continuity Management is to be prepared - and this requires systematic programmes to anticipate potential incidents and plan avoidance and mitigation actions. Business continuity professionals will benefit from training courses which embody best practice approaches adopted by many leading organisations.
EC Council Training Courses
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various information security and e-business skills. EC-Council has itself been certified by American National Standards Institute to meet its ANSI 17024 standard. It is the owner and creator of the world famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Over 120,000 individuals have attended EC Council information security courses. More than 50,000 security professionals hold EC Council certifications.
ISACA Training Courses
ISACA information security training courses include CISA and CISM. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves. ISACA boasts 100,000 members in more than 180 countries. It embraces those in a variety of professional IT-related positions including IS auditor, consultant, IS security professional, regulator, chief information officer and internal auditor.
A highly regarded training and certification scheme lies at the heart of ISACA's activities. Its Certified Information Systems Auditor (CISA) certification is recognised globally and has been earned by more than 88,000 professionals. The Certified Information Security Manager (CISM) certification uniquely targets the information security management audience and has been earned by more than 17,000 professionals.
ISO20000 Training Courses
ISO20000 training courses provide the skills needed to implement, audit and maintain these internationally recognised standards for information and information security systems. As well as developing the skills of individuals, good corporate governance of an organisation is often achieved and demonstrated through achievement of widely recognised ISO and BSI quality accreditations.
ISO20000 is the international standard which has been developed from BS15000. It is a powerful indicator of an organisation which has adopted a structured and professional approach to all aspects of its information systems. Many of the underlying disciplines are firmly rooted in ITIL best practice. For individual skill sets which underpin ISO20000 explore our comprehensive range of ITIL training courses.
ISO27001 Training Courses
ISO27001 displaces BS7799-2 making it the new international standard for an Information Security Management System. It provides a framework which can help ensure compliance with the various UK and international regulations including the Copyright Designs and Patent Act 1988, the Computer Misuse Act 1990, the Telecommunications Regulations 1998, the Data Protection Act 1998, the Human Rights Act 1998, the Regulation of Investigatory Powers Act 2000, the Freedom of Information Act 2000 and the 2002 OECD Information Security Guidelines.
Training courses are available for those responsible for implementing, auditing - or just working within an ISO27001 compliant organisation.
IT Governance & COBIT Training Courses
Focus offers training which aligns with leading international standards such as COBIT, Basel III and Sarbane Oxley. Both COBIT and CGEIT focus on the governance issues associated with enterprise IT.
COBIT courses provide an understanding of this widely adopted framework. COBIT is maintained by ISACA. It provides a comprehensive framework that assists enterprises in achieving their objectives for the governance and management of enterprise information and technology.
The CGEIT course is designed to enable candidates to understand the roles, responsibilities and various focus areas of IT governance. The course is aimed at IT and business professionals who hold substantial positions in management, advisory or assurance related to the governance of enterprise IT. The Certified in the Governance of Enterprise IT (CGEIT) certification promotes the advancement of professionals who wish to be recognized for their IT governance-related experience and knowledge.
Frequently Asked Questions
Corporate governance is one of the most topical areas of business management. Its relevance goes far beyond high profile cases such as Enron, Parmalat and BP. Organisations large and small are recognising the customer, shareholder and legal ramifications of weak leadership when it comes to clarity of core policies, well defined decision making processes, transparency and accountability.
With the prominent role of IT and knowledge management within many organisations, IT governance becomes a key subset. IT Governance is a framework for the leadership, organisational structures and business processes, standards and compliance to these standards, which ensure that the organisation’s IT supports and enables the achievement of its corporate strategies and objectives.
Central components are Information Security and Legal Compliance, but topics also include Business Continuity, Service Level Management, Knowledge Management, Project Governance and Risk Management. The latest version of ITIL reflects the central contribution of IT Governance with more emphasis on integration of IT with the rest of the business - rather than just alignment.
There is a bewildering array of Information Security qualifications.
They range from those which take a more managerial approach to the topic (eg CISM) to those which are hands on technical (eg Certified Ethical Hacker).
For more information download our guide to Information Security Training & Certification. It's free.
Its Certified Information Systems Auditor (CISA) certification is recognised globally and has been earned by more than 50,000 professionals since inception.
The Certified Information Security Manager (CISM) certification targets the information security management audience and has been earned by more than 6,500 professionals.
Most provisions of the Act relate to accounting standards, financial controls and transparency.
The impact on IT systems is largely indirect. The Act has heightened focus on data security and integrity. Controls for financial processes have been tightened and this has resulted in increased use of IT oriented standards such as COBIT and ITIL to assure compliance.
There is now a raft of legislation which touches upon data protection and information security for organisations in the UK. This legislation includes:
- The Human Rights Act 1998
- The Copyright, Designs and Patent Act 1988
- The Computer Misuse Act 1990
- The Telecommunications Regulations 1998 (Data Protection and Privacy)
- The Data Protection Act 1998, the Regulation of Investigatory Powers Act 2000
- The Freedom of Information Act 2000.
A rigorous framework such as ISO 27001 can help ensure compliance.
Along with ITIL and ISO27001, COBIT is a leading international codification of best practice with regard to IT Governance.
COBIT, or Control Objectives for Information and related Technology, now in version 4.0, was developed by America's IT Governance Institute. COBIT is increasingly accepted as good practice for control over information, IT and related risks. Its guidance helps organisations implement effective governance over enterprise wide IT. In particular, COBIT's Management Guidelines component contains a framework for the control and measurability of IT by providing tools to assess and measure the enterprise’s IT capability for the 34 identified COBIT processes.
ISO/IEC 27001 is an information security management system (ISMS) standard published in October 2005 by the International Organisation for Standardisation and the International Electrotechnical Commission. Its full name is ISO/IEC 27001:2005 - Information technology -- Security techniques -- Information security management systems -- Requirements but it is commonly known as ISO 27001.
It is intended to be used in conjunction with ISO 17799, the Code of Practice for Information Security Management, which lists security control objectives and recommends a range of specific security controls. Organisations that implement an ISMS in accordance with the best practice advice in ISO 17799 are likely simultaneously to meet the requirements of ISO 27001, but certification is entirely optional.
ISO 27001 was based upon and replaced BS 7799 part 2 which was withdrawn. ISO 27001 is the first in a family of international information security standards that will underpin and protect IT worldwide over the next decade. ISO27001 is designed to harmonise with ISO9001:2000 and ISO14001:1996 so that management systems can be effectively integrated. It implements the Plan-Do-Check-Act (PDCA) model and reflects the principles of the 2002 OECD guidance on the security of information systems and networks.
The International Information Systems Security Certification (ISC2) is a US not for profit organisation which aims to set the globally recognised Gold Standard for certifying information security professionals throughout their careers. They have certified over 50,000 information security professionals in more than 120 countries. The six ISC2 qualifications are:
CISSP - Certified Information Systems Security Professional
ISSAP - Information Systems Security Architecture Professional
ISSMP - Information Systems Security Management Professional
ISSEP - Information Systems Security Engineering Professional
CAP - Certification and Accreditation Professional
SSCP - Systems Security Certified Practitioner
We are specialist providers of Project Management, Business Analysis and IT training. We work alongside expert trainers to ensure our scheduled public courses and in house training provision is of a consistently high standard.
Focus customers include Cambridgeshire Fire & Rescue, East Sussex County Council, Leeds City Council and RNIB.
As well as instructor led classroom courses we also offer online courses and in-house Information Security training. Information Security onsite training is a convenient and cost-effective study method for organisations looking to train a group of delegates.
Our online Information Security courses let you study in your own time and are usually the least expensive study option.
We have an extensive range of courses suitable for business, IT and project professionals. This includes training in the areas of Prince2, MSP, APM, ITIL, Business Analysis, Microsoft Project and Software Testing.
Our most popular courses include Prince2 Foundation & Practitioner, MSP Practitioner, ITIL Foundation and ISTQB Software Testing Foundation. Contact a member of our sales team today to discuss your requirements.