close

close

Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.

close

close

Press esc to close

close close

Back to course information

Thank you for your enquiry!

One of our training experts will be in touch shortly to go overy your training requirements.

close close

Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.

CISSP Training

Online Instructor-led (5 days)

Classroom (5 days)

Online Self-paced (40 hours)

Certified Information Systems Security Professional Course Outline

The following subjects will be taught during this five-day CISSP course:

Security and Risk Management:

  • Confidentiality, Integrity, and Availability Concepts
  • Security Governance Principles
  • Compliance
  • Legal and Regulatory Issues
  • Professional Ethics
  • Security Policies, Standards, Procedures, and Guidelines

Asset Security:

  • Information and Asset Classification
  • Ownership
  • Protect Privacy
  • Appropriate Retention
  • Data Security Controls
  • Handling Requirements

Security Architecture and Engineering:

  • Engineering Processes using Secure Design Principles
  • Security Models Fundamental Concepts
  • Security Evaluation Models
  • Security Capabilities of Information Systems
  • Security Architectures, Designs, and Solution Elements Vulnerabilities
  • Web-based Systems Vulnerabilities
  • Mobile Systems Vulnerabilities
  • Embedded Devices and Cyber-Physical Systems Vulnerabilities
  • Cryptography
  • Site and Facility Design Secure Principles
  • Physical Security

Communication and Network Security:

  • Secure Network Architecture Design
  • Secure Network Components
  • Secure Communication Channels
  • Network Attacks

Identity and Access Management (IAM):

  • Physical and Logical Assets Control
  • Identification and Authentication of People and Devices
  • Identity as a Service
  • Third-party Identity Services
  • Access Control Attacks
  • Identity and Access Provisioning Lifecycle

Security Assessment and Testing:

  • Assessment and Test Strategies
  • Security Process Data
  • Security Control Testing
  • Test Outputs
  • Security Architectures Vulnerabilities

Security Operations:

  • Investigations Support and Requirements
  • Logging and Monitoring Activities
  • Provisioning of Resources
  • Foundational Security Operations Concepts
  • Resource Protection Techniques
  • Incident Management
  • Preventative Measures
  • Patch and Vulnerability Management
  • Change Management Processes
  • Recovery Strategies
  • Disaster Recovery Processes and Plans
  • Business Continuity Planning and Exercises
  • Physical Security
  • Personnel Safety Concerns

Software Development Security:

  • Security in the Software Development Lifecycle
  • Development Environment Security Controls
  • Software Security Effectiveness
  • Acquired Software Security Impact

Delegates should purchase the following book which will be used during the course: The Official (ISC)2 Guide to the CISSP CBK Reference, 5th Edition, by John Warsinske.

It might also prove useful to briefly read over some of this guide prior to starting the course to supplement your learning and prepare you for your CISSP training.

Show moredown

Who Should Attend this CISSP Training Course?

This CISSP training course is suitable for mid- and senior-level managers who are working towards or have already achieved a position such as:

  • Chief Information Security Officer (CISO)
  • Chief Security Officer (CSO)
  • Senior Security Engineer
  • Security Consultant
  • Security Manager
  • Security Auditor
  • Security Architect
  • Network Architect

Prerequisites

No prior certifications are required, but delegates will thrive if they possess experience or knowledge of IS Security

Certified Information Systems Security Professional Course Overview

Our Certified Information Systems Security Professional (CISSP) training course aims to supply delegates with a theory-based approach to learning the Information Systems security process and how to apply this process to real-life scenarios. The course is based around teaching the eight fundamental domains of Information Security, which provide delegates with all the information they require to obtain a broad understanding of Information Security and pass the CISSP exam.

The CISSP certification is globally recognised as the best Information Systems Security certification for Security Professionals. Our trainers use a theory-based training strategy, allowing for a clear explanation of CISSP terminology and methodology.

Show moredown

What's included in this CISSP Training Course?

This CISSP course will include: 

  • Exam Pass Guarantee
  • Certificate
  • Experienced Instructor
  • Refreshments 

The following book is required for this training course: The Official (ISC)² Guide to the CISSP CBK Reference, 5th Edition, by John Warsinske, however, this book is not included with the course fee and will need to be purchased separately.

Show moredown

Online Instructor-led (4 days)

Classroom (4 days)

Online Self-paced (32 hours)

CISSP-ISSAP Training & Certification Outline

The bulk of the course will consist of reviews of the material from each of the six CISSP-ISSAP domains:

  • Competence of the Six Major Domains of the Information Systems Security Architecture Professional (ISSAP) Concentration
  • Consultative and Analytical Process of Information Security
  • Key Concepts and Requirements
  • The Framework of Architecture and Design
  • The Six Domains of the CISSP-ISSAP CBK
  • Access Control Systems and Methodology
  • Critical Requirements
  • Physical Infrastructure
  • Cryptography
  • Cryptographic Methodologies
  • Communication, Compromise, and Misuse
  • Physical Security Integration
  • Physical Security and Personnel Controls
  • Information Systems Security Model
  • Requirements Analysis and Security Standards
  • Awareness of Threats
  • Identification of the Risks and Values of Data
  • Business Continuity Planning (BCP)
  • Disaster Recovery Planning (DRP)
  • Telecommunications and Network Security
 

This teaching will be supported by discussion sessions and exercises to help you understand and master the material. There will also be final exam preparation and the chance to try practice questions.

Show moredown

Who should attend this CISSP-ISSAP Training Course?

CISSP-ISSAP is aimed at CISSP holders who wish to demonstrate their knowledge of Systems Security Architecture. It is ideal for:

  • System Architects
  • Chief Technology Officers
  • System and Network Designers
  • Business Analysts
  • Chief Security Officers

Prerequisites

The course itself has no prerequisites, but the certification does.
To receive CISSP-ISSAP certification, you must hold the CISSP certification in good standing and must possess two years cumulative, paid work experience in one or more of the six CISSP-ISSAP domains.

CISSP-ISSAP Training & Certification Overview

This CISSP-ISSAP course is designed as a rigorous preparation for the CISSP-ISSAP exam. The 4-day course reviews all six practice areas of exam as drawn from the (ISC)² Common Body of Knowledge (CBK), providing a complete revision programme for those wishing to receive ISSAP certification. It also includes knowledge assessments, discussions, exercises, practical questions, and more.

Show moredown

What's included in this CISSP-ISSAP Training Course?

The following is included with this training course:

  • The Knowledge Academy's CISSP-ISSAP Training & Certification Manual
  • Experienced Instructor 
  • Completion Certificate
  • Refreshments

CISSP-ISSAP Training & Certification Exam

This course does not include the CISSP-ISSAP exam; it must be booked separately through Pearson VUE. The exam tests knowledge across the six CISSP-ISSAP domains. It consists of 125 questions and lasts 3 hours. It is marked on a 1000 point scale and the pass mark is 700 out of 1000.

 

Show moredown

Online Instructor-led (3 days)

Classroom (3 days)

Online Self-paced (24 hours)

Chief Information Security Officer Training​ Course Outline

Module 1: Governance and Risk Management

  • Governance
  • Information Security Management Structure
  • Principles of Information Security
  • Risk Management
  • Management and Technical Information Security Elements
  • Compliance
  • Privacy
    • Privacy Impact Assessment
    • Privacy and Security
  • Laws and Regulatory Drivers
  • Standards and Frameworks
    • ISO/IEC 27000 Series
    • ISO/IEC 27001
    • NIST Cybersecurity Framework
    • Federal Information Processing Standards
    • NIST Special Publications
    • Privacy Shield
    • COBIT
  • Information Security Trends and Best Practices
    • Open Web Application Security Project
    • Cloud Security Alliance
    • Centre for Internet Security
  • Information Security Training and Certifications
  • Ethics

Module 2: Information Security Controls, Compliance, and Audit Management

  • Information Security Controls
    • Control Fundamentals
    • Control Frameworks
  • Information Security Control Life Cycle Frameworks
    • NIST Risk Management Framework
    • NIST Cybersecurity Framework
    • ISO/IEC 27000
  • Information Security Control Life Cycle
    • Risk Assessment
    • Design
    • Implementation
    • Assessment
    • Monitoring
  • Exploring Information Security Control Frameworks
  • Auditing for the CISO
    • Audit Management
    • Audit Process
    • Control Self-Assessments
    • Continuous Auditing
    • Specific Types of Audits and Assessments

Module 3: Security Programme Management and Operations

  • Security Programme Management
    • Security Areas of Focus
    • Security Streams of Work
    • Asset Security Management
    • Security Projects
  • Security Programme Budgets, Finance, and Cost Control
    • Establishing the Budget
    • Managing and Monitoring Spending
  • Security Programme Resource Management: Building the Security Team
    • Project Management
    • Project Management Fundamentals
  • Project Management
    • Phases of Project Management
    • Initiating
    • Planning
    • Executing
    • Monitoring and Controlling
    • Closing

Module 4: Information Security Core Competencies

  • Malicious Software and Attacks
    • Malware
    • Scripting and Vulnerability – Specific Attacks
  • Social Engineering
    • Types of Social Engineering Attacks
    • Why Employees Are Susceptible to Social Engineering
    • Social Engineering Defences
  • Asset Security
    • Asset Inventory and Configuration
    • Management
    • Secure Configuration Baselines
    • Vulnerability Management
    • Asset Security Techniques
  • Data Security
    • Data at Rest
    • Data in Transit
    • Data in Use
    • Data Life Cycle
  • Identity and Access Management
    • Identity and Access Management Fundamentals
    • Identity Management Technologies
    • Authentication Factors and Mechanisms
    • Access Control Principles
    • Access Control Models
    • Access Control Administration
    • Identity and Access Management Life Cycle
  • Communication and Network Security
    • WANs and LANs
    • IP Addressing
    • Network Address Translation
    • Network Protocols and Communications
    • Wireless
    • Network Technologies and Defences
  • Cryptography
    • Cryptographic Definitions
    • Cryptographic Services
    • Symmetric, Asymmetric, and Hybrid Cryptosystems
    • Hash Algorithm s
    • Message Authentication Codes
    • Digital Signatures
    • Public Key Infrastructure
  • Cloud Security
    • Cloud Computing Characteristics
    • Cloud Deployment Models
    • Cloud Service Models
    • Cloud Security Risks and Assurance Levels
    • Cloud Security Resources
  • Physical Security
    • Physical Security Threats
    • Physical Security Programme Planning
    • Physical Security Resources
    • Physical Security Controls
    • Physical Security Auditing and Measurement
  • Personnel Security
    • Software Development Security
    • Integrating Security into the SDLC
    • Security SDLC Roles and Responsibilities
    • Software Vulnerabilities
    • Secure Coding Practices
    • Software Vulnerability Analysis and Assessments
  • Forensics, Incident Handling, and Investigations
    • Relevant Law
    • Logging and Monitoring
    • Incident Response and Investigations
    • Forensics and Digital Evidence
  • Security Assessment and Testing
    • Vulnerability Assessments
    • Penetration Testing
    • Regulatory Compliance Assessments
    • Security Programme Assessments
  • Business Continuity and Disaster Recovery
    • Continuity Planning Initiation
    • Business Impact Analysis
    • Identify Preventive Controls
    • Develop Recovery Strategies and Solutions
    • Develop the Plan
    • Test the Plan
    • Maintain the Plan

Module 5: Strategic Planning, Finance, Procurement, and Vendor Management

  • Strategic Planning
    • Organisational Strategic Planning
    • Organisational Strategic Planning Teams
    • Strategic Planning Process
    • Security Strategic Plan
  • Making Security Decisions
  • Financial Management
    • Accounting and Finance Basics
    • Information Security Annual Budget
  • Procurement and Vendor Management
    • Procurement Core Principles and Processes
    • Types of Contracts
    • Scope Agreements
    • Third-Party Vendor Risk Management

Show moredown

Prerequisites

In this Chief Information Security Officer (CISO) Training course, there are no formal prerequisites.

Audience

This Chief Information Security Officer (CISO) Training is designed for anyone who wants to reach a top-level position in the information security profession. However, this course is more beneficial for Information Security Officers and Digital Security Managers.

Chief Information Security Officer Training​ Course Overview

Chief Information Security Officer (CISO) is a high-rank executive who creates and executes security programmes to assure that organisation's technologies and data are secured from external and internal threats. A CISO (Chief Information Security Officer) can take on various responsibilities and duties depending on the hierarchy, size, industry, and regulations suitable to the organisation. Organisations that have a Chief Information Security Officer realise many benefits like reduced risks and limited liability issues. So, individuals holding great skills, knowledge, and abilities to perform the duties of Chief Information Security Officer are highly in demand by the various multinational organisations.

This 3-day Chief Information Security Officer Training course aims to provide delegates with a comprehensive knowledge of Information Security Officer roles and responsibilities. During this course, delegates will learn about assessing and monitoring information security control life cycle. They will also learn about the information security controls, cryptography, physical security, security SDLC roles and responsibilities, organisational strategic planning, etc. Our highly professional trainer with years of experience in teaching information security courses will conduct this training course and help delegates get a complete understanding of CISO's roles and responsibilities.

This training will also cover the following concepts:

  • Information security management structure
  • Life cycle frameworks of information security control
  • Information security core competencies
  • Identity and access management life cycle
  • Communication and network security
  • Business continuity and disaster recovery
  • Financial management

At the end of this Chief Information Security Officer Training course, delegates will be able to use various principles and structures to manage information security effectively. They will be able to effectively access the management life cycle and deal with clients using different management technologies. They will also be able to use various network security technologies to secure the organisation's data.

Show moredown

  • Delegate pack consisting of course notes and exercises
  • Manual
  • Experienced Instructor

Show moredown

Not sure which course to choose?

Speak to a training expert for advice if you are unsure of what course is right for you. Give us a call on 01344 203999 or Enquire.

Package deals

Our training experts have compiled a range of course packages to compliment a variety of categories in order to help fast track your career. The packages consist of the best possible qualifications in each industry and allows you to purchase multiple courses at a discounted rate.

Swipe for more. Don’t miss out!

What our customers are saying

Frequently asked questions

FAQ's

We offer CISSP training courses in locations all over the UK, as well as abroad. We make it easy to find a training venue near you!
No, this CISSP training course does not include the exam. The exam will have to be booked separately through (ISC)2.
Yes. Once you pass the CISSP exam, you become an associate of (ISC)2, then you will have up to six years to gain the relevant experience needed to officially become a CISSP.
An (ISC)2 CISSP certification is valid for three years in total. It is possible to retake the course and exam, or you can earn and submit 120 Continuing Professional Education credits (CPEs) during the three years.
CPE credits are earned by participating in Continuing Professional Education activities. To maintain certifications, you can earn and submit the minimum number of credits required to maintain your certification. The minimum number of CPE credits required to maintain the validity of a CISSP certification is 120 over three years.
Please see our CISSP Training courses available in the United Kingdom
The Knowledge Academy is the Leading global training provider in the world for CISSP Training.
The price for CISSP Training certification in the United Kingdom starts from £.

Why we're the go to training provider for you

icon

Best price in the industry

You won't find better value in the marketplace. If you do find a lower price, we will beat it.

icon

Trusted & Approved

We are accredited by PeopleCert on behalf of AXELOS

icon

Many delivery methods

Flexible delivery methods are available depending on your learning style.

icon

High quality resources

Resources are included for a comprehensive learning experience.

barclays Logo
deloitte Logo
Thames Water Logo

"Really good course and well organised. Trainer was great with a sense of humour - his experience allowed a free flowing course, structured to help you gain as much information & relevant experience whilst helping prepare you for the exam"

Joshua Davies, Thames Water

santander logo
bmw Logo
Google Logo
Shell Logo

"...the trainer for this course was excellent. I would definitely recommend (and already have) this course to others."

Diane Gray, Shell