Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.



Press esc to close

close close

Back to course information

Thank you for your enquiry!

One of our training experts will be in touch shortly to go overy your training requirements.

close close

Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.

CISSP Training

Online Instructor-led (5 days)

Online Self-paced (40 hours)

Certified Information Systems Security Professional Course Outline

Domain 1: Security and Risk Management

  • Understand and Apply Security Concepts
  • Evaluate and Apply Security Governance Principles
  • Determine Compliance and Other Requirements
  • Legal and Regulatory Issues that Pertain to Information Security in a Global Context
  • Requirements for Investigation Types
  • Develop, Document, and Implement Security Policy, Standards, Procedures, and Guidelines
  • Identify, Analyse, and Prioritise Business Continuity (BC) Requirements
  • Contribute to and Enforce Personnel Security Policies and Procedures
  • Understand and Apply Risk Management Concepts
  • Understand and Apply Threat Modelling Concepts and Methodologies
  • Apply Supply Chain Risk Management (SCRM) Concepts
  • Establish and Maintain a Security Awareness, Education, and Training Program

Domain 2: Asset Security

  • Identify and Classify Information and Assets
  • Establish Information and Asset Handling Requirements
  • Provision Resources Securely
  • Manage Data Lifecycle
  • Ensure Appropriate Asset Retention
  • Data Security Controls and Compliance Requirements

Domain 3: Security Architecture and Engineering

  • Research, Implement, and Manage Engineering Processes Using Secure Design Principles
  • Fundamental Concepts of Security Models
  • Select Controls Based Upon Systems Security Requirements
  • Security Capabilities of Information Systems
  • Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements
  • Cryptographic Life Cycle
  • Methods of Cryptanalytic Attacks
  • Apply Security Principles to Site and Facility Design
  • Design Site and Facility Security Controls

Domain 4: Communication and Network Security

  • Implement Secure Design Principles in Network Architectures
  • Secure Network Components
  • Implement Secure Communication Channels According to Design

Domain 5: Identity and Access Management (IAM)

  • Control Physical and Logical Access to Assets
  • Manage Identification and Authentication of People, Devices, and Services
  • Integrate Identity as a Third-Party Service
  • Implement and Manage Authorisation Mechanisms
  • Manage the Identity and Access Provisioning Lifecycle
  • Implement Authentication Systems

Domain 6: Security Assessment and Testing

  • Design and Validate Assessment, Test, and Audit Strategies
  • Conduct Security Control Testing
  • Collect Security Process Data
  • Analyse Test Output and Generate Report
  • Conduct or Facilitate Security Audits

Domain 7: Security Operations

  • Understand and Support Investigations
  • Requirements for Investigation Types
  • Conduct Logging and Monitoring Activities
  • Securely Provisioning Resources
  • Understand and Apply Foundational Security Operations Concepts
  • Apply Resource Protection Techniques
  • Conduct Incident Management
  • Operate and Maintain Detective and Preventative Measures
  • Implement and Support Patch and Vulnerability Management
  • Participate in Change Management Processes
  • Implement Recovery Strategies

Domain 8: Software Development Security

  • Integrate Security in the Software Development Life Cycle (SDLC)
  • Identify and Apply Security Controls in Development Environments
  • Assess the Effectiveness of Software Security
  • Assess Security Impact of Acquired Software
  • Define and Apply Secure Coding Guidelines and Standards

Show moredown

Prerequisites for CISSP Certification Course

There are no formal prerequisites in this Certified Information Systems Security Professional (CISSP) course. However, having prior knowledge of IS Security will be much more beneficial for delegates.

Who should attend this CISSP Certification course?

This Certified Information Systems Security Professional (CISSP) training course is suitable for anyone who wants to gain in-depth knowledge about IS Security. However, this course will be more beneficial for:

  • Chief Information Security Officers
  • Chief Security Officers
  • Senior Security Engineers
  • Security Consultants
  • Security Managers
  • Security Auditors
  • Security Architects
  • Network Architects

Certified Information Systems Security Professional Course Overview

CISSP (Certified Information Systems Security Professional) is an information security certification. It is a vendor-neutral standard to validate the technical skills and knowledge of the IT security professionals for implementing and managing a security program. Information Systems Security (InfoSec) refers to the methodologies and processes associated with saving information private, available, and ensuring its integrity. With great InfoSec, an organisation can reduce their risk of external and internal attacks on information technology systems. Organisations can also guard important data from cyber-attacks, assure business continuity, and give all stakeholders satisfaction by preserving confidential information secure from security threats. This training will help learners add skills to their profile, which will help them climb the ladder of success in terms of value and career opportunities.   

Our 5-day Certified Information Systems Security Professional (CISSP) Training course aims to provide delegates with a comprehensive knowledge of IS Security. During this course, delegates will learn about various essential topics such as managing data lifecycle, cryptographic lifecycle, securing network components, collecting security process data, applying resource protection techniques, and many more. Our highly professional trainer with years of experience in teaching such courses will conduct this training course and will help you get a complete understanding of this course.

This training will also cover the following concepts:

  • Requirements for investigation types
  • Ensure appropriate asset retention
  • Methods of cryptanalytic attacks
  • Integrate identity as a third-party service
  • Analyse test output and generate the report
  • Securely provisioning resources
  • Software development security

At the end of this Certified Information Systems Security Professional (CISSP) Training course, delegates will be able to integrate security in the Software Development Life Cycle (SDLC) effectively. They will also be able to implement secure communication channels properly according to the design.

The Knowledge Academy also provides more such courses, including ISSAP Training & Certification and Chief Information Security Officer Training under CISSP Training that can help you develop essential skills to enhance your career opportunities in this field.

Show moredown

What's included in this CISSP Certification Training Course?

This CISSP course will include: 

  • Exam Pass Guarantee
  • Course Completion Certificate
  • Experienced Instructor
  • Refreshments 


Show moredown

Online Instructor-led (4 days)

Online Self-paced (32 hours)

CISSP-ISSAP Training & Certification Outline

The bulk of the course will consist of reviews of the material from each of the six CISSP-ISSAP domains:

  • Competence of the Six Major Domains of the Information Systems Security Architecture Professional (ISSAP) Concentration
  • Consultative and Analytical Process of Information Security
  • Key Concepts and Requirements
  • The Framework of Architecture and Design
  • The Six Domains of the CISSP-ISSAP CBK
  • Access Control Systems and Methodology
  • Critical Requirements
  • Physical Infrastructure
  • Cryptography
  • Cryptographic Methodologies
  • Communication, Compromise, and Misuse
  • Physical Security Integration
  • Physical Security and Personnel Controls
  • Information Systems Security Model
  • Requirements Analysis and Security Standards
  • Awareness of Threats
  • Identification of the Risks and Values of Data
  • Business Continuity Planning (BCP)
  • Disaster Recovery Planning (DRP)
  • Telecommunications and Network Security

This teaching will be supported by discussion sessions and exercises to help you understand and master the material. There will also be final exam preparation and the chance to try practice questions.

Show moredown

Who should attend this CISSP-ISSAP Training Course?

CISSP-ISSAP is aimed at CISSP holders who wish to demonstrate their knowledge of Systems Security Architecture. It is ideal for:

  • System Architects
  • Chief Technology Officers
  • System and Network Designers
  • Business Analysts
  • Chief Security Officers


The course itself has no prerequisites, but the certification does.
To receive ISSAP certification, you must hold the CISSP certification in good standing and must possess two years cumulative, paid work experience in one or more of the six CISSP-ISSAP domains.

CISSP-ISSAP Training & Certification Overview

This CISSP-ISSAP course is designed as a rigorous preparation for the ISSAP exam. The 4-day course reviews all six practice areas of exam as drawn from the (ISC)² Common Body of Knowledge (CBK), providing a complete revision programme for those wishing to receive ISSAP certification. It also includes knowledge assessments, discussions, exercises, practical questions, and more.

Show moredown

What's included in this CISSP-ISSAP Training Course?

The following is included with this course:

  • The Knowledge Academy's CISSP-ISSAP Training & Certification Manual
  • Experienced Instructor 
  • Completion Certificate
  • Refreshments

CISSP-ISSAP Training & Certification Exam

This course does not include the ISSAP exam; it must be booked separately through Pearson VUE. The exam tests knowledge across the six CISSP-ISSAP domains. It consists of 125 questions and lasts 3 hours. It is marked on a 1000 point scale and the pass mark is 700 out of 1000.


Show moredown

Online Instructor-led (3 days)

Online Self-paced (24 hours)

Chief Information Security Officer Training​ Course Outline

Module 1: Governance and Risk Management

  • Governance
  • Information Security Management Structure
  • Principles of Information Security
  • Risk Management
  • Management and Technical Information Security Elements
  • Compliance
  • Privacy
    • Privacy Impact Assessment
    • Privacy and Security
  • Laws and Regulatory Drivers
  • Standards and Frameworks
    • ISO/IEC 27000 Series
    • ISO/IEC 27001
    • NIST Cybersecurity Framework
    • Federal Information Processing Standards
    • NIST Special Publications
    • Privacy Shield
    • COBIT
  • Information Security Trends and Best Practices
    • Open Web Application Security Project
    • Cloud Security Alliance
    • Centre for Internet Security
  • Information Security Training and Certifications
  • Ethics

Module 2: Information Security Controls, Compliance, and Audit Management

  • Information Security Controls
    • Control Fundamentals
    • Control Frameworks
  • Information Security Control Life Cycle Frameworks
    • NIST Risk Management Framework
    • NIST Cybersecurity Framework
    • ISO/IEC 27000
  • Information Security Control Life Cycle
    • Risk Assessment
    • Design
    • Implementation
    • Assessment
    • Monitoring
  • Exploring Information Security Control Frameworks
  • Auditing for the CISO
    • Audit Management
    • Audit Process
    • Control Self-Assessments
    • Continuous Auditing
    • Specific Types of Audits and Assessments

Module 3: Security Programme Management and Operations

  • Security Programme Management
    • Security Areas of Focus
    • Security Streams of Work
    • Asset Security Management
    • Security Projects
  • Security Programme Budgets, Finance, and Cost Control
    • Establishing the Budget
    • Managing and Monitoring Spending
  • Security Programme Resource Management: Building the Security Team
    • Project Management
    • Project Management Fundamentals
  • Project Management
    • Phases of Project Management
    • Initiating
    • Planning
    • Executing
    • Monitoring and Controlling
    • Closing

Module 4: Information Security Core Competencies

  • Malicious Software and Attacks
    • Malware
    • Scripting and Vulnerability – Specific Attacks
  • Social Engineering
    • Types of Social Engineering Attacks
    • Why Employees Are Susceptible to Social Engineering
    • Social Engineering Defences
  • Asset Security
    • Asset Inventory and Configuration
    • Management
    • Secure Configuration Baselines
    • Vulnerability Management
    • Asset Security Techniques
  • Data Security
    • Data at Rest
    • Data in Transit
    • Data in Use
    • Data Life Cycle
  • Identity and Access Management
    • Identity and Access Management Fundamentals
    • Identity Management Technologies
    • Authentication Factors and Mechanisms
    • Access Control Principles
    • Access Control Models
    • Access Control Administration
    • Identity and Access Management Life Cycle
  • Communication and Network Security
    • WANs and LANs
    • IP Addressing
    • Network Address Translation
    • Network Protocols and Communications
    • Wireless
    • Network Technologies and Defences
  • Cryptography
    • Cryptographic Definitions
    • Cryptographic Services
    • Symmetric, Asymmetric, and Hybrid Cryptosystems
    • Hash Algorithm s
    • Message Authentication Codes
    • Digital Signatures
    • Public Key Infrastructure
  • Cloud Security
    • Cloud Computing Characteristics
    • Cloud Deployment Models
    • Cloud Service Models
    • Cloud Security Risks and Assurance Levels
    • Cloud Security Resources
  • Physical Security
    • Physical Security Threats
    • Physical Security Programme Planning
    • Physical Security Resources
    • Physical Security Controls
    • Physical Security Auditing and Measurement
  • Personnel Security
    • Software Development Security
    • Integrating Security into the SDLC
    • Security SDLC Roles and Responsibilities
    • Software Vulnerabilities
    • Secure Coding Practices
    • Software Vulnerability Analysis and Assessments
  • Forensics, Incident Handling, and Investigations
    • Relevant Law
    • Logging and Monitoring
    • Incident Response and Investigations
    • Forensics and Digital Evidence
  • Security Assessment and Testing
    • Vulnerability Assessments
    • Penetration Testing
    • Regulatory Compliance Assessments
    • Security Programme Assessments
  • Business Continuity and Disaster Recovery
    • Continuity Planning Initiation
    • Business Impact Analysis
    • Identify Preventive Controls
    • Develop Recovery Strategies and Solutions
    • Develop the Plan
    • Test the Plan
    • Maintain the Plan

Module 5: Strategic Planning, Finance, Procurement, and Vendor Management

  • Strategic Planning
    • Organisational Strategic Planning
    • Organisational Strategic Planning Teams
    • Strategic Planning Process
    • Security Strategic Plan
  • Making Security Decisions
  • Financial Management
    • Accounting and Finance Basics
    • Information Security Annual Budget
  • Procurement and Vendor Management
    • Procurement Core Principles and Processes
    • Types of Contracts
    • Scope Agreements
    • Third-Party Vendor Risk Management

Show moredown


In this Chief Information Security Officer (CISO) Training course, there are no formal prerequisites.


This Chief Information Security Officer (CISO) Training is designed for anyone who wants to reach a top-level position in the information security profession. However, this course is more beneficial for Information Security Officers and Digital Security Managers.

Chief Information Security Officer Training​ Course Overview

Chief Information Security Officer (CISO) is a high-rank executive who creates and executes security programmes to assure that organisation's technologies and data are secured from external and internal threats. A CISO (Chief Information Security Officer) can take on various responsibilities and duties depending on the hierarchy, size, industry, and regulations suitable to the organisation. Organisations that have a Chief Information Security Officer realise many benefits like reduced risks and limited liability issues. So, individuals holding great skills, knowledge, and abilities to perform the duties of Chief Information Security Officer are highly in demand by the various multinational organisations.

This 3-day Chief Information Security Officer Training course aims to provide delegates with a comprehensive knowledge of Information Security Officer roles and responsibilities. During this course, delegates will learn about assessing and monitoring information security control life cycle. They will also learn about the information security controls, cryptography, physical security, security SDLC roles and responsibilities, organisational strategic planning, etc. Our highly professional trainer with years of experience in teaching information security courses will conduct this training course and help delegates get a complete understanding of CISO's roles and responsibilities.

This training will also cover the following concepts:

  • Information security management structure
  • Life cycle frameworks of information security control
  • Information security core competencies
  • Identity and access management life cycle
  • Communication and network security
  • Business continuity and disaster recovery
  • Financial management

At the end of this Chief Information Security Officer Training course, delegates will be able to use various principles and structures to manage information security effectively. They will be able to effectively access the management life cycle and deal with clients using different management technologies. They will also be able to use various network security technologies to secure the organisation's data.

Show moredown

  • Delegate pack consisting of course notes and exercises
  • Manual
  • Experienced Instructor

Show moredown

Online Instructor-led (1 days)

Online Self-paced (8 hours)

Information Systems Security Management Training Course Outline

Module 1: Information Systems

  • Introduction to Information Systems
  • Components
  • Types
  • Acquiring Information Systems and Services
  • Managing Information Systems
  • Information Systems Security and Control
  • Impacts of Information Security Systems

Module 2: Information Security

  • What is Information Security?
  • Need
  • Information Security Triad
  • Threats
  • Active and Passive Attacks
  • Password Security
  • Virtual Private Networks
  • Personal Information Security

Module 3: Information Security Types

  • Application Security
  • Infrastructure Security
  • Cloud Security
  • Cryptography
  • Incident Response
  • Vulnerability Management
  • Disaster Recovery

Module 4: Major Challenges to Information Systems Security

  • Networked Systems
  • Asymmetry Between Defence and Offense
  • Ease-Of-Use Compromises
  • Perimeter Defence
  • Use of Cots Components
  • Threats Posed by Insiders
  • Passive Defence

Module 5: Common Information Security Risks

  • Social Engineering Attacks
  • Advanced Persistent Threats (APT)
  • Insider Threats
  • Cryptojacking
  • Distributed Denial of Service (DDoS)
  • Ransomware
  • Man-in-the-Middle (MitM) Attacks

Module 6: Information Security Technologies

  • Firewalls
  • Security Incident and Event Management (SIEM)
  • Data Loss Prevention (DLP)
  • Intrusion Detection System (IPS)
  • User Behavioural Analytics (UBA)
  • Blockchain Cybersecurity
  • Endpoint Detection and Response (EDR)
  • Cloud Security Posture Management (CSPM)

Show moredown


There are no formal prerequisites for attending this Information Systems Security Management Training.


This training is intended for everyone who wants to gain comprehensive knowledge of the practices to secure information over the internet.

Information Systems Security Management Training Course Overview

Information systems are a collection of interrelated components that work together to gather, analyse, store, and distribute information to aid organisational visualisation, collaboration, decision-making, and analysis. The main purpose of this training is to safeguard information, discover or correct security flaws, and document such incidents. Obtaining knowledge in this training will assist aspiring candidates with the methods to mitigate risks associated with information systems, significant challenges faced while managing those systems, and common security risks that can harm confidential data. Individuals with technical expertise and management skills will get high-profile designations with upgraded earnings.

This 1-day Information Systems Security Management Training course provides delegates with comprehensive knowledge of information systems and how to secure them. During this training, delegates will learn about cloud security to secure the data stored in the cloud. They will also learn about the cryptography methodology used to secure information through codes. Our highly skilled and professional trainer, with years of teaching experience, will conduct this training through their unique teaching methods.

Course Objectives

  • To prevent unauthorised access and destruction of the information
  • To maintain accuracy and completeness of the data through integrity
  • To verify the user for the input arriving at the destination from a trusted source
  • To trace the actions of an entity uniquely to that entity through accountability
  • To encrypt connection over the internet from a device to a network
  • To access a safe and secure way to connect users and devices remotely

At the end of this training course, delegates will be able to manage risks and ensure compliance with the information security policies. They will also be able to convert original text and information into code to encrypt it from intruders.

Show moredown

  • Delegate pack consisting of course notes and exercises
  • Courseware
  • Experienced Instructor


Show moredown

Not sure which course to choose?

Speak to a training expert for advice if you are unsure of what course is right for you. Give us a call on +44 1344 203999 or Enquire.

Package deals

Our training experts have compiled a range of course packages to compliment a variety of categories in order to help fast track your career. The packages consist of the best possible qualifications in each industry and allows you to purchase multiple courses at a discounted rate.

Swipe for more. Don’t miss out!

CISSP Training FAQs


We offer CISSP training courses in locations all over the UK, as well as abroad. We make it easy to find a training venue near you!
No, this CISSP training course does not include the exam. The exam will have to be booked separately through (ISC)2.
Yes. Once you pass the CISSP exam, you become an associate of (ISC)2, then you will have up to six years to gain the relevant experience needed to officially become a CISSP.
An (ISC)2 CISSP certification is valid for three years in total. It is possible to retake the course and exam, or you can earn and submit 120 Continuing Professional Education credits (CPEs) during the three years.
CPE credits are earned by participating in Continuing Professional Education activities. To maintain certifications, you can earn and submit the minimum number of credits required to maintain your certification. The minimum number of CPE credits required to maintain the validity of a CISSP certification is 120 over three years.
Please see our CISSP Training courses available in Philippines
The Knowledge Academy is the Leading global training provider for CISSP Training.
The price for CISSP Training certification in Philippines starts from $.

Why we're the go to training provider for you


Best price in the industry

You won't find better value in the marketplace. If you do find a lower price, we will beat it.


Trusted & Approved

We are accredited by PeopleCert on behalf of AXELOS


Many delivery methods

Flexible delivery methods are available depending on your learning style.


High quality resources

Resources are included for a comprehensive learning experience.

barclays Logo
deloitte Logo
Thames Water Logo

"Really good course and well organised. Trainer was great with a sense of humour - his experience allowed a free flowing course, structured to help you gain as much information & relevant experience whilst helping prepare you for the exam"

Joshua Davies, Thames Water

santander logo
bmw Logo
Google Logo