Information Security Certification Track

Your learning path to becoming a Certified Information Security Officer (CISO)

Our Information Security Certification Track is a four-level certification program tailored for those who would like to start a career in information security and advance to a senior information security or cybersecurity management role.

The program was developed by experienced CISOs based on European laws, regulations and best practices. It has been adopted by large banks and government organisations, and it has trained many talented professionals who are now pursuing a rewarding career in the security industry.

From Foundation to Expert level, the program addresses all the core competencies you need to establish yourself as an information security professional and succeed at the highest levels of information security management. As you evolve through the certification levels, you will gain in-depth knowledge of information security risks and protections, and you will develop the management skills necessary to oversee and guide your organisation’s overall security efforts. Ultimately, you will become a Certified Information Security Officer able to implement and improve an enterprise-wide information security program.

Certification levels

From Foundation to Expert, each certification level comprises a practice-oriented training course and a certification exam.

Each certification exam tests the knowledge and industry-established competencies covered in the corresponding course.

Attending a course is not a prerequisite for taking a certification exam.

Information Security Foundation


Information Security Foundation is an entry-level course designed to provide you with a strong basic knowledge of information security. Following this course, you will understand the fundamental principles of information security management, and you will gain extensive insight into information security threats and protections.

By earning a SECO-Information Security Foundation (S-ISF) certificate, you demonstrate a high level of information security awareness and an in-depth understanding of information security management terminology, concepts and principles.

Information Security Practitioner

Information Security Practitioner prepares you for the practical implementation of information security management principles and leadership. In this course, you obtain an advanced overview of the human, organisational and technical aspects of information security and ISMS implementation. The course is rich with hands-on assignments that ready you for performing a Security Officer’s tasks.

A SECO-Information Security Practitioner (S-ISP) certificate validates your ability to draft an ISO 27001 implementation plan, to perform an information security risk assessment, to design an information security awareness program, and much more.

Information Security Management Expert

Information Security Management Expert (ISME) was developed for ambitious security professionals who are looking to advance their security career to the executive level. The course equips you with the knowledge and skills you need to develop, implement and govern an information security program and provide security guidance to senior management.

A SECO-Information Security Management Expert Certificate (S-ISME) attests that you possess the strategic management, policy development, planning, financial and supervisory skills you need to become a successful information security leader.


Certified Information Security Officer is a step above Information Security Management Expert. In addition to an excellent understanding of information security management principles and practices, SECO-Certified Information Security Officers (S-CISO title holders) must demonstrate the ability to design, implement and operate an enterprise-wide information security program.

To qualify for a Certified Information Security Officer certificate, you need to have expert knowledge of information security and at least three years of work experience in an information security or cybersecurity role.

If you already have a high-level information security certificate and the required work experience, and you would like to enhance your profile with an internationally recognised credential, you can apply for your S-CISO title here:  [email protected]

The certificate will be awarded upon a thorough assessment of your CV and professional achievements. Professional achievements may include completed information security projects, training activities and publications.

Practice environment


Bicsma is a fictive beverage manufacturer, a unique simulated company environment created by the SECO-Institute to bridge the gap between theory and practice. Bicsma allows us to put our stories in an authentic context, to challenge our students’ problem solving skills, and to enrich our material with appealing images. Bicsma has a website, an intranet, an IT-Security policy, a group of employees with little to no security awareness… and, most importantly, very diverse problems you can solve by employing your knowledge, talent and creativity.