S-ISFInformation Security Foundation certification
About the course
Information Security Foundation (ISF) provides you with a comprehensive introduction to information security management. The course covers a wide range of topics, from fundamental security concepts and terminology to effective information security controls.
During the course, you will familiarise yourself with ISO 27001, the most widely used information security standard that provides requirements for implementing and continually improving an information security management system (ISMS). You will understand what focus areas information security needs to address to ensure appropriate protection against information security threats. With the help of ISO 27001 and its supporting code of practice, ISO 27002, you will gain insight into commonly accepted information security controls. At the end of the course, you will communicate with confidence about information security topics. You will have a good understanding of information security risks, and you will be able to link them with best-practice physical, organisational and technical information security measures.
ISF gives you a solid grounding in information security management principles. The knowledge you build up in this course enables you to follow our Practitioner training and try your hand at complex implementation tasks, such as performing an information security risk assessment and designing an information security awareness program.
- Learn how to use ISO 27001 and 27002 to build an information security management system (ISMS);
- Get an in-depth overview of information security threats and controls with insights from real-world security experts;
- Prepare for your certification assessment with a free sample exam.
This is an entry-level course. No previous knowledge or experience is required.
The course is suitable for absolute beginners with a basic knowledge of computers and technology. If you already have a good understanding of information security management principles and you are interested in practicing a Security Officer’s tasks, we advise you to register for the Practitioner level.
About the certificate
Core information security skills you will validate with your SECO-ISF (S-ISF) certificate
Information Security Foundation equips you with the knowledge and skills you need to lay the foundations of your security education and career.
By passing the ISF certification exam and earning a SECO-Information Security Foundation (S-ISF) certificate, you demonstrate your ability to
- Adopt a holistic approach to information security;
- Understand fundamental security and risk management concepts;
- Understand quality improvement cycles and their importance for management systems;
- Understand and apply the main objectives of information security (confidentiality, integrity and availability or ‘the CIA triad’);
- Understand the importance and scope of influence of information security;
- Understand the importance of effective information security governance;
- Understand information security roles and responsibilities;
- Describe common information security threats and identify effective preventive, detective, repressive and corrective countermeasures;
- Describe best-practice physical, technical and organisational security measures;
- Grasp the basics of information security incident management;
- Understand the relationship between information security and business continuity management;
- Understand legal and regulatory requirements relevant to information security.
What are the benefits of an S-ISF certificate?
In a world where information is key to any successful business, demonstrable information security awareness and knowledge can considerably improve your career prospects.
If you have a general IT background and you would like to transition to information security management, S-ISF is a sure way to set yourself on the path. The certification validates your ability to approach information security from an executive management point of view, and provides you with a sufficient basis for following more advanced security management trainings. Depending on your interests and background, S-ISF may be your first step towards a career as an information security manager, a cybersecurity consultant, or an information risk manager.
If you work with information in any other field, ISF is an excellent means to give yourself a competitive advantage over your fellow professionals and improve your career prospects. With cyberattacks and data breaches becoming more frequent, employers attach greater importance to their employees’ information security awareness. An ISF certificate demonstrates to potential employers that you have a responsible attitude to information security.
Who should certify?
S-ISF is intended for all those who have a general interest in protecting systems and networks against information security threats and raising security awareness across their organisation.
The course and the certificate are ideal for you, if
- You are a system or network administrator, programmer or security analyst with ambitions to start a career in information security or cybersecurity management;
- You would like to enhance your value to employers by demonstrating a high degree of security awareness;
- You are a start-up founder or an SME owner, and you wish to remain competitive in a digital ecosystem.
How to prepare for the certification exam?
You can prepare for your certification exam by taking a course or by self-study.
We offer classroom training through our accredited education partners. To find a course in your country, visit the Get Trained page.
If you prefer to prepare by self-study, make sure that you fully understand the requirements before you book your exam. Download the exam syllabus and the sample exam to familiarise yourself with the structure and topic areas of the certification exam.
How to book a certification exam?
You can take your certification exam at an accredited exam centre or online.
For more information on the exam, please refer to the SECO Examination Guide.
S-ISF certificate and digital badge
Upon successful completion of a SECO Information Security Foundation certification exam, you will receive the S-ISF certification title and a digital badge. Your credentials will grant you a one-year SECO membership. After your certification expires, you will have the option to re-certify by paying a small fee.
For more information on the certification process, please refer to the SECO Certifications Guide.