Information Security Foundation

Information Security Foundation course

Live online instructor-led 18 and 19 June

About the course

nformation Security Foundation (ISF) provides you with a comprehensive introduction to information security management. The course covers a wide range of topics, from fundamental security concepts and terminology to effective information security controls.

During the course, you will familiarise yourself with ISO 27001, the most widely used information security standard that provides requirements for implementing and continually improving an information security management system (ISMS). You will understand what focus areas information security needs to address to ensure appropriate protection against information security threats. With the help of ISO 27001 and its supporting code of practice, ISO 27002, you will gain insight into commonly accepted information security controls. At the end of the course, you will communicate with confidence about information security topics. You will have a good understanding of information security risks, and you will be able to link them with best-practice physical, organisational and technical information security measures.

ISF gives you a solid grounding in information security management principles. The knowledge you build up in this course enables you to follow our Practitioner training and try your hand at complex implementation tasks, such as performing an information security risk assessment and designing an information security awareness program.

  • Learn how to use ISO 27001 and 27002 to build an information security management system (ISMS);
  • Get an in-depth overview of information security threats and controls with insights from real-world security experts;
  • Prepare for your certification assessment with a free sample exam.


This is an entry-level course. No previous knowledge or experience is required.

The course is suitable for absolute beginners with a basic knowledge of computers and technology. If you already have a good understanding of information security management principles and you are interested in practicing a Security Officer’s tasks, we advise you to register for the Practitioner level.

About the certificate

Core information security skills you will validate with your SECO-ISF (S-ISF) certificate

Information Security Foundation equips you with the knowledge and skills you need to lay the foundations of your security education and career.

By passing the ISF certification exam and earning a SECO-Information Security Foundation (S-ISF) certificate, you demonstrate your ability to

  • Adopt a holistic approach to information security;
  • Understand fundamental security and risk management concepts;
  • Understand quality improvement cycles and their importance for management systems;
  • Understand and apply the main objectives of information security (confidentiality, integrity and availability or ‘the CIA triad’);
  • Understand the importance and scope of influence of information security;
  • Understand the importance of effective information security governance;
  • Understand information security roles and responsibilities;
  • Describe common information security threats and identify effective preventive, detective, repressive and corrective countermeasures;
  • Describe best-practice physical, technical and organisational security measures;
  • Grasp the basics of information security incident management;
  • Understand the relationship between information security and business continuity management;
  • Understand legal and regulatory requirements relevant to information security.

What are the benefits of an S-ISF certificate?

In a world where information is key to any successful business, demonstrable information security awareness and knowledge can considerably improve your career prospects.

If you have a general IT background and you would like to transition to information security management, S-ISF is a sure way to set yourself on the path. The certification validates your ability to approach information security from an executive management point of view, and provides you with a sufficient basis for following more advanced security management trainings. Depending on your interests and background, S-ISF may be your first step towards a career as an information security manager, a cybersecurity consultant, or an information risk manager.

If you work with information in any other field, ISF is an excellent means to give yourself a competitive advantage over your fellow professionals and improve your career prospects. With cyberattacks and data breaches becoming more frequent, employers attach greater importance to their employees’ information security awareness. An ISF certificate demonstrates to potential employers that you have a responsible attitude to information security.

Who should certify

S-ISF is intended for all those who have a general interest in protecting systems and networks against information security threats and raising security awareness across their organisation.

The course and the certificate are ideal for you, if

  • You are a system or network administrator, programmer or security analyst with ambitions to start a career in information security or cybersecurity management;
  • You would like to enhance your value to employers by demonstrating a high degree of security awareness;
  • You are a start-up founder or an SME owner, and you wish to remain competitive in a digital ecosystem.


  • Exam language: English
  • Type of exam: online exam (you must reserve this exam yourself)
  • Type of questions: 40 multiple choice questions
  • Exam time: 60 minutes

Course date, time and price

  • Course dates: 18 and 19 June
  • Course times:  10am – 5pm CEST
  • Virtual Online, including exam and courseware
  • Language: English
  • Price: 950 Euro, excluding VAT (region 1)

What is included?

  • Digital Courseware
  • One exam attempt
  • One year free membership of the (S)ECO-System professional community

Enrol for the course at 18 June