Information Security Foundation course

3 days, 4.5 hours a day

Fundamental understanding of information security and a comprehensive introduction to information security management 

Information Security Foundation (ISF) provides a comprehensive understanding of information security and risk management. Participants will learn about the importance of information security and how to integrate risk management into their organization’s plans and governance. The course covers strategies to mitigate human, organizational, and technological risks. By the end of the course, participants will be equipped to protect sensitive information, ensure compliance, and foster a security-conscious culture within their organization.

This Foundation training is the first level of SECO’s unique complete information security training & certification track. It readies you for the Practitioner level (Information Security Officer-level training with hands-on policy development, risk assessment, awareness planning, standard implementation and post-audit improvement planning exercises). The track culminates in an Expert – CISO training focused on strategic information security leadership.

Authors & Lead Trainers

Lies Alderlieste-de Wit
Author & Trainer

CISO at Stater

Chris Wauters
Author & Trainer

Security Transition Manager,
Agile & Security Leadership

Koen Maris
Advisory Board

Cyber Security Leader
at PwC Luxembourg

Michael Garceau

Senior Risk Manager,
Founder CipherQuest

Mario Procopio

Interim CISO &
Founder at Pro CISO®

At a Glance

Entry level

Information Security Foundation

3 days, 4.5 hours a day

Career starters and career switchers looking for an entry-level certification in information security. Anyone who wants or needs to learn the fundamentals of information security and information security management.

Gain a comprehensive introduction to information security and information security management.

Understand how to use ISO 27001 and ISO 27002, and gain insight into the topics covered.

Learn how to identify potential information security threats

Explore physical, technical and organisational control measures for protecting information.

Understand the fundamentals of information security risk management and risk assessment.

Understand information security roles and responsibilities within and outside the internal information security organisation.

Understand legal and regulatory requirements relevant to information security.

What’s included

  • Official SECO-Institute course materials
  • Training by passionate trainers with exceptional skills and industry experience
  • Access to a SECO member portal where we share additional resources and knowledge events
  • Practice exam
  • Exam voucher
  • Membership to SECO’s Alumni Network after passing the exam


Information and Security


  • What is information security?
  • The importance of information security for organizations and employees
  • The evolution of information security
  • The information security process in a continuously changing environment
  • Roles and responsibilities to manage information security


  • Elements and objectives of the risk management process
  • Standards, laws and regulations, social obligations
  • Relationship with other business plans
  • Data protection & privacy
  • How information risk management is governed
  • Information and enterprise-wide risk management processes
  • Qualitative and quantitative risk assessments
  • Risk assessments & threat modeling
  • Risk governance


  • What is information security awareness?
  • The boundaries of awareness programs


  • The information security framework
  • The use of standards and best practices


  • Asset management
  • Identity and access management
  • Data protection
  • Vulnerability management
  • Incident response
  • Security intelligence


  • Conclude with a practice exam

Collect your badge of honor


  • Language: English
  • Delivered: Online via a certified proctor
  • Questions: 40 multiple choice
  • Time: 60 minutes

Join our Alumni Network

Dates & locations

This program is conducted by our training partner, Security Academy Online.

Organize a class dedicated for your team