BCS Foundation Certificate in Information Security Management Principles  

Gain a clear understanding of IS management issues including risk management, security standards, legislation and business continuity.

Who is it for?

Anyone with an interest in information security, whether as a career or for general business knowledge.

Entry requirements

There are no formal entry requirements however, the candidate should have basic working IT knowledge and an awareness of the issues involved with the security control activities.

It's recommended that candidates read the BCS course approved reference book Information Security Management Principles, as well as attend training with a BCS accredited training course.

What will I learn?

Candidates should be able to demonstrate: 

  • Knowledge of the concepts relating to information security management. 
  • Understanding of current national legislation and regulations which impact upon information security management. 
  • Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security.  
  • Understanding of the current business and common technical environments in which information security management must operate. 
  • Knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics. 

The syllabus includes training objectives, details of modules and learning hours, plus a recommended reading list:

Download the v9.1 syllabus (PDF)
Download the v9.1 specimen paper and answer key (PDF)

Note: This version will be retired in April 2025.

Download our new v10 syllabus (PDF)
Download our new v10 specimen paper (PDF)

Not sure you are ready for the exam?

Find out more about our digital sample papers here

How do I get this qualification?

Training and exam (recommended)

Take this course with one of our accredited training providers.

How long will it take?

Classroom courses normally last three days.

Where can I study?

At a BCS accredited training provider near you.

How much does it cost?

Course prices vary depending on your chosen training provider and course format.

Find a provider

Exam only (self study)

Ideal if you’re self-motivated and already know something about Information Security.

How do I book an exam?

Call +44 (0)1793 417417 to book your exam.

How long will it take?

It usually takes a minimum of 40 hours to prepare for the exam.

How do I sit the exam?

If you're studying for this qualification without a training provider you can sit this exam directly with BCS.

How much does it cost?

UK price: £165

VAT and remote proctoring fees at £35.00 are not included and will be applied at the time of purchase.

Contact us on +44 (0)1793 417417

What format is the exam?

  • One hour ‘closed book’ with 40 multiple choice questions
  • Pass mark is 65% (26/40)

What's next?

Practitioner level certifications

If you work or are considering working in a cyber security / information assurance role, we also run a Certified Cyber Professional (CCP) Scheme.

This qualification is not regulated by the following United Kingdom Regulators - Ofqual, Qualifications Wales, CCEA Regulation or SQA.