To give candidates a good, solid understanding to build on, the Certified Information Security Officer certification starts with the foundation module of the Information Security Management program.
EXIN Information Security Foundation is a relevant certification for all professionals who work with confidential information. It explains the concept, value, and importance of information security as well as the threats and risks.
For the second domain in this certification candidates can choose from 3 different EXIN modules related to security. Each of these foundation certifications will give the final certification an element of specialism - whether you choose Privacy & Data Protection, Business Continuity Management or Cyber & IT Security.
EXIN Privacy & Data Protection Foundation covers the main subjects related to the protection of personal data. Candidates benefit from a certification that is designed to impart all the required knowledge to help ensure compliancy to the General Data Protection Regulation.
EXIN Business Continuity Management Foundation enables professionals to identify potential threats to an organization and the impacts to business operations those threats, if realized, might cause. It provides a framework for building organizational resilience with the capability of an effective response that safeguards the interests of its key stakeholders, reputation, brand and value-creating activities (Source: ISO 22301:2012).
The EXIN Cyber & IT Security Foundation certification builds IT professionals’ knowledge and understanding of the technical background surrounding digital security. It enables candidates to explain, understand and describe key concepts in Cyber and IT Security.
The last certification is the specialist level Information Security Management certification that includes practical assignments so that candidates get to experience what is asked of an ISO and to test their skills before putting them into practice in real-life situations.
Information is crucial for the continuity and proper functioning of both individual organizations and the economies they fuel; this information must be protected against access by unauthorized people, protected against accidental or malicious modification or destruction and must be available when it is needed. The module Information Security Management Professional based on ISO/IEC 27001 tests understanding of the organizational, physical and technical aspects of information security.