Course Brief

This unit introduces students to the basic principles of an ISMS and how businesses use them to effectively manage the ongoing protection of sensitive information they hold. There are many reasons for establishing an ISMS for an organisation, but one of the main goals is to enable the organisation to manage information security as a single entity which can be monitored and continually improved upon.

This unit considers information security management in a business context and will allow students to understand how modern organisations manage the ongoing threats to their sensitive assets.


  • This course is offered in 50 contact hours.

Upon successful completion of this unit, learners will be able to:

  • Explore the basic principles of information security management.
  • Critically assess how an organisation can implement and maintain an Information Security Management System (ISMS).
  • Appraise an ISMS and describe any weaknesses it may contain.
  • Examine the strengths and weaknesses of implementing ISMS standards.