BCS Certificate in Information Security Management Principles (CISMP)

What is the CISMP?

URM’s BCS Certificate in Information Security Management Principles (CISMP) training course will provide you with the skills and knowledge to manage information and cyber security and address the ever-evolving threats and changes in working practices, e.g. remote working.

URM’s CISMP course has been updated to reflect changes made to the BCS syllabus in 2020.

What Will You Learn by Attending URM’s CISMP Course?

  • Key concepts and terminology such as confidentiality, integrity, availability (CIA), risk management, along with the need for and benefits of information security.

  • Relevant current legislation and regulations which impacts upon information security management.

  • Relevant national and international standards (e.g. ISO 27001) and frameworks which facilitate information security management.

  • Implementing information security and risk management in your organisation.

  • Categorisation, operation and effectiveness of controls of different types (e.g. physical, people, technical).

The course fully prepares you to take and pass the BCS administered, remote proctored, 2-hour exam.

The exam consists of 100 multi-choice questions with the pass mark being set at 65.

Full Course Outline

Download here PDF

CISMP – Frequently Questions Answered

Who Should Attend the CISMP?

The course is ideally suited to any business professional whose role involves, or will involve, managing and protecting sensitive information, e.g. personal, financial, organisational.

This course provides you with a broad understanding of all aspects of information security and provides the ideal platform for launching and developing a career in information security.

The certificate, which can be attained by passing a multi-choice examination, will demonstrate that you have a strong understanding of what good practice information security comprises.

What are the Prerequisites for Attending the CISMP?

BCS recommends some prerequisites in terms of working knowledge of IT and an understanding of the general principles of information technology and security.

What is the Format of URM’s CISMP Course?

URM delivers the CISMP Course as both a public schedule and ‘closed’ training course for specific organisations. If you attend our public scheduled courses, these are either classroom, face-to-face courses or on-line, instructor-led courses.

URM’s CISMP course leans heavily on discussions, exercises and real-life scenarios which are designed to help interpret some of the more challenging concepts and help you apply them back in your work environment.

Delegates are also provided with a hard copy of the BCS Information Security Management Principles book as a revision/review tool.

This dynamic and interactive course is also designed to encourage debate and the sharing of knowledge and experience.

Exercises are provided throughout the training, as well as mock exams each day to ensure you are well prepared to take and pass the BCS administered exam.

On-line Instructor-led Training

URM’s on-line, instructor-led CISMP course is delivered across 6 mornings (9 am - approx 12:45).

URM has opted to deliver the course across mornings only, as it is an intense course and full days via MS Teams can be challenging for delegates.

As such, it will enable you to review material or return to work in the afternoon.

You will also be provided with some homework e.g. a mock exam, review of topics covered that morning, additional reading, an exercise, and will have the opportunity to review homework/mock questions, and raise any questions, the following morning.

Classroom Training

If you attend CISMP public schedule courses, these are typically residential and held at purpose-designed training venues.

The training is across 4 days and typically runs from 9 am to 5 pm, although you will have numerous opportunities to raise queries with URM’s trainer outside of these hours.

You may wish to use the evenings to review some of the comprehensive courseware notes and practice answering mock exam papers.

Why Train With URM?

  • Our trainers. All are practising consultants with extensive information security and risk management experience.
  • Practical application. We translate best practice theory into ‘real world’ practical applications and examples.
  • Our facilitative approach. URM’s goal is to maximise knowledge and skills sharing across the whole group.
  • Our track record. URM is by far the most experienced and successful training provider in the UK, having delivered the course for over 15 years and having consistently achieved a pass rate of 98% and above.
  • 3rd party validation. URM's BCS CISMP course is certified in the NCSC Certified Training scheme.

What Changes Were Made by BCS in 2020?

The BCS CISMP syllabus was first developed at the turn of the millennium and has been regularly updated and refreshed since then, with the last update (v9.0) taking place in September 2020.

The majority of the syllabus remained unaltered from the 2017 version, however, a new section was added to cover security lifecycle both from an information and design process perspective.

The new section also addresses risks to security brought about by systems development and support. BCS has also used the syllabus refresh to place more emphasis on cyber security, the security framework (e.g. implementation of information security) and to reflect current working practices.

How Long is a CISMP Training Course?

BCS recommends that CISMP classroom training should contain a minimum of 18 hours of tuition spread over a minimum of 3 days.

URM, taking feedback from its delegates, has chosen with its CISMP course to deliver either 24 hours of classroom tuition over 4 days or on-line tuition over 6 mornings.

We strongly believe that the longer duration of training is necessary to provide more time for classroom discussion, sharing of experiences and explanation of how the processes and techniques behind the principles can be applied in the workplace.

URM has developed a reputation over 15 years for developing and delivering training courses which focus on practical implementation, rather than merely addressing the theory.

With our CISMP course, whatever your background, you will have the opportunity to understand all the key fundamentals of information security and be able to apply the principles in your organisation.

Here are a number of comments from delegates who have sat URM’s CISMP course

I am very pleased. The course is brilliantly designed (especially for someone like me with little technical knowledge) and was very well delivered.


The trainer was extremely knowledgeable and explained things very well, particularly the more technical stuff which can be hard to keep up with when it's brand new to you.


I enjoyed the course and thought the trainer was great!

Kickstart your Career Today With URM

bcs training

More about CISMP

Our Courses

Contact us

For further information on URM's training portfolio, or for course availability, please
- phone 0118 206 5410
- email our training manager
- use our online request form.

About URM

URM is dedicated to providing high quality, cost-effective and tailored consultancy and training in the areas of information security, data protection, business continuity and risk management.

Follow us on

CISMP - Certificate in Information Security Management
CISMP - Certificate in Information Security Management

Overview of URM's Certificate in Information Security Management Principles (CISMP) course.