Information & Cyber Security Training

Our Information Security and Cyber Security Training Courses

As an organisation’s most important asset, it is vital that information is adequately protected by information security professionals who can assure its confidentiality, integrity and availability.

Understanding the level of control required and how to achieve the optimum balance between restriction and flexibility are critical to ensuring the business needs of an organisation are maintained.

Need For Skilled & Competent Practitioners

The importance of having skilled and competent practitioners within organisations has long been recognised by international standards and regulations. Take ISO 27001, the leading international information security management standard for example.

Under Clause 7.2 of the Standard, organisations are required to ‘determine the necessary competence of person(s) doing work under its control that affects its information security performance’ and ‘ensure that these persons are competent on the basis of appropriate education, training, or experience’.

Equally, organisations that are required to appoint a DPO (data protection officer) under the EU GDPR are required to appoint someone with an in-depth understanding of data protection law.

Key Role of Accredited Certificate Training Courses

The role of training courses and, specifically, accredited certificate training courses is pivotal in ensuring you have suitably qualified practitioners to ensure you remain compliant and follow best practice.

With a 17-year track record, URM is ideally placed to provide you with a range of training courses to help you better protect your organisation’s information from a range of threats, including cyber-attacks.

URM’s information security courses are split between professional certificate courses, where you are required to pass an end of course examination*, invigilated and administered by an independent third party and non-certificate introductory or implementation courses.

* Passing the end of course examination is an excellent demonstration of competence in your chosen subject.

Why Train With URM?

We believe that the key differentiator between URM and other training organisations is the calibre of our trainers. You will benefit from the fact that all URM’s trainers are practising consultants, each with extensive information security, data protection and risk management experience.

As such, they are able to translate best practice theory into ‘real world’ practical applications. URM’s trainers all adopt a facilitative approach, where the goal is to maximise knowledge and skills sharing across the whole group.

You can also be reassured by our track record. URM is by far the most experienced and successful training provider in the UK, having consistently achieved pass rates of over 95% for many courses, e.g. CISMP.

Furthermore, all of URM's certificate courses have been certified by at least one major certification body, e.g. BCS, Chartered Institute of Information Security (CIISec) or as part of the National Cyber Security Centre (NCSC) Certified Training Scheme

Professional Certification Courses

CISMP | BCS Certificate in Information Security Management Principles

By attending this 4 day course, you will gain an understanding of all of the key areas involved in information security management, including cyber security, risk management, legal framework, along with best-practice physical, people and technical security controls. 

All of the essential concepts and definitions are covered, as well as the need for and benefits of information security, including business continuity (high level).

C27 | Certificate in Implementing ISO 27001

This unique 3 day certificate course, delivered by URM’s practising consultants, is aimed at providing you with a comprehensive understanding and practical interpretation of the key steps involved in planning, implementing and maintaining an ISO 27001 compliant information security management system (ISMS).

Key topics include determining the scope of your ISMS, establishing leadership and commitment, developing a governance framework, undertaking a risk assessment, understanding the control groups within Annex A and ensuring continuous improvement.

The course has been independently validated and assessed as part of the National Cyber Security Centre (NCSC) Certified Training Scheme.

By the end of this course, you will be prepared to take and pass a multi-choice examination which has been developed by and administered by APMG International (Independent Certification Body for NCSC-approved cyber security training courses).

URM has a 14-year track record assisting nearly 200 organisations to achieve and maintain ISO 27001 certification and all our courses are led by our experienced and practising ISO 27001 consultants.

As such, you can be assured that you will receive pragmatic and invaluable instruction on implementing ISO 27001 in the real world. Delivered as both a public schedule and closed, on-site course.
Full course outline

Non-certificate Courses

ISO 27001 Auditing Course

This 2 day course, delivered by URM’s practising information security auditors is aimed at individuals who are responsible for acting as internal auditors for organisations that are planning to, or are already complying or certifying to ISO  27001:2013 (ISO 27001), the International Standard for Information Security Management.

The objective of the course is to provide you with clear and practical guidance on how to audit an ISO 27001 compliant or certified information security management system (ISMS).

By the end of the 2 days, you will be able to document your skills in undertaking audits, identifying nonconformities and assessing opportunities for improvement.

Delivered as both a public schedule and closed, on-site course.

1 Day Introduction to Information and Cyber Security

This 1 day introductory course provides you with essential guidance on how your organisation can most effectively improve its information security.

Based on best practice principles (as defined by ISO 27001 the International Standard for Information Security Management and ISO 27002, the Code of Practice) this course provides you with an introduction to developing, implementing and measuring effective information security.

Course contents and exercises are tailored to your organisation and industry sector.

Delivered as a closed, on-site course.

1 Day Understanding and Interpreting PCI DSS Requirements Course

This 1-day course is aimed at providing you with an understanding and insight into the requirements of Payment Card Industry Data Security Standard (PCI DSS) V3.2 and exactly how it applies to your organisation.

The course addresses what is involved in a PCI DSS assessment and focuses on the interpretation of the Standard’s 12 control requirements and sub-requirements. The objective of the course is to provide you with clear and practical guidance on how to apply the requirements within your organisation.

By the end of the day, you will be able to describe what PCI DSS is and how it applies to your organisation, which of the self-assessment questionnaires or assessments you need to complete and what is involved in the assessment process.

You will also gain an understanding of some of the related PCI standards. All courses are led by our experienced PCI consultants and qualified security assessors (QSAs).

Delivered as a closed, on-site course.
Full course outline


Our Training Courses

About URM

URM is dedicated to providing high quality, cost-effective and tailored consultancy and training in the areas of information security, data protection, business continuity and risk management.

Our office is open 08:00 – 17:30 Monday to Friday.

Phone : +44 (0)118 206 5410

Follow us on