BCS Course

course overview

Click to View dates & book now


The Practitioner Certificate in Information Risk Management (PCIRM) course is designed to provide foundation knowledge of the terminology and principles of information risk management. It is intended for individuals from information technologies or IT security backgrounds who are embarking on information risk management responsibilities or those who already fulfil information risk management roles who wish to formalise their accumulated experience. It is equally suitable for business managers who need to gain a formal insight into information risk management in support of wider business risk decision-making. The content of the course is aligned to international risk management standards. It thus provides a grounding in the requirements for fulfilment of increasingly mandatory corporate compliance obligations. The course leads to the PCIRM qualification regulated by the British Computer Society (BCS), which has become an industry-recognised credential for information risk managers.

Skills Gained

This course will prepare IT and information management practitioners for a formal qualification in information risk management. It provides a grounding in information risk management principles that will assist both technical individuals and business managers to gain a deeper insight into information risk in support of broader business or infrastructure risk management.

Course Contents

The course consists of 6 modules:

Module 1 – Information Risk Management Concepts

Module 2 – Information Risk Management Frameworks

Module 3 – The Information Risk Management Process

Module 4 – Implementing Information Risk Management

Module 5 – Information Classification

Module 6 – Preparation for the PCIRM Examination and Mock Exam Assessment

At the end of each module the student can undertake an assessment to assess their understanding of the information provided in that module and to see if the objectives of the module have been met. Each topic also contains a quiz that enables a student to test their knowledge of the information covered in that topic. At the end of the course an online mock examination is provided that prepares the student for taking the official BCS PCIRM exam. the exam itself is sat on the last day of the course.


Basic knowledge of business or technical process management is expected. Basic conceptual knowledge of corporate ICT systems is expected. Some prior experience of general business risk management would be advantageous but is not essential.


Module 1:

  • Information Risk Management Concepts
  • Information risk management terminology
  • Risk management in the business context
  • Information risk management fundamentals

Module 2:

  • Information Risk Management Frameworks
  • Establishing an information risk management strategy
  • Setting internal risk management standards and criteria

Module 3:

  • The Information Risk Management Process
  • Setting the risk management scope
  • Threat and vulnerability assessment
  • Business Impact Analysis
  • Risk determination
  • Information risk management controls
  • Classification principles

Module 4:

  • Implementing Information Risk Management
  • Information risk management methodologies
  • Risk reporting and presentation
  • Business cases
  • Risk treatment
  • Risk monitoring

Module 5:

  • Preparation for the PCIRM Examination
  • Format, structure and scoring of the exam
  • Mock Examination, using the BCS sample paper

BCS Exam Details:

  • The concepts and framework of information risk management (5%)
  • Information risk management fundamentals (10%)
  • Establishing an information risk management programme (25%)
  • Risk Identification (25%)
  • Risk Assessment (20%)
  • Risk Treatment (5%)
  • Presenting risks and business case (5%)
  • Monitor and review (5%)

A three-hour scenario based written examination consisting of:

  • Section A – multiple-choice questions: Answer all of the 10 questions – each answer carries 1 mark.
  • Section B – short answer questions: Answer all of the 6 questions – each answer carries 5 marks.
  • Section C – essay questions: Answer all 3 questions – each answer carries 20 marks

Talk to an expert

Thinking about Onsite?

If you need training for 3 or more people, you should ask us about onsite training. Putting aside the obvious location benefit, content can be customised to better meet your business objectives and more can be covered than in a public classroom. Its a cost effective option. One on one training can be delivered too, at reasonable rates.

Submit an enquiry from any page on this site and let us know you are interested in the requirements box, or simply mention it when we contact you.

All $ prices are in USD unless it’s a NZ or AU date

SPVC = Self Paced Virtual Class

LVC = Live Virtual Class

Please Note: All courses are availaible as Live Virtual Classes

Trusted by over 1/2 million students in 15 countries

Our clients have included prestigious national organisations such as Oxford University Press, multi-national private corporations such as JP Morgan and HSBC, as well as public sector institutions such as the Department of Defence and the Department of Health.