The Practitioner Certificate in Information Risk Management (PCIRM) course is designed to provide foundation knowledge of the terminology and principles of information risk management. It is intended for individuals from information technologies or IT security backgrounds who are embarking on information risk management responsibilities or those who already fulfil information risk management roles who wish to formalise their accumulated experience. It is equally suitable for business managers who need to gain a formal insight into information risk management in support of wider business risk decision-making. The content of the course is aligned to international risk management standards. It thus provides a grounding in the requirements for fulfilment of increasingly mandatory corporate compliance obligations. The course leads to the PCIRM qualification regulated by the British Computer Society (BCS), which has become an industry-recognised credential for information risk managers.
This course will prepare IT and information management practitioners for a formal qualification in information risk management. It provides a grounding in information risk management principles that will assist both technical individuals and business managers to gain a deeper insight into information risk in support of broader business or infrastructure risk management.
The course consists of 6 modules:
Module 1 – Information Risk Management Concepts
Module 2 – Information Risk Management Frameworks
Module 3 – The Information Risk Management Process
Module 4 – Implementing Information Risk Management
Module 5 – Information Classification
Module 6 – Preparation for the PCIRM Examination and Mock Exam Assessment
At the end of each module the student can undertake an assessment to assess their understanding of the information provided in that module and to see if the objectives of the module have been met. Each topic also contains a quiz that enables a student to test their knowledge of the information covered in that topic. At the end of the course an online mock examination is provided that prepares the student for taking the official BCS PCIRM exam. the exam itself is sat on the last day of the course.
Basic knowledge of business or technical process management is expected. Basic conceptual knowledge of corporate ICT systems is expected. Some prior experience of general business risk management would be advantageous but is not essential.
Information Risk Management Concepts
Information risk management terminology
Risk management in the business context
Information risk management fundamentals
Information Risk Management Frameworks
Establishing an information risk management strategy
Setting internal risk management standards and criteria
The Information Risk Management Process
Setting the risk management scope
Threat and vulnerability assessment
Business Impact Analysis
Information risk management controls
Implementing Information Risk Management
Information risk management methodologies
Risk reporting and presentation
Preparation for the PCIRM Examination
Format, structure and scoring of the exam
Mock Examination, using the BCS sample paper
BCS Exam Details:
The concepts and framework of information risk management (5%)
Information risk management fundamentals (10%)
Establishing an information risk management programme (25%)
Risk Identification (25%)
Risk Assessment (20%)
Risk Treatment (5%)
Presenting risks and business case (5%)
Monitor and review (5%)
A three-hour scenario based written examination consisting of:
Section A – multiple-choice questions: Answer all of the 10 questions – each answer carries 1 mark.
Section B – short answer questions: Answer all of the 6 questions – each answer carries 5 marks.
Section C – essay questions: Answer all 3 questions – each answer carries 20 marks
If you need training for 3 or more people, you should ask us about onsite training. Putting aside the obvious location benefit, content can be customised to better meet your business objectives and more can be covered than in a public classroom. It's a cost effective option.
Submit an enquiry from any page on this site, and let us know you are interested in the requirements box, or simply mention it when we contact you.