This one day 'Introduction to Accreditation' course is intended to provide delegates with the knowledge needed to understand the principles of accreditation and how an effective accreditation process can be implemented within an organisation. The course concentrates on generic accreditation requirements needed to deliver effective risk management and is not aimed at specific accreditation methodologies in any one government organization.
The course is related to the 'Foundations of Information Assurance for HMG' course and the 'Information Assurance Risk Management for HMG' course also provided by QA. This courses contributes to the attainment of the CESG Certified Professional Scheme (CCPS) and the following specific CCP roles at the Practitioner level.
The course is not designed to teach the foundations of Information Assurance or how to accredit specific systems or scenarios, although there are some real life examples provided with the opportunity to discuss other situations.
This is a one day course aimed at those wishing to gain an understanding of accreditation as part of an effective risk management function. The course will be useful for newly appointed Accreditors, for project managers delivering capabilities involving sensitive HMG data and risk managers seeking to gain further insights into the process.
Support for CESG Certified Professional
This course contribute to the attainment of the CESG Certified Professional Scheme (CCPS) and the following specific CCP roles at the Practitioner level:
Security and Information Risk Advisor, IA Auditor, Accreditor, IT Security Officer, Security Architect and Penetration Tester.
The course supports CCP Level 1: Awareness (understands the skill and its application). It provides skills against the following competencies used in the CCP assessment process:
A1: Governance, A2: Policy and Standards, B1: Risk Assessment, B2: Risk Management, D1: IA Methodologies, G1: Audit and Review.
IISP Skills Alignment
This course is aligned to the following Institute of Information Security Professionals (IISP) Skills. More details on the IISP skills framework can be found here.
Continuous Professional Development (CPD)
CPD points can be claimed for GCT accredited courses at the rate of 1 point per hour of training for GCHQ accredited courses (up to a maximum of 15 points).
At the end of this course you will be able to:
Module 1 – Understanding Accreditation
The objective is to provide the delegates with an understanding of what accreditation is and what it is not. It will cover what is expected from the accreditation process and why it can be a crucial element of risk management within an organisation.
Module 2 – Understanding Risk
The objective of this session is to ensure that the delegates have a common understanding of the risk management process covered in detail on the Information Assurance Risk Management course.
Module 3 – Delivering Accreditation
The objective of this session is to provide delegates with an understanding of how the accreditation process can align with the project delivering process and the benefits of introducing assurance checks during the project lifecycle.
Module 4 – Accreditation Tips
The objective of this session is to introduce different techniques that have proved useful in delivering accreditation. Delegates will learn about setting accreditation boundaries and defining data flows to help determine vulnerable points in an architecture. The session also includes tips on making the most of internal processes and procedures and how to be an effective accreditor.