Information Security Foundation course

Register nowBook as incompany

What will you learn?

  • 9A comprehensive first introduction to information security management;
  • 9The concept of threat and risk and its relationship to the reliability of information;
  • 9Fundamental security concepts and effective information security controls to protect that information;


  • 2 course days
  • 8 hours of self study
  • €1.395,- excluding VAT

Your trainers

Martin Goudzwaard
Information Secrity
Management Expert

About Martin

Martin is an independent entrepreneur at the interface of Information Security and Organizational Development. Under the motto: “People make the difference”, he specializes in improving the performance and effectiveness of teams and organizations.
Martin has broad experience as a people manager, trainer, advisor and talent developer within Defense and various government and commercial organizations.

Bart Baars
Translate privacy legislation into
business solutions

About Bart

Bart Baars is an experienced information security professional and privacy expert. Bart has a lot of experience in various sectors, such as government, finance, energy and telecom. His knowledge of privacy, security and business and his enthusiasm allow him to make an excellent mix between theoretical knowledge and examples from daily practice.

Henk-Jan van der Molen

About Henk-Jan

Henk-Jan has nearly 25 years of experience in both government and business, fulfilling positions in various fields: IT, consultancy, privacy, project management and Information security. Henk-Jan studied electrical engineering, supplemented with system development, project management and he is certified as CISSP and CISM. Henk-Jan was one of the first privacy officers in the Netherlands in 2002 and he has worked on the board of the NGFG to further professionalise this position. After that he was the point of contact for the security of the Digital Tachograph at the Human Environment and Transport Inspectorate.

About the  Information Security Foundation course

Information security demands something from all of us, regardless of job title. We can’t (only) depend on our cyber defenders and security products to keep us out of harm’s way. The information security chain is as strong at its weakest link. The vast amount of our employees, line managers and directors don’t have security top of mind by default and nor can we expect that from them without proper awareness and education.

This course has been designed to introduce you into the world of information security. You will learn its basic concepts and building blocks and how they relate to one another. You’ll familiarize yourself with ISO 27001, the most widely used information security standard. You’ll understand what focus areas need to be addressed to ensure appropriate protection against threats, and gain insight into commonly accepted information security controls.


This entry level course evaluates the very basics of information security, no prior knowledge is required to participate. Already familiar with the basics and looking for a practical training that evaluates the day to day activities of an information security officer? Maybe the Information Security Practitioner course would be a better choice for you. When in doubt, contact us.

Who should attend?

The Information Security Foundation course is ideal if you want to learn the basics of information security. In addition, the course is suitable for every employee within an organization who is active in the field of information management. This course is also suitable for entrepreneurs from small to medium-sized independent organizations for whom some basic knowledge of information security is necessary. Finally, this course is also suitable for the starting information security professional.

Classroom training or Online Live?

  • Classroom Training: You’re our guest and threated as such

When you take our Classroom Training you are our guest, and that’s how we’ll threat you! You’ll train in an inspiring training environment handpicked based on the highest quality standards. All trainings include a delicious lunch, when you register to your training you can indicate any dietary requirements that we should consider.

  • Online Live Training: Prepare, train and certify from the comfort of your home or work

For those of you preferring an online experience, we offer Online Live Training through the SECO – Institute Online Learning Platform based on BigBlueButton, a secure platform specifically designed for Online Training that requires collaboration and (hands on) exercises. Course materials are delivered via a designated Student Portal prior to your training. For the SECO – Institute trainings, the examination is also conducted online via a certified Proctor. Everything you need to prepare, train and certify from the comfort of your home or work.

* Our classroom trainings are delivered in Dutch or English, depending on the composition of the student group
* Our Online Live Trainings are delivered either in Dutch or in English. Make sure that you register for the right class!

The following is included:

  • The SECO-Institute course material
  • The online SECO Institute IT-Security Foundation exam
  • 1 year free SECO-Membership when you pass the exam
  • A delicious lunch

Course modules

Module 1: Code of Information Security ISO / IEC 27001/27002

  • What is a standard and what is the difference between a standard and a framework?
  • ISO / IEC 27001 and ISO / IEC 27002: 2013 in a nutshell
  • Continuous improvement Plan – Do – Check – Act
  • Implementation of the ISO / IEC 27001 and ISO / IEC 27002
  • Management objectives and control measures

Module 2: Information and security

  • Information and security: The concept, value, importance and dependence of information
  • The cornerstones of information security: availability, integrity and confidentiality
  • The influence of information security on operational processes, information architecture and information management
  • Different types of information and information systems

Module 3: Threats and Risks

  • The concept of threat and risk and its relationship to the reliability of information
  • Different types of risk analysis and risk assessment
  • Different types of threats and ways to deal with threats
  • Various types of damage
  • Different ways to deal with risks
  • Information security measures
  • Preventing risks and performing security procedures

Module 4: Approach and organization

  • Information security policy, organization of information security and the management of security incidents
  • What is a code of conduct?
  • Tasks and responsibilities in an organization

Module 5: Measures

  • The importance of physical, technical and organizational measures
  • Different types and categories of security procedures
  • The importance of access control
  • Identification, authentication and authorization
  • Business continuity management (BCM) aspects

Module 6: Laws and regulations

  • The most important laws and regulations in relation to information security
  • The importance of compliance
  • Different types of compliance

Practice Exam

The last day of training students will take a test exam, followed up with an evaluation and discussion.

About the Exam

The Information Security Foundation course is the first level of the SECO-Institute Information Security Certification Track and sets the stage for the Information Security Practitioner course. The exam is included in your training fee but governed and carried out by the SECO – Institute. Upon successful completion, you will receive the S-ISF certification title and a digital badge.

Exam information

  • Exam language: English
  • Type of exam: online exam (you must reserve this exam yourself)
  • Type of questions: 40 multiple choice questions
  • Exam time: 60 minutes

About the certificate

Information Security Foundation equips you with the knowledge and skills you need to lay the foundations of your security education and career. By passing the ISF certification exam and earning a SECO-Information Security Foundation (S-ISF) certificate, you demonstrate your ability to:

  • Adopt a holistic approach to information security;
  • Understand fundamental security and risk management concepts;
  • Understand quality improvement cycles and their importance for management systems;
  • Understand and apply the main objectives of information security (confidentiality, integrity and availability or ‘the CIA triad’);
  • Understand the importance and scope of influence of information security;
  • Understand the importance of effective information security governance;
  • Understand information security roles and responsibilities;
  • Describe common information security threats and identify effective preventive, detective, repressive and corrective countermeasures;
  • Describe best-practice physical, technical and organisational security measures;
  • Grasp the basics of information security incident management;
  • Understand the relationship between information security and business continuity management;
  • Understand legal and regulatory requirements relevant to information security.

What are the benefits of an S-ISF certificate?

In a world where information is key to any successful business, demonstrable information security awareness and knowledge can considerably improve your career prospects.

If you have a general IT background and you would like to transition to information security management, S-ISF is a sure way to set yourself on the path. The certification validates your ability to approach information security from an executive management point of view, and provides you with a sufficient basis for following more advanced security management trainings. Depending on your interests and background, S-ISF may be your first step towards a career as an information security manager, a cybersecurity consultant, or an information risk manager.

If you work with information in any other field, ISF is an excellent means to give yourself a competitive advantage over your fellow professionals and improve your career prospects. With cyberattacks and data breaches becoming more frequent, employers attach greater importance to their employees’ information security awareness. An ISF certificate demonstrates to potential employers that you have a responsible attitude to information security.

Practical Information

  • Course times: 9 am to approximately 4:30 pm. The coffee is ready at 8:30.
  • Lunch is included and consists of a buffet with, among other things, fresh sandwiches. Do you have allergies or dietary requirements? Please communicate this in time.
  • Training location:
    Quinten Matsijslei 25
    2018 Antwerp
  • By participating in a course or training you agree with our terms and conditions

Register now

Book as incompany or stay up to date