Information security leadership spans policy, architecture, operations, and risk. This course prepares participants to design and manage enterprise-wide security programmes aligned with industry frameworks. Through domain-based learning and practical discussions, they will strengthen their ability to govern, assess, and enforce organisational security.
Learning Outcomes:
Understand key domains of enterprise information security
Evaluate governance, risk, and compliance requirements
Design security architecture for confidentiality, integrity, and availability
Apply secure operations and identity management practices
Key Topics:
CISSP CBK domains and core principles
Risk management and governance frameworks
Cryptography, access control, and asset security
Certification preparation for Certified Information Systems Security Professional (CISSP)
FUNDING INFORMATION
SkillsFuture Singapore (SSG)
Funding is available on Course Fee. Please see below for the eligibility categories available.
| Self-sponsored | Singapore Citizen & PR aged ≥ 21 years | Up to 50% funding |
| Singapore Citizen aged ≥ 40 years | Up to 70% funding | |
| Company Sponsored (Non-SME) | Singapore Citizen & PR aged ≥ 21 years | Up to 50% funding |
| Singapore Citizen aged ≥ 40 years | Up to 70% funding | |
| Company Sponsored (SME) | Singapore Citizen & PR aged ≥ 21 years | Up to 70% funding |
| Singapore Citizen aged ≥ 40 years | Up to 70% funding |
SSG Funding Requirements
- Trainees must scan their attendance twice daily using the SingPass application.
- Trainees must attain at least 75% attendance.
- Trainees must pass the in-house assessment to be eligible for funding.
- Trainee and/or sponsoring company is/are required to meet all SSG-mandated eligibility criteria and requirements for funding. For more information, please refer to SkillsFuture homepage.
Appeal Policy and Procedure
- As a candidate in this course assessment, you may appeal your results if you disagree with them.
- To do so, submit your written appeal request via email to esv_comat_cse@stengg.com within 3 working days from date of assessment.
Cancellation, Postponement and Refund Policy
- Request for cancellation or postponement must be submitted in writing more than 4 weeks before the class start date to avoid any charges.
- Written notice for cancellation or postponement received 2 to 4 weeks before class start date will incur Late Cancellation Charge - 50% of course fee.
- Written notice for cancellation or postponement received less than 2 weeks before class start date will incur Late Cancellation Charge - 100% of course fee.
- If payment has been made and ST Engineering e-Services Pte Ltd accepts the trainee's written notification to cancel or withdraw from the course, ST Engineering e-Services Pte Ltd will issue a refund, less any applicable Late Cancellation Charges.
Feedback Policy and Procedure
- You may submit feedback via email to esv_comat_cse@stengg.com or your servicing Account Manager.
- Any formal feedback will be handled within 10 working days from receipt with a written reply given. An interim reply will be provided should more time be required.
Chapter 1 - Security Governance Through Principles and Policies
Chapter 2: Personnel Security and Risk Management Concepts
Chapter 3: Business Continuity Planning
Chapter 4: Laws, Regulations, and Compliance
Chapter 5: Protecting Security of Assets
Chapter 6: Cryptography and Symmetric Key Algorithms
Chapter 7: PKI and Cryptographic Applications
Chapter 8: Principles of Security Models, Design, and Capabilities
Chapter 9: Security Vulnerabilities, Threats, and Countermeasures
Chapter 10: Physical Security Requirements
Chapter 11: Secure Network Architecture and Securing Network Components
Chapter 12: Secure Communications and Network Attacks
Chapter 13: Managing Identity and Authentication
Chapter 14: Controlling and Monitoring Access
Chapter 15: Security Assessment and Testing
Chapter 16: Managing Security Operations
Chapter 17: Preventing and Responding to Incidents
Chapter 18: Disaster Recovery Planning
Chapter 19: Incidents and Ethics
Chapter 20: Software Development Security
Chapter 21: Malicious Code and Application Attacks
