Level 3 Diploma in Certified Information Systems Security Professional (CISSP)

1. Introduction to Information Systems Security: Core concepts, objectives, and terminology of information security.

2. Information Security Governance and Compliance: Policies, standards, and regulatory drivers influencing security programs.

3. Risk Management Fundamentals: Identification, analysis, and treatment of information security risks.

4. Asset Security Principles: Classification, ownership, and protection of information assets.

5. Access Control Concepts: Authentication, authorisation, and identity management fundamentals.

6. Security Architecture and Design Basics: Secure system design principles and control frameworks.

7. Network Security Fundamentals: Basic network components, threats, and protective measures.

8. Security Operations Overview: Incident response concepts, monitoring, and operational security practices.

9. Business Continuity and Disaster Recovery Concepts: Resilience planning and recovery principles.

10. Ethics and Professional Responsibility in Cybersecurity: Ethical conduct and professional standards in information security.

• Establishes a strong foundation in information systems security concepts.

• Supports alignment with international cybersecurity and governance standards.

• Enhances employability in entry-level security and information assurance roles.

• Prepares learners for progression to higher-level cybersecurity qualifications.

• Strengthens organisational awareness of security risks and controls.

• Individuals seeking entry into information security or cybersecurity roles.

• Information technology professionals transitioning into security functions.

• Graduates preparing for advanced cybersecurity certifications and qualifications.

• Organisational staff requiring foundational awareness of information security principles.

• Assessment Type: Knowledge-based assessment

• Assessment Format: Multiple-choice examination

• Total Questions: 50

• Passing Score: 60 percent

• Duration: 90 minutes

• Certification: HiQual UK Level 3 Diploma in Certified Information Systems Security Professional upon successful completion

To deliver this Qualification, HiQual UK Approved ATPs must demonstrate the capability to deliver, assess, and internally quality assure qualifications in line with recognised regulatory principles and the expectations of the Regulated Qualifications Framework (RQF).

Approved centres must operate effective systems to ensure the validity, reliability, fairness, consistency, and security of assessment.

1. Centre Recognition and Legal Compliance

Centres must be formally recognised by HiQual UK prior to the delivery or assessment of any qualification. To maintain recognition, centres must: Be a legally constituted organisation operating in compliance with applicable legislation and regulatory requirements. Demonstrate effective governance, management oversight, and clear lines of accountability. Comply with all HiQual UK policies, procedures, and conditions of centre recognition. Notify HiQual UK promptly of any material changes that may affect delivery, assessment, or internal quality assurance arrangements.

2. Resources, Facilities, and Learning Environment

Centres must ensure that sufficient and appropriate resources are in place to support learning and assessment. This includes: Learning environments appropriate to the mode of delivery, including classrooms and, where applicable, specialist or practical facilities. Access to learning and assessment resources that enable learners to meet qualification outcomes. Secure systems for managing learner data, assessment records, and certification claims. Arrangements that support equality of access and reasonable adjustments for learners where required.

3. Staff Competence and Occupational Expertise

Centres must ensure that all staff involved in delivery, assessment, and internal quality assurance are competent and suitably qualified. Centres must: Appoint tutors with appropriate subject knowledge, teaching competence, and relevant occupational or professional experience. Ensure assessors are trained and competent in applying HiQual UK assessment requirements and standards. Appoint a qualified Internal Quality Assurer (IQA) responsible for monitoring assessment practice and decisions. Maintain records of staff qualifications, experience, training, and continuing professional development (CPD).

4. Assessment Practice and Internal Quality Assurance (IQA)

Centres must operate robust internal quality assurance systems to ensure assessment integrity. Centres must: Ensure assessment is valid, fit for purpose, and conducted in line with HiQual UK requirements. Implement effective IQA procedures to monitor assessor performance and confirm the consistency of assessment decisions. Maintain accurate, complete, and auditable records of learner registration, assessment evidence, and outcomes. Carry out regular internal reviews and standardisation activities to support continuous improvement.

5. Integrity, Risk Management, and Malpractice

Centres must take appropriate measures to protect the integrity of assessment. Centres must: Maintain policies and procedures for the prevention, identification, and management of malpractice and maladministration. Ensure secure handling, storage, and retention of assessment materials and learner evidence. Report any suspected or confirmed malpractice to HiQual UK in accordance with published procedures.

6. Health, Safety, Safeguarding, and Learner Protection

Centres must provide a safe, inclusive, and supportive learning environment. Centres must: Comply with applicable health and safety and safeguarding legislation. Conduct risk assessments for learning activities, particularly where practical or technical work is involved. Maintain procedures to safeguard learner welfare and wellbeing.

7. Learner Information, Support, and Fair Treatment

Centres must ensure learners are informed, supported, and treated fairly. Centres must: Provide clear and accurate information on programme requirements, assessment methods, and certification. Ensure learners receive timely and constructive feedback on assessment outcomes. Operate transparent complaints and appeals procedures aligned with HiQual UK requirements. Manage learner information securely in compliance with data protection legislation.