This course provides a comprehensive, in-depth review of accepted information and cybersecurity best practices, frameworks and standards within an organization, and their application, aligned to the eight domains of the CyBOK. Participants will learn through the application of practical exercises and case studies, how to interpret their information and cybersecurity business requirements.

Learning Outcomes

At the end of this course, participants will be able to:
  • Apply effective InfoSec frameworks to focus the tasks and work of a team.
  • Compile the benefits of ISMS standards such as ISO 27001, 27002, 27701, NIST 800-53, ITSG-33, and SOC 2.
  • Articulate the benefits of a business continuity management system standards such as ISO 22301.
  • Articulate a communication plan to illustrate the business value of InfoSec and an ISMS to senior manager or internal audience


12 hours


No content found

No content found


Alan McCafferty is a Senior Business Analyst with 25+ years of progressive experience working with public organizations, not-for-profits, start-ups, and multi-national corporations.  Educated in Canada, the USA and Europe in multiple disciplines including Engineering, Business, Risk Management, and Lean 6 Sigma, he is the author of more than 25 white papers and the recipient of the Canada Award for Excellence. During his career, Alan has led the delivery of multi-year $1 billion+, mission critical information technology projects.  As a Cyber Security SME, Alan was key in the developed of the University of Ottawa Professional Development Institute cyber security program and teaches several of the courses.  Alan has successfully completed IT, Security, Process, Threat Risk Assessments (TRA), Privacy Impact Assessments (PIA), health and safety projects for federal government departments, provincial healthcare organizations and national not-for-profit organizations.  As a senior consultant, he uses his Lean 6 Sigma skills, along with his risk and security experience to help organizations implement low waste, and effective lean processes in areas such as information security management systems, business continuity, department security plans, quality management systems, health, and safety management systems.


Mark Hearn is a seasoned Business Leader and technical Product Management executive, bringing technology and business together to solve market problems for over 25 years. Mark’s expertise in software security and anti-reverse engineering has helped industry leaders solve critical product security issues with innovation and minimized risk. As a product security evangelist, Mark has spoken at many industry conferences and engaged in panel discussions on the need to protect software products from attack. He is an expert on the business risks associated with reverse engineering and the critical impact that hacking could have for manufacturers, and for their customers. Mark has held executive roles in product management and strategic market development, developing expertise in both the business-critical and technical functions related to business strategy, use/abuse cases, technical requirements, competitive analysis, and security threat-risk analysis.

Prepare for Real World Challenges

Effective information and cybersecurity management systems are built on domain knowledge applied through accepted standards and frameworks. Standards are best-known practices that an organization can use to protect information, data, and networks. Frameworks provide the blueprint for assessing, managing, and reducing vulnerabilities.

This course provides a comprehensive, in-depth review of accepted industry standards and frameworks that form the common language of information and cybersecurity systems worldwide. It is structured to prepare you to address the real-world challenges you will face as an information and cybersecurity professional in a public or private sector organization.

By completing this course, you’ll have the fundamental knowledge you need to position yourself as a true professional in the application of effective systems and programs for any organization in today’s interconnected world. And you will have acquired another key learning component on the path to an Information and Cybersecurity Management Certificate.

“Besides great networking with experts, I gained a sound knowledge and understanding of cybersecurity frameworks, ISO standards, privacy applications, risk assessment and mitigation, insider threat, ISMS, NIST, SOC 2, and legal insights related to information technology and cybersecurity.”
-- Madhumita S., Ottawa, ON

Assess and Evaluate Options

By drawing on concepts, topical scenarios, and real-world examples, instructors demystify standards and frameworks so you can develop the knowledge, skills, and abilities needed to:

  • Assess and select information and cybersecurity frameworks for any organization
  • Evaluate and determine which ISO, NIST, SOC 2, or ITSG standard best meets the needs of an organization
  • Tailor a risk management and information security management system to align with a variety of regulations, such as the Privacy Act, the Personal Information Protection and Electronic Documents Act (PIPEDA), the General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA)

Trust an Unbiased Global View

This course is technology- and policy-agnostic. It is designed, structured, and delivered based on a blend of learning processes and real-world experiences. This ensures you get a truly unbiased world view of universally applicable information and cybersecurity principles and practices presented from a neutral, Canadian perspective.

Access a Continuum of Learning

By completing the Information and Cybersecurity Management Certificate program, you will have what you need to transition to additional learning in the field or bridge to other programs offered by PDI.

The Information and Cybersecurity Management Program is an integral part of a continuum of learning ecosystem in security, cybersecurity, and other disciplines offered by the University of Ottawa Professional Development Institute (uOttawa PDI). The knowledge, skills, and abilities you acquire through this program are complementary to other offerings in PDI’s security portfolio, including:

Financial Intelligence Specialist Program

National Security and Intelligence Advance Certificate

Coding for Veterans

Cyber Skills for Canadians

Subscribe to Our Cyber Newsletter

Explore Other Programs