Available dates

This course has no confirmed dates in the future. Subscribe to be notified when it is offered.

About the course

About the program

In today’s fast evolving society, companies and institutions have become highly dependent on information-processing systems and, by extension, on waterproof security systems. As a result, the role of a security officer (CISO, DPO, …) has changed significantly over the past few years. To meet present-day stringent cybersecurity requirements, the security officer must be well aware of the organization’s mission and vision, have insight into its security IT architecture and be capable of encouraging the conscious use of information within the organization.

The Master Class Information Security Management – a collaborative effort of Antwerp Management School, TIAS School for Business and Society and EuroCIO – offers the required up-to-date knowledge for information security professionals to excel in the governance and management of their IT security responsibilities. The program has a managerial focus.

  • Learn how to develop and implement information security & risk management strategies and policies, tailored to the specific needs of the organization;
  • Become the information security intermediary between management, IT department and operational units within the organization;
  • Join a program of two leading business schools and EuroCIO. The program is compliant with the EU e-Competence framework (e-CF), the EU e-Leadership program and is endorsed by the European CIO Association (EuroCIO).

Learning objectives

After attending this program, participants have further developed their professional skills:

  • Information Security Management: develop, implement and manage information security & risk management strategies and policies tailored to the specific needs of the organization;
  • Information Security Architecture: develop information security and risk management processes, embedding them in related corporate processes in order to guarantee good corporate governance;
  • Information Security Awareness: raise organization-wide cyber security awareness in terms of information vulnerability and decide on information security measures that need to be taken;
  • Information Security Coordination: constructive collaboration with technical information security experts in order to harmonize policies, operational activities and IT security aspects;
  • Information Security Leadership: take the necessary security measures (organization and procedure based), adjust and improve them taking into account all legal, business and human related aspects.


Module 1: Understanding the strategic context (Tilburg) This module discusses the broader organizational context of information security and provides a pragmatic approach to align the information security strategy to the organization’s strategic goals. Related governance, legal and compliancy aspects will be covered as well as the economics of information security.

  • Enterprise Risk Management – Risk Standards (ISO);
  • Impact analysis;
  • Economics of information security – The Security Balanced Scorecard.

Module 2: Translating the information security strategy into action (Antwerp) In this module participants will learn how to develop a professional information security management system for their organization. It includes identifying all the relevant information risks, achieving management approval to launch the security initiative and monitoring it through a project based approach. You will learn how to build and execute a short, mid and long term information security program.

  • How to develop and promote Security Awareness;
  • Information Security Governance: organization, management, responsibilities, reporting;
  • Program Development and Management;
  • Incident Management and Response.

Module 3: Maintaining operational aspects of information security management (Antwerp) This module addresses all operational matters related to information security management, including questions such as how to keep information security on the executive agenda and how to control information security within the predefined requirements and agreements. In addition, this module explores new security management challenges caused by new technological developments (e.g. blockchain) and legal regulations (e.g. GDPR).

  • Cybersecurity and Infrastructure;
  • IT-security frameworks;
  • NIST IT-security;
  • Technical Risk Assessment;
  • IT-continuity management;
  • Disaster recovery;
  • Disaster recovery.How to organize yourself during a breach: Crisis Game.

Who should attend

This master class is designed for business and IT professionals who operate at management level or have management level aspirations.

Positions held by participants include those of IT consultant, IT auditor, business analyst, service delivery manager, IT manager, (chief) information security officer (CISO), data protection officer (DPO), security manager, governance, risk and compliance (GRC) officer.

Participants are active in various types of organizations such as consulting and auditing firms, IT service providers, manufacturing, healthcare and governmental organizations.

People who took this course work for

IBM, Deloitte, ING, ABB, BASF...

Trust the experts

Piet Ribbers

Piet Ribbers is an Emeritus Professor of Information Management at Tilburg University, the Netherlands, where he was subsequently the Dean of the School of Economics and the Head of Department of Information Systems and Management. He is a member of the editorial board of Information and Manageme...


Steven De Haes

Function Academic Director Executive Master of Enterprise IT Architecture Academic Director Executive Master of IT Governance and Assurance Academic Director full-time Master in Management Expertise Digital Strategies IT Governance & Management IT Strategy and Alignment IT Value & P...


Marc Vael

I am passionate about what I do. It is why I get out of bed every day. I bring +25 years of innovative knowledge and solutions to boards, audit committees and executives to manage IT risks, information security / data protection and to execute IT audits. My core competencies: expertise, exper...


Eddy Vaassen

Eddy Vaassen is Professor of Accountancy at Tilburg University and a Scientific Advisor at BDO. Further he is affiliated to Erasmus University Rotterdam, a member of the CEA (Commissie Eindtermen Accountantsopleiding), and the Vice-President Europe/Africa/Mid East of the Special Interest Group fo...


Ad Krikke

Corporate ICT Security Officer Expertisegebieden: Accounting & Control (Auditing, Internal Control, Management ), Business & Society (Corporate Governance, Corporate Social Responsibility), Management & Organisation (Business Administration, Business Ethics, Information Management, IT...


John Borking

Dr. J (John) J. F.M Borking, (*1945), Director/owner of Borking Consultancy in Wassenaar, Netherlands, Of Counsel and external advisor on Privacy-by-Design for the Law & Tax firm CMS, is the former Privacy Commissioner and Board Member of the Dutch Data Protection Authority (CBP) and Board me...


Course reviews

Downloadable materials

Available dates

This course has no confirmed dates in the future. Subscribe to be notified when it is offered.