ISO/IEC 27035 - Security Incident Management Lead Manager

ISO/IEC 27035 series addresses this imperative by providing comprehensive guidelines for establishing, implementing, maintaining, and continually improving information security incident management within organizations.

The ISO/IEC 27035 Lead Incident Manager training course equips participants with the knowledge and skills necessary to support organizations in establishing and implementing a process for managing information security incidents. This training course is based on the ISO/IEC 27035 series and other good practices of incident management and covers the entire incident lifecycle, from incident planning to post-incident activities. In addition, participants will also learn about the role of key stakeholders and the importance of working with other organizations to handle information security incidents.

This training course aligns with ISO/IEC 27001, ISO/IEC 27005, and other standards in the ISO/IEC 27000 series and provides practical guidance on information security.

Upon completing the course and its exam, participants can apply for the “PECB Certified ISO/IEC 27035 Lead Incident Manager” credential, showcasing their proficiency in strategically and effectively managing and mitigating information security incidents.

‍

‍

Who should attend?

‍

This training course is intended for:

‍

Managers or consultants seeking to expand their knowledge of information security incident management

‍

Professionals seeking to establish and manage effective incident response teams (IRTs)

‍

IT professionals and information security risk managers seeking to enhance their knowledge in information security incident management

‍

Members of incident response teams

‍

Incident response coordinators or other roles with responsibilities for incident handling and response

‍

‍

Learning objectives

‍

By the end of this training course, you will be able to:

‍

Explain the fundamental principles of incident management

‍

Develop and implement effective incident response plans tailored to the organization’s needs and select an incident response team

‍

Conduct thorough risk assessments to identify potential threats and vulnerabilities within an organization

‍

Apply good practices from various international standards to enhance the efficiency and effectiveness of incident response efforts

‍

Conduct post-incident analysis and identify lessons learned

‍

‍

Educational approach

‍

This training course combines theoretical concepts with best practices for implementing an information security incident management process.

‍

The training course contains essay-type exercises and multiple-choice quizzes, some of which are scenario-based.

‍

The participants are encouraged to collaborate and engage in meaningful discussions with fellow learners while tackling quizzes and exercises.

‍

The quiz format closely mirrors that of the certification exam, ensuring participants are well-prepared for their exam.

‍

‍

Course Contents

‍

Day 1: Introduction to information security incident management concepts and ISO/IEC 27035

‍

Day 2: Designing and preparing an information security incident management plan

‍

Day 3: Detecting and reporting information security incidents

‍

Day 4: Monitoring and continual improvement of the information security incident management process

‍

Day 5: Certification exam