ISO/IEC 27035 - Incident Manager


Summary

This three day intensive course enables participants to develop the necessary expertise and knowledge to support an organization in implementing and managing a Security Incident Management process based on ISO/IEC 27035. Participant will also be given a thorough grounding in best practices used to Implement Security Incident Management processes from all areas of ISO/IEC 27035.

 

Who should attend?

  • Incident Managers
  • Risk Managers of Information Security
  • Individuals in charge for information security within an organization
  • Security and Business Process consultants
  • Managers of Business Continuity
  • Project managers or consultants wanting to implement an Incident Management process
  • Technical experts wanting to prepare for an Incident Management audit function and so on.

 

Learning objectives

  • Understand the basic operations related to an Incident Management process
  • Explain the goal, content and correlation between ISO/IEC 27035 and other standards and regulatory frameworks
  • Explain the functioning of a security incident management and its core processes
  • Acquire the necessary knowledge of the implementation and maintenance of a security incident response process
  • Acquire the expertise to advise an organization on incident management best practices
  • Strengthen the personal qualities necessary to act with due professional care when managing security incidents

 

Course Agenda

Day 1: Introduction to ISO/IEC 27035 and overview of Security Incident Management

  • Course objectives and structure
  • Information security incident management
  • ISO 27035 core processes
  • Fundamental principles of information security
  • Linkage to business continuity

Day 2: Designing and preparing an Incident Management Process

  • Initiating a Security Incident Management Process
  • Understanding the organization and clarifying the objectives
  • Plan and prepare an Incident Management Process
  • Roles, functions, policies and procedures

Day 3: Enacting, monitoring and continuous improvement of the Incident Management process

  • First implementation steps
  • Implementing Detecting and Reporting
  • Implementing lessons learned
  • Further analysis
  • Analysis of lessons learned

 

Prerequisites

Knowledge on Security Incident Management is preferred

Educational approach

This training is based on both, theory and practice:

  • Practical exercises
  • Review exercises to assist the exam preparation
  • Exam preparation guides tests similar to the certification exam

Examination and Certification

  • The “PECB Certified ISO/IEC 27035 Incident Manager” exam fully meets the requirements of the PECB Examination and Certification Program (ECP). The exam covers the following competence domains:
    • Domain 1: Fundamental principles and concepts in incident management
    • Domain 2: Incident management best practice based on ISO/IEC 27035
    • Domain 3: Designing and developing an incident management process
    • Domain 4: Preparing for incident management and implementing an incident management process
    • Domain 5: Enacting the incident management process and handling Security incidents
    • Domain 6: Performance monitoring and measuring
    • Domain 7: Improving the incident management process

The “PECB Certified ISO/IEC 27035 Incident Manager” exam is available in different languages (the complete list of languages can be found in the examination application form)

  • Duration: 3 hours
  • After successfully completing the exam, participants can apply for the credentials of PECB Certified ISO/IEC 27035 Incident Manager, depending on their level of experience
  • For more information about ISO/IEC 27035 certifications and PECB certification process, refer to the PECB section on ISO/IEC 27035 Lead Incident Manager

General information

  • Exam and certification fees are included in the training price
  • A student manual containing over 350 pages of information and practical examples will be distributed to the participants
  • A participation certificate of 21 CPD (Continuing Professional Development) credits will be issued to the participants
  • In case of failure of an exam, the participants are allowed to retake the exam for free under certain conditions