Master the Information Security Incident Management based on ISO 27035:2011.

This four-day intensive course enables participants to acquire the necessary expertise to support an organization in implementing an Information Security Incident Management plan based on ISO 27035:2011.

During this training course, you will gain a comprehensive knowledge of a process model for designing and developing an organizational incident management plan. The compatibility of this training course with ISO 27035 also supports the ISO 27001 by providing guidance for Information Security Incident Management.

For more information, please visit PECB.

  • Information Security Incident managers;
  • IT Managers;
  • IT Auditors;
  • Managers seeking to establish an Incident Response Team (IRT);
  • Managers seeking to learn more about operating effective IRTs;
  • Information Security risk managers;
  • IT system administration professionals;
  • IT network administration professionals;
  • Members of Incident Response Teams;
  • Individuals responsible for Information Security within an organization.
  • Master the concepts, approaches, methods, tools and techniques that enable an effective Information Security Incident Management according to ISO 27035;
  • Acknowledge the correlation between ISO 27035 and other standards and regulatory frameworks;
  • Acquire the expertise to support an organization to effectively implement, manage and maintain an Information Security Incident Response plan;
  • Acquire the competence to effectively advise organizations on the best practices of Information Security Incident Management;
  • Understand the importance of establishing well-structured procedures and policies for Incident Management processes;
  • Develop the expertise to manage an effective Incident Response Team.

Day 1: Introduction to Information Security Incident Management concepts as recommended by ISO 27035:

  • Course objectives and structure
  • Standards and regulatory frameworks
  • Information Security Incident Management
  • ISO 27035 core processes
  • Fundamental principles of Information Security
  • Linkage to business continuity
  • Legal and ethical issues

Day 2: Designing and preparing an Information Security Incident Management plan:

  • Initiating an Information Security Incident Management Process
  • Understanding the organization and clarifying the information security incident management objectives
  • Plan and prepare
  • Roles and functions
  • Policies and procedures

Day 3: Enacting the Incident Management process and handling Information Security incidents:

  • Communication planning
  • First implementation steps
  • Implementation of support items
  • Detecting and reporting
  • Assessment and decisions
  • Responses
  • Lessons learned
  • Transition to operations

Day 4: Monitoring and continual improvement of the Information Security Incident Management plan:

  • Further analysis
  • Analysis of lessons learned
  • Corrective actions
  • Competence and evaluation of incident managers
  • Closing the training

This training is based on both theory and practice:

  • Sessions of lectures illustrated with examples based on real cases;
  • Practical exercises based on a full case study including role playing and oral presentations;
  • Review exercises to assist the exam preparation;
  • Practice test similar to the certification exam.

To benefit from the practical exercises, the number of training participants is limited.

  • The “PECB Certified ISO 27035 Lead Incident Manager” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competence domains:
    • Domain 1: Fundamental principles and concepts of Information Security Incident Management
    • Domain 2: Information Security Incident Management best practices based on ISO/IEC 27035
    • Domain 3: Designing and developing an Organizational Incident Management process based on ISO/IEC 27035
    • Domain 4: Preparing for Information Security incidents and implementing an Incident Management Plan
    • Domain 5: Enacting the Incident Management Process and handling Information Security Incidents
    • Domain 6: Performance measurement and monitoring
    • Domain 7: Improving the Incident Management processes and activities
  • The “PECB Certified ISO 27035 Lead Incident Manager” exam is available in different languages (trainers are fluent in English, French & Spanish);
  • The exam is available online, please refer to PECB Exams User Manual;
  • Duration: 3 hours
  • For more information about PECB Certified ISO 27035 exam and certification, refer to ISO 27035 Lead Incident Manager Exam & Certification.

Testimonials about the trainer

The Next 3 Courses