ISO/IEC 27035 Lead Incident Manager

Day 1: Introduction to Information Security Incident Management concepts as recommended by ISO/IEC 27035

• Course objectives and structure
• Standards and regulatory frameworks
• Information Security Incident Management
• ISO/IEC 27035 core processes
• Fundamental principles of Information Security
• Linkage to business continuity
• Legal and ethical issues

Day 2: Designing and preparing an Information Security Incident Management plan

• Initiating an Information Security Incident Management Process
• Understanding the organisation and clarifying the information security incident management objectives
• Plan and prepare
• Roles and functions
• Policies and procedures

Day 3: Enacting the Incident Management process and handling Information Security incidents

• Communication planning
• First implementation steps
• Implementation of support items
• Detecting and reporting
• Assessment and decisions
• Responses
• Lessons learned
• Transition to operations

Day 4: Monitoring and continual improvement of the Information Security Incident

• Management plan
• Further analysis
• Analysis of lessons learned
• Corrective actions
• Competence and evaluation of incident managers
• Closing the training

Day 5 Certification Exam (3-hours)

• Domain 1: Fundamental principles and concepts of Information Security Incident Management
• Domain 2: Information Security Incident Management best practices based on ISO/IEC 27035
• Domain 3: Designing and developing an Organisational Incident Management process based on ISO/IEC 27035
• Domain 4: Preparing for Information Security incidents and implementing an Incident Management Plan
• Domain 5: Enacting the Incident Management Process and handling Information Security Incidents
• Domain 6: Performance measurement and monitoring
• Domain 7: Improving the Incident Management processes and activities

• Training material containing over 450 pages of information and practical examples will be distributed
• In case of exam failure, you can retake the exam within 12 months for free

Learning Objectives

• Master the concepts, approaches, methods, tools and techniques that enable an effective Information Security Incident Management according to ISO/IEC 27035
• Acknowledge the correlation between ISO/IEC 27035 and other standards and regulatory frameworks
• Acquire the expertise to support an organisation to effectively implement, manage and maintain an Information Security Incident Response plan
• Acquire the competence to effectively advise organisations on the best practices of Information Security Incident Management
• Understand the importance of establishing well-structured procedures and policies for Incident Management processes
• Develop the expertise to manage an effective Incident Response Team

A fundamental understanding of ISO/IEC 27035 and comprehensive knowledge of Information Security.