Summary
In this five-day intensive course participants develop the competence to master a model for implementing an incident management process throughout their organization using the ISO/IEC 27035 standard as a reference framework. Based on practical exercises, participants acquire the necessary knowledge and skills to manage information security incidents in time by being familiar with their life cycle. During this training, we will present the ISO/IEC 27035 information security incident management standard, a process model for designing and developing an organizational incident management process, and how companies may use the standard. This training is also fully compatible with ISO/IEC 27035 which supports ISO 27001 by providing guidance for incident management.
Who should attend?
- Incident managers
- Business Process Owners
- Information Security Risk Managers
- Regulatory Compliance Managers
- Members of Incident Response Team
- Persons responsible for information security or conformity within an organization
Learning objectives
- To understand the concepts, approaches, methods, tools and techniques allowing an effective information security incident management according to ISO/IEC 27035
- To understand, interpret and provide guidance on how to implement and manage incident management processes based on best practices of ISO/IEC 27035 and other relevant standards
- To acquire the competence to implement, maintain and manage an ongoing information security incident management program according to ISO/IEC 27035
- To acquire the competence to effectively advise organizations on the best practices in information security management
Course Agenda
Day 1: Introduction, incident management framework according to ISO/IEC 27035
- Concepts and definitions related to information security and incident management
- Incident management standards, and best practices
- Choosing an incident management framework
- Understanding an organization and its context
Day 2: Planning the implementation of an Organizational Incident Management Process based on ISO/IEC 27035
- Incident management strategy and project management
- Planning the implementation of an effective incident management process
- Preliminary analysis and selection of an approach and methodology
- Design and document an incident detection, reporting and management process
- Defining roles and responsibilities in the context of the implementation and management of an Incident Management Process
Day 3: Implementing an Incident Management Process
- Define the document and record management processes
- Incident Management policies & procedures
- Implementation of security processes and controls related to incident management
- Change management process
- Incident analysis processes
- Effective communication and the communication strategies
- Establish the Information Security Incident Response Team
Day 4: Monitoring, measuring and improving an Incident Management Process
- Monitoring and evaluating the effectiveness of incident management process in operations
- Development of metrics, performance indicators and dashboards
- Management reviews
- Implementation of a continual improvement program
- Develop and propose the best corrective and preventive action plans
Day 5: Certification Exam
Prerequisites
- Knowledge on Incident Management is preferred.
Educational approach
This training is based on both, theory and practice:
- Sessions of lectures illustrated with examples based on real cases
- Practical exercises
- Review exercises to assist the exam preparation
- Practice test similar to the certification exam
To benefit from the practical exercises, the number of training participants is limited
Examination and Certification
- The “PECB Certified ISO/IEC 27035 Lead Incident Manager” exam fully meets the requirements of the PECB Examination and Certification Program (ECP). The exam covers the following competence domains:
- Domain 1: Fundamental principles and concepts in Incident Management
- Domain 2: Incident Management Best Practice based on ISO 27035
- Domain 3: Designing and Developing an Organisational Incident Management Process based on ISO 27035
- Domain 4: Preparing for Incident Management and implementing an Incident Management Process
- Domain 5: Enacting the Incident Management Process and handling Security Incidents
- Domain 6: Performance Monitoring and Measuring
- Domain 7: Improving the Incident Management Process
- The “PECB Certified ISO/IEC 27035 Lead Incident Manager” exam is available in different languages (the complete list of languages can be found in the examination application form)
- Duration: 3 hours
- For more information about the exam, refer to the PECB section on PECB Certified ISO/IEC 27035 Lead Incident Manager Exam
- After successfully completing the “PECB Certified ISO/IEC 27035 Lead Incident Manager” exam, participants can apply for the credentials of PECB Certified ISO/IEC 27035 Provisional Incident Manager
General information
- Exam and certification fees are included in the training price
- A student manual containing over 450 pages of information and practical examples will be distributed to the participants
- A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to the participants
- In case of failure of an exam, participants are allowed to retake the exam for free under certain conditions