ISO/IEC 27035 LEAD INCIDENT MANAGER

Why should you attend?

ISO/IEC 27035 Lead Incident Manager training enables you to acquire the necessary expertise to support an organization in implementing an Information Security Incident Management plan based on ISO/IEC 27035. During this training course, you will gain a comprehensive knowledge of a process model for designing and developing an organizational incident management plan. The compatibility of this training course with ISO/IEC 27035 also supports the ISO/IEC 27001 by providing guidance for Information Security Incident Management.

After mastering all the necessary concepts of Information Security Incident Management, you can sit for the exam and apply for a “Certified ISO/IEC 27035 Lead Incident Manager” credential. By holding a Lead Incident Manager Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support and lead a team in managing Information Security Incidents.

Who should attend?

• Information Security Incident managers
• IT Managers
• IT Auditors
• Managers seeking to establish an Incident Response Team (IRT)
• Managers seeking to learn more about operating effective IRTs
• Information Security risk managers
• IT system administration professionals
• IT network administration professionals
• Members of Incident Response Teams
• Individuals responsible for Information Security within an organization

Learning objectives:

• Master the concepts, approaches, methods, tools, and techniques that enable an effective Information Security Incident Management according to ISO/IEC 27035
• Acknowledge the correlation between ISO/IEC 27035 and other standards and regulatory frameworks
• Acquire the expertise to support an organization to effectively implement, manage and maintain an Information Security Incident Response plan
• Acquire the competence to effectively advise organizations on the best practices of Information Security Incident Management
• Understand the importance of establishing well-structured procedures and policies for Incident Management processes
• Develop the expertise to manage an effective Incident Response Team

Certification

After successfully completing the exam, you can apply for the “Certified ISO/IEC 27035 Lead Incident Manager” credential. You will receive a certificate once you comply with all the requirements related to the credential.

Course duration: 5 Days

Course Agenda:

1. Introduction to Information Security Incident Management concepts as recommended by ISO/IEC 27035
   • Course objectives and structure
   • Standards and regulatory frameworks
   • Information Security Incident Management
   • ISO/IEC 27035 core processes
   • Fundamental principles of Information Security
   • Linkage to business continuity
   • Legal and ethical issues
2. Designing and preparing an Information Security Incident Management plan
   • Initiating an Information Security Incident Management Process
   • Understanding the organization and clarifying the information security incident management objectives
   • Plan and prepare
   • Roles and functions
   • Policies and procedures
3. Enacting the Incident Management process and handling Information Security incidents
   • Communication planning
   • First implementation steps
   • Implementation of support items
   • Detecting and reporting
   • Assessment and decisions
   • Responses
   • Lessons learned
   • Transition to operations
4. Monitoring and continual improvement of the Information Security Incident Management plan
   • Further analysis
   • Analysis of lessons learned
   • Corrective actions
   • Competence and evaluation of incident managers
   • Closing the training

Examination: 3 Hours

The “Certified ISO/IEC 27035 Lead Incident Manager” exam fully meets the requirements of the Examination and Certification Programme (ECP).

The exam covers the following competency domains:

1. Domain 1 Fundamental principles and concepts of Information Security Incident Management
2. Domain 2 Information Security Incident Management best practices based on ISO/IEC 27035
3. Domain 3 Designing and developing an Organizational Incident Management process based on ISO/IEC 27035
4. Domain 4 Preparing for Information Security incidents and implementing an Incident Management Plan
5. Domain 5 Enacting the Incident Management Process and handling Information Security Incidents
6. Domain 6 Performance measurement and monitoring
7. Domain 7 Improving the Incident Management processes and activities