Overview:

The ISO/IEC 27034 provides a systematic approach that guides organizations to implement security concepts, principles, and processes in the application security structure. Application security is an international concept that supports the information security framework and guides an organization towards achieving a solid information security structure within its operations.

The ISO/IEC 27034 Application Security provides clear and comprehensive guidelines on designing, specifying, developing, implementing, testing and maintaining security controls and functions in application systems. The ISO/IEC 27034 delivers a process approach for organizations in integrating security measures and establishing a protective structure into the processes used to manage their applications. ISO/IEC 27034 applies to different business industries and it contributes to the security features of information technology, data, stakeholder’s actions, and ongoing development of application systems in an organization.   

ISO/IEC 27034 Lead Implementer training enables you to develop the necessary expertise to support an organization in establishing, implementing and managing Application Security (AS) based on ISO/IEC 27034. During this training course, you will also gain a thorough understanding of the best practices of Application Security techniques and be able to identify and avoid common application vulnerabilities.

After mastering all the necessary concepts of Application Security (AS) techniques, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27034 Lead Implementer” credential. By holding a PECB Lead Implementer Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to implement Application Security techniques in an organization.

Duration:  05 days

Objectives:

• Acknowledge the correlation between ISO/IEC 27034 and other standards and regulatory frameworks
• Master the concepts, principles, approaches, processes and techniques used for the implementation and effective maintenance of Application Security
• Learn how to interpret the ISO/IEC 27034 guidelines within the specific context of an organization
• Learn how to support an organization to effectively plan, implement, and manage Application Security
• Acquire the expertise to advise an organization in implementing Application Security best practices

Intended Audience: 

• Managers or consultants involved in Application Security (AS)
• Expert advisors seeking to master the implementation of Application Security techniques
• Individuals responsible for maintaining conformance with organization`s Application Security requirements
• Application developers
• Application Security analysts
• Expert advisors involved in Application Security (AS) operations

Prerequisites

A fundamental understanding of ISO/IEC 27034 and comprehensive knowledge of implementation principles.

Course outlines:

1. Day 1: Introduction to Application Security techniques
2. Day 2: Plan the implementation of AS techniques based on ISO/IEC 27034 (project level)
3. Day 3: Implementation of AS techniques based on ISO/IEC 27034 (organization level)
4. Day 4: AS validation and certification, protocols and ASC data structure based on ISO/IEC 27034
5. Day 5: Certification Exam