Overview:

In today’s business world, information security incidents are considered to be uncertain risks which can seriously damage a business. Thus, organizations must take actions to promptly identify, evaluate and effectively manage the incidents. The ISO/IEC 27035 Information Security Incident Management is an international standard that provides best practices and guidelines for conducting a strategic incident management plan and preparing for an incident response.

The ISO/IEC 27035 Information Security Incident Management delivers the prime principles of security to prevent and respond effectively to information security incidents. In addition, the ISO/IEC 27035 incorporates specific processes for managing information security incidents, events, and potential vulnerabilities.

ISO/IEC 27035 Lead Incident Manager training enables you to acquire the necessary expertise to support an organization in implementing an Information Security Incident Management plan based on ISO/IEC 27035. During this training course, you will gain a comprehensive knowledge of a process model for designing and developing an organizational incident management plan. The compatibility of this training course with ISO/IEC 27035 also supports the ISO/IEC 27001 by providing guidance for Information Security Incident Management.

After mastering all the necessary concepts of Information Security Incident Management, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27035 Lead Incident Manager” credential. By holding a PECB Lead Incident Manager Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support and lead a team in managing Information Security Incidents.

Duration:  05 days

Objectives:

• Master the concepts, approaches, methods, tools and techniques that enable an effective Information Security Incident Management according to ISO/IEC 27035
• Acknowledge the correlation between ISO/IEC 27035 and other standards and regulatory frameworks
• Acquire the expertise to support an organization to effectively implement, manage and maintain an Information Security Incident Response plan
• Acquire the competence to effectively advise organizations on the best practices of Information Security Incident Management
• Understand the importance of establishing well-structured procedures and policies for Incident Management processes
• Develop the expertise to manage an effective Incident Response Team

Intended Audience: 

• Information Security Incident managers
• IT Managers
• IT Auditors
• Managers seeking to establish an Incident Response Team (IRT)
• Managers seeking to learn more about operating effective IRTs
• Information Security risk managers
• IT system administration professionals
• IT network administration professionals
• Members of Incident Response Teams
• Individuals responsible for Information Security within an organization

Prerequisites

A fundamental understanding of ISO/IEC 27035 and comprehensive knowledge of Information Security. 

Course outlines:

1. Day 1: Introduction to Information Security Incident Management concepts as recommended by ISO/IEC 27035
2. Day 2: Designing and preparing an Information Security Incident Management plan
3. Day 3: Enacting the Incident Management process and handling Information Security incidents
4. Day 4: Monitoring and continual improvement of the Information Security Incident Management plan
5. Day 5: Certification Exam