ISO/IEC 27035 Lead Incident Manager training enables you to acquire the necessary expertise to support an organization in implementing an Information Security Incident Management plan based on ISO/IEC 27035.
During this training course, you will gain a comprehensive knowledge of a process model for designing and developing an organizational incident management plan. The compatibility of this training course with ISO/IEC 27035 also supports the ISO/IEC 27001 by providing guidance for Information Security Incident Management.
Course description:
After mastering all the necessary concepts of Information Security Incident Management, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27035 Lead Incident Manager” credential. By holding a PECB Lead Incident Manager Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support and lead a team in managing Information Security Incidents.
Course objectives:
• Master the concepts, approaches, methods, tools and techniques that enable an effective Information Security Incident Management according to ISO/IEC 27035.
• Acknowledge the correlation between ISO/IEC 27035 and other standards and regulatory frameworks.
• Acquire the expertise to support an organization to effectively implement, manage and maintain an Information Security Incident Response plan.
• Acquire the competence to effectively advise organizations on the best practices of Information Security Incident Management.
• Understand the importance of establishing well-structured procedures and policies for Incident Management processes.
• Develop the expertise to manage an effective Incident Response Team.
Course outline:
Day 1) Introduction to Information Security Incident Management concepts as recommended by ISO/IEC 27035:
• Course objectives and structure
• Standards and regulatory frameworks
• Information Security Incident Management
• ISO/IEC 27035 core processes
• Fundamental principles of Information Security
• Linkage to business continuity
• Legal and ethical issues
Day 2) Designing and preparing an Information Security Incident Management plan:
• Initiating an Information Security IncidentManagement Process
• Understanding the organization and clarifying the information security incident management objectives.
• Plan and prepare
• Roles and functions
• Policies and procedures
• Roles and functions
• Policies and procedures
Day 3) Enacting the Incident Management process and handling Information Security incidents:
• Communication planning
• First implementation steps
• Implementation of support items
• Detecting and reporting
• Assessment and decisions
• Responses
• Lessons learned
• Transition to operations
Day 4) Monitoring and continual improvement of the Information Security Incident Management plan:
• Further analysis
• Analysis of lessons learned
• Corrective actions
• Competence and evaluation of incident managers
Day 5) Certification Exam:
• Preparation for exam
• Exam
Audience:
• Information Security Incident managers
• IT Managers
• IT Auditors
• Managers seeking to establish an Incident Response Team (IRT)
• Managers seeking to learn more about operating effective IRTs
• Information Security risk managers
• IT system administration professionals
• IT network administration professionals
• Members of Incident Response Teams
• Individuals responsible for Information Security within an organization
Prerequisites:
• A fundamental understanding of ISO/IEC 27035 and comprehensive knowledge of Information Security.
Language:
• English course material, English speaking instructor
Certification:
• The exam duration is three (3) hours. Non-native speakers receive an additional half an hour
• The exam contains essay type questions
As the exam is “open book”, candidates are authorized to use:
• A copy of the standard
• Course notes from the Participant Handout;
• Any personal notes made by the student during the course; and
• A hard copy dictionary