Skip to main content

Description

The ISO/IEC 27035 Lead Incident Manager course provides participants with the skills and knowledge they need to help organizations establish and implement an effective information security incident management process. Based on the ISO/IEC 27035 series of standards and other best practices in incident management, this course covers the entire incident lifecycle, from planning to managing post-incident activities. Participants will also explore the role of key stakeholders and the importance of inter-organizational collaboration for effective information security incident management.

Why take part in this training course?

In the digital age, information security incidents, whether intentional or accidental, are almost inevitable and can affect organizations of all sizes and sectors. Learning to manage the complexities of incident detection, assessment, response and reporting enables participants to help organizations protect their data and mitigate the negative impact on their business.
The course is aligned with ISO/IEC 27001, ISO/IEC 27005 and other standards in the ISO/IEC 27000 series, and provides practical recommendations for strengthening information security.
On successful completion of the course, participants will have the opportunity to apply for the title of “PECB Certified ISO/IEC 27035 Lead Incident Manager”, attesting to their expertise in the strategic and effective management of information security incidents.

Day 1: Introduction to information security incident management and ISO 27035  

  • General presentation of the course.
  • Review of current standards and regulations.
  • Fundamental concepts of information security incident management.
  • Introduction to ISO/IEC 27035:2016.
  • Basic principles of information security.
  • Business continuity.
  • Legal and ethical issues related to incident management.


Day 2: Designing and preparing an incident management plan

  • Launching an incident management process.
  • Organization and objectives associated with incident management.
  • Necessary planning and preparation.
  • Definition of roles and responsibilities.
  • Draw up procedures and policies.


Day 3: Incident management process launch and handling

  • Communications planning.
  • Initial steps to set up the process.
  • Installation of necessary support elements.
  • Incident detection and reporting.
  • Incident assessment and decision-making.
  • Implementation of incident responses.
  • Analysis of lessons learned.
  • Transfer operations for effective follow-up.


Days 4 and 5: Monitoring and continuous improvement of the incident management plan

  • Further analysis to refine the process.
  • Evaluate lessons learned from previous incidents.
  • Implement appropriate corrective measures.
  • Assess incident managers' skills.
  • Final half-day :
    Taking the ISO/IEC 27035 Lead Incident Manager certification exam (duration: 3 hours).
    Please note: The course material for the PECB ISO/IEC 27035 Lead Incident Manager training course is available in French.

This course is designed for :

  • Managers or consultants wishing to deepen their knowledge of information security incident management
  • Professionals looking to set up and manage effective incident response teams
  • IT professionals and information security risk managers wishing to enhance their knowledge of information security incident management
  • Incident response team members
  • Incident response coordinators or other roles with responsibilities in incident handling and response 

The main prerequisite for taking part in this training course is a general knowledge of incident management processes, information security principles and the ISO/IEC 27000 family of standards.

After successfully completing this course, participants will be able to:

  • Explain the fundamentals of incident management
  • Develop and implement effective incident response plans and select an incident response team
  • Perform in-depth risk assessments to identify potential threats and vulnerabilities within an organization
  • Apply best practices from various international standards to improve the effectiveness and efficiency of incident response efforts
  • Conduct post-incident analysis and identify lessons learned

We design, build and support digital products for clients who want to make a positive impact in their industry. Creative with technology, we develop great solutions to help our clients grow and especially by strengthening our relationships based on continuous improvement, maintenance, support and hosting services.

Follow us