ISO/IEC 27035 Lead Incident Manager Course Overview:

ISO/IEC 27035 Lead Incident Manager training enables participants to develop expertise in implementing an Information Security Incident Management plan based on ISO/IEC 27035. The course provides comprehensive knowledge of designing and developing organizational incident management plans. It aligns with ISO/IEC 27001, offering guidance for Information Security Incident Management. After mastering the concepts, participants can take the exam and apply for the “PECB Certified ISO/IEC 27035 Lead Incident Manager” credential, showcasing their practical knowledge and leadership capabilities in managing Information Security Incidents.

Intended Audience:

• Information Security Incident managers
• IT Managers
• IT Auditors
• Managers seeking to establish an Incident Response Team (IRT)
• Managers seeking to learn more about operating effective IRTs
• Information Security risk managers
• IT system administration professionals
• IT network administration professionals
• Members of Incident Response Teams
• Individuals responsible for Information Security within an organization

Learning Objectives of ISO/IEC 27035 Lead Incident Manager:

• Understanding of ISO/IEC 27035: Develop a comprehensive understanding of the ISO/IEC 27035 standard, focusing on information security incident management principles and practices.
• Incident Management Framework: Gain proficiency in implementing an incident management framework, covering incident identification, reporting, assessment, response, and lessons learned.
• Legal and Regulatory Landscape: Understand the legal and regulatory landscape related to information security incidents, ensuring compliance with relevant laws and standards.
• Roles and Responsibilities in Incident Management: Learn about the roles and responsibilities of key stakeholders involved in incident management, including incident response teams and management.
• Communication and Coordination: Develop effective communication and coordination strategies for managing information security incidents, both internally and externally.
• Incident Identification and Classification: Explore techniques for the identification and classification of information security incidents, ensuring a timely and accurate response.
• Incident Response Planning: Understand the development and implementation of incident response plans, including the establishment of procedures, roles, and communication channels.
• Incident Assessment and Prioritization: Gain insights into the assessment and prioritization of information security incidents, considering the potential impact on the organization.
• Forensic Investigation Techniques: Learn about forensic investigation techniques used in incident management, including the preservation and analysis of evidence.
• Legal and Ethical Considerations in Incident Management: Explore legal and ethical considerations in incident management, emphasizing the importance of lawful and ethical practices.
• Continuous Improvement in Incident Management: Understand the principle of continual improvement in the context of incident management, emphasizing regular reviews and enhancements of processes.
• Documentation Practices: Learn the requirements for documenting incident management processes, ensuring transparency, traceability, and compliance with ISO/IEC 27035.
• Incident Reporting and Communication: Develop effective incident reporting and communication strategies, ensuring that relevant stakeholders are informed in a timely and appropriate manner.
• Collaboration with External Entities: Understand the importance of collaboration with external entities, such as law enforcement and regulatory bodies, in managing complex information security incidents.