Contact Us

ISO_27035 Security Incident Management Foundation

Cybersecurity

Course Overview


This course enables participants to learn about the best practices for implementing and managing a security incident management process throughout their organization using the ISO/IEC 27035 standard as a reference framework. This training is fully compatible with ISO/IEC 27035, which supports ISO/IEC 27001 by providing guidance for incident management. The course material has also taken into consideration leading industry standards, such as NIST SP 800-61.


Duration: 2 days / 16 hours

Delivery Method: Classroom-based, Virtual Instructor-Led Training


WHY SHOULD YOU ATTEND?

·      ISO/IEC 27035 Foundation training enables you to learn the basic elements to implement an Incident Management Plan and manage Information Security Incidents. During this training course, you will be able to understand Information Security Incident Management processes.

·      After completing this course, you can sit for the exam and apply for the “PECB Certificate Holder in ISO/IEC 27035 Foundation” certificate. A PECB Foundation Certificate shows that you have understood the fundamental methodologies, requirements, and management approach.

 

WHO SHOULD ATTEND?

·      Individuals interested in Information Security Incident Management process approaches

·      Individuals seeking to gain knowledge about the main principles and concepts of Information Security Incident Management

·      Individuals interested to pursue a career in Information Security Incident Management

 

LEARNING OBJECTIVES

·      Understand the basic concepts of Information Security Incident Management

·      Acknowledge the correlation between ISO/IEC 27035 and other standards and regulatory frameworks

·      Understand the process approaches used to effectively manage Information Security Incidents


EDUCATIONAL APPROACH

·      Lecture sessions are illustrated with practical questions and examples

·      Practical exercises include examples and discussions

·      Practice tests are similar to the Certificate Exam

 

PREREQUISITES

·      Basic knowledge on Security Incident Management is preferred.



Course Outline


Day 1 - Introduction to the incident management framework, according to ISO/IEC 27035

·      Information security incident management

·      The ISO/IEC 27035 core processes

·      Fundamental principles of information security

·      Linkage to business continuity

·      Legal and ethical issues


Day 2 - Organizational Incident Management Process based on ISO/IEC 27035

·      Initiating a Security Incident Management Process

·      Understanding the organization and clarifying the objectives

·      Plan and prepare

·      Roles and functions

·      Policies and procedures

·      Analysis of lessons learned

·      Corrective actions

·      Competence and evaluation of incident managers

·      ISO/IEC 27035 Foundation exam

REGISTER NOW