ISO/IEC 27035 standard as a reference framework. Based on practical exercises, participants acquire the necessary knowledge and skills to manage information security incidents in time by being familiar with their life cycle. During this training, we will present the ISO/IEC 27035 information security incident management standard, a process model for designing and developing an organizational incident management process, and how companies may use the standard. This training is also fully compatible with ISO/IEC 27035 which supports ISO/IEC 27001 by providing guidance for incident management.
Duration: 4 days
-
"Heavy days as they were packed with loads of information and input. But what was really impressive was both the energy and undisputed experience the instructor showed through the entire week.
Very good and satisfying experience -and I can express this on behalf of all persons joining the training (as I have received only good and positive feedback -> which you know is a pretty hard thing to achieve when you are working with professionals with long experience."
- Head of Hitachi Energy PSIRT
How will I benefit?
- Understand the concepts, approaches, methods, tools and techniques allowing an effective information security incident management according to ISO/IEC 27035
- Have the ability to understand, interpret and provide guidance on how to implement and manage incident management processes based on best practices of ISO/IEC 27035 and other relevant standards
- Acquire the competence to implement, maintain and manage an ongoing information security incident management program according to ISO/IEC 27035
- Gain the competence to effectively advise organizations on the best practices in information security management
Who should attend?
- Incident managers
- Business process owners
- Information security risk managers
- Regulatory compliance managers
- Members of incident response team
- Persons responsible for information security or conformity within an organization
What will I learn?
The programme is broken into five modules:
- Module 1: Introduction, incident management framework according to ISO/IEC 27035
- Module 2: Planning the implementation of an organizational incident management process based on ISO/IEC 27035
- Module 3: Implenting an incident management process
- Module 4: Monitoring, measuring and improving an incident management process
- Module 5: Certificate exam
Learning objectives
- Master the concepts, approaches, methods, tools and techniques that enable an effective Information Security Incident Management according to ISO/IEC 27035
- Acknowledge the correlation between ISO/IEC 27035 and other standards and regulatory frameworks
- Acquire the expertise to support an organization to effectively implement, manage and maintain an Information Security Incident Response plan
- Acquire the competence to effectively advise organizations on the best practices of Information Security Incident Management
- Understand the importance of establishing well-structured procedures and policies for Incident Management processes
- Develop the expertise to manage an effective Incident Response Team
What's included?
- Lunch
- Refreshments
- Comprehensive course materials
- Certificate of attendance
- Exam
Please note that the exam is included in the price, students can book the exam which is remotely invigilated at a time convenient to you.