Course Overview
This course enables participants to learn about the best practices for implementing and managing an incident management process throughout their organization using the ISO/IEC 27035 standard as a reference framework. This training is fully compatible with ISO/ IEC 27035, which supports ISO/IEC 27001 by providing guidance for incident management. The course material has also taken into consideration leading industry standards, such as NIST SP 800-61.Who should attend?
- Members of an Information Security Risk Management team
- Professionals wanting to gain a comprehensive knowledge of the main processes of Incident Management
- Staff involved in the implementation of the ISO/IEC 27035 standard
- Persons responsible for information security or conformity within an organization
- Business Continuity Managers
Learning objectives
- To understand the implementation of an Incident Management process
- To understand the relationship between an Incident Management process with the requirements of different stakeholders of the organization
- To know the concepts, approaches, standards, methods and techniques allowing an effective Information Security Incident Management based on ISO/IEC 27035
- To acquire the necessary knowledge to contribute in implementing an ongoing information security incident management program according to ISO/IEC 27035
Course Agenda
Day 1: Introduction to the incident management framework, according to ISO/IEC 27035- Information security incident management
- The ISO/IEC 27035 core processes
- Fundamental principles of information security
- Linkage to business continuity
- Legal and ethical issues
- Initiating a Security Incident Management Process
- Understanding the organization and clarifying the objectives
- Plan and prepare
- Roles and functions
- Policies and procedures
- Analysis of lessons learned
- Corrective actions
- Competence and evaluation of incident managers •
Prerequisites
Basic knowledge of Incident Management is preferred.Educational approach
- This training is based on both theory and practice:
- Sessions of lectures illustrated with examples based on real cases
- Review exercises to assist the exam preparation
- Practice test similar to the certification exam
- To benefit from the practical exercises, the number of training participants is limited
Search Course
LATEST COURSES
Managing Operational Incidents
January 30,2023 / 0 Comments
Implementing Risk and Resilience
January 30,2023 / 0 Comments
Resilient Culture
January 27,2023 / 0 Comments