top of page
Data Processing
Certified Information Security Incident Management (ISO 27035)

Target Students​

Information Security professionals

IT managers and system administrators

Incident response team members

Risk management professionals

Compliance officers

Individuals seeking certification in information security incident management

Duration :  4 days (32 hours of instruction)
Learning Objectives

-Understand the principles and framework of ISO 27035 for-managing information security incidents.

-Learn how to establish an effective incident management plan.

-Gain skills in identifying, analyzing, and responding to security incidents.

-Develop expertise in coordinating and managing an-incident response team.

-Understand the post-incident activities including reporting, investigation, and root cause analysis.

-Learn to continuously improve incident management practices within the organization

Exam Formats
 

Multiple-choice questions

Scenario-based analysis

Short answer questions

Exam Options
 

Online proctored exams

In-person at authorized testing centers

Exam Duration
 

Each exam: 90 minutes

Passing Score

70% for each exam

Exam Codes
 

  • ISIM-001: Incident Management Fundamentals

  • ISIM-002: Incident Response Planning and Execution

  • ISIM-003: Post-Incident Analysis and Continuous Improvement

Course Outline
Introduction to Information Security Incident Management

  • Overview of ISO 27035 Framework

  • Understanding the scope and structure of ISO 27035

  • Importance of incident management in information security

  • The role of incident management in maintaining organizational resilience

  • Types of Information Security Incidents

  • Classification of incidents (e.g., data breaches, malware attacks, insider threats)

  • Common sources of security incidents

  • Impact of incidents on business operations

Establishing an Incident Management Program

  • Incident Management Policy Development

  • Crafting a comprehensive incident management policy

  • Aligning the policy with organizational objectives and compliance requirements

  • Roles and responsibilities in incident management

  • Building an Incident Response Team (IRT)

  • Defining the structure and roles of the IRT

  • Skills and competencies required for IRT members

  • Coordination and communication within the IRT

  • Incident Response Planning

  • Developing an incident response plan (IRP)

  • Identifying key steps in incident handling and response

  • Integration of IRP with other organizational processes (e.g., business continuity, disaster recovery)

Incident Detection and Analysis

  • Incident Detection Techniques

  • Tools and technologies for detecting security incidents

  • Monitoring and logging activities for incident detection

  • Threat intelligence and early warning systems

  • Incident Classification and Prioritization

  • Assessing the severity and impact of incidents

  • Categorizing incidents for appropriate response

  • Prioritization criteria for incident handling

  • Incident Investigation and Forensics

  • Gathering and preserving evidence

  • Conducting forensic analysis to determine the cause and extent of incidents

  • Legal considerations and maintaining the chain of custody

Incident Response and Containment

  • Incident Response Procedures

  • Steps for immediate response to various types of incidents

  • Containment strategies to minimize damage

  • Communication protocols during an incident

  • Coordination with External Parties

  • Engaging with external experts and service providers

  • Reporting to regulatory bodies and stakeholders

  • Collaboration with law enforcement agencies

  • Recovery and Remediation

  • Steps to restore systems and data after an incident

  • Mitigation of vulnerabilities and prevention of recurrence

  • Documentation of response activities and lessons learned

Post-Incident Activities and Continuous Improvement

  • Post-Incident Review and Reporting

  • Conducting a post-incident review (PIR)

  • Preparing incident reports for internal and external stakeholders

  • Analysis of incident response effectiveness

  • Root Cause Analysis

  • Techniques for identifying root causes of incidents

  • Developing corrective actions to prevent future incidents

  • Integration of findings into the incident management process

  • Continuous Improvement of Incident Management

  • Regular updates to the incident management plan

  • Training and awareness programs for staff

  • Leveraging feedback and metrics to enhance incident management practices

Final Review and Certification Exam Preparation

  • Review Session

  • Recap of key concepts and best practices covered in the course

  • Practice questions and exam strategies

  • Q&A Session

  • Addressing any outstanding questions or concerns

  • Guidance on applying incident management practices in real-world scenarios

bottom of page