CONTACT US twitter facebook

ISO 27035 Incident Manager

Course description

The ISO/IEC 27035 Lead Incident Manager training provides the expertise necessary to guide an organization in implementing an Information Security Incident Management plan in accordance with ISO 27035. Throughout this course, you'll gain in-depth knowledge of a process model designed to help create and evolve an organizational incident management plan. This training aligns with ISO/IEC 27035 and reinforces ISO/IEC 27001 by offering guidance on Information Security Incident Management.

After thoroughly understanding all vital aspects of Information Security Incident Management, you can proceed to take the exam. If you pass, you'll earn the “ISO/IEC 27035 Incident Manager” certificate. This certification serves as proof of your practical understanding and professional competence to support and guide a team in managing Information Security Incidents.

Target audience

  • Information Security Incident Management professionals
  • IT Department Heads
  • IT Audit Specialists
  • Managers aiming to form an Incident Response Team (IRT)
  • Managers seeking to enhance the operation of existing IRTs
  • Information Security Risk Management personnel
  • IT System Administrators
  • IT Network Administrators
  • Members participating in Incident Response Teams
  • Professionals tasked with overseeing Information Security within their organization

Learning outcomes

  • Grasp the principles, methods, tools, and approaches needed for effective Information Security Incident Management in accordance with ISO/IEC 27035
  • Recognize the correlation between ISO/IEC 27035 and other standards as well as regulatory frameworks
  • Develop the expertise necessary to guide an organization in implementing, managing, and maintaining an efficient Information Security Incident Response plan
  • Gain the proficiency required to counsel organizations about the best practices in Information Security Incident Management
  • Understand the significance of establishing robust procedures and policies for Incident Management processes
  • Cultivate the know-how needed to lead a successful Incident Response Team

Our approach

  • Training is based on both theory and best practices used in the definition and implementation of an Information Security Incident Management framework 
  • Modules are illustrated with a real world case study
  • Practical exercises are also based on a case study which includes role playing and discussions
  • Quiz questions are similar to the Certification Exam


  • An understanding of ISO/IEC 27035 and knowledge of Information Security frameworks.

Course Overview

  • Module 1: Basic concepts and principles of Information Security Incident Management
  • Module 2: Best practices in Information Security Incident Management based on ISO/IEC 27035
  • Module 3: Creation and development of an Organizational Incident Management process in line with ISO/IEC 27035
  • Module 4: Preparation for Information Security incidents and deployment of an Incident Management Plan
  • Module 5: Activation of the Incident Management Process and handling of Information Security Incidents
  • Module 6: Measuring performance and monitoring processes
  • Module 7: Enhancement of Incident Management processes and activities

Course Agenda

  • Day 1:  Foundational Information Security Incident Management principles and concepts
  • Day 2: Developing an Information Security Incident Management plan
  • Day 3: Envoking the Incident Management process and managing Information Security incidents
  • Day 4: Monitoring and improving the Information Security Incident Management framework, as well as the Certification Exam


  • All candidates at official training courses are tested throughout their course with quizzes and exercises, in combination with a final exam held on the last day of the course.  Both elements are a part of the overall score. For this course, the final exam constitutes a 12 question essay type which should be completed within 180 minutes. A passing score is achieved at 70%. Self-study candidates can purchase an exam voucher from our Store.
  • Exam results are returned within 24 hours, with successful candidates receiving both a digital badge and a Certificate of Achievement
download pdf