CONTACT US twitter facebook

Lead Cloud Security Manager

Course description

This training programme is structured to empower participants with the knowledge and practical skills necessary to aid an organization in planning, executing, overseeing, and sustaining a cloud security programme according to ISO/IEC 27017 and ISO/IEC 27018 standards. The course offers a thorough exploration of cloud computing fundamentals, risk management related to cloud security, cloud-specific controls, handling of cloud security incidents, and cloud security testing.

Upon completion of the course, a certification examination follows. Passing the exam enables you to obtain the "Certified Lead Cloud Security Manager" certification, a testament to your capability and proficiency in managing a cloud security programme in line with industry best practices.

Target audience

  • Professionals specializing in cloud security and information security looking to take on the management of a cloud security programme
  • Consultants or managers aiming to gain a deep understanding of cloud security best practices
  • Individuals tasked with the upkeep and management of a cloud security programme
  • Technical experts interested in expanding their knowledge of cloud security
  • Advisors recognized as experts in cloud security

Learning outcomes

Course delegates will;

  • Obtain a thorough understanding of the strategies, techniques, approaches, and methods necessary for the deployment and efficient management of a cloud security programme
  • Understand the correlation between ISO/IEC 27017, ISO/IEC 27018, and other standards, as well as regulatory frameworks
  • Develop the skill to interpret the guidelines of ISO/IEC 27017 and ISO/IEC 27018 within the unique context of an organization
  • Acquire the required expertise and knowledge to assist an organization in planning, executing, managing, overseeing, and maintaining a cloud security programme effectively
  • Gain the practical know-how to guide an organization in managing a cloud security programme according to best practices

Our approach

  • Theoretical foundations, methodologies, and industry best practices related to ISO management system audits
  • Instructional sessions enriched with examples derived from real-world case studies
  • Hands-on exercises grounded in a relevant case study
  • Interactive dialogue among participants through queries and recommendations
  • Individual and scenario-driven quizzes designed to help participants prepare for the certification examination


A foundational understanding of ISO/IEC 27017 and ISO/IEC 27018 and a general understanding of cloud computing concepts.

Course Overview

  • Module 1 Foundations of cloud computing 
  • Module 2 Policies for cloud computing 
  • Module 3 Cloud computing security risk assessments 
  • Module 4 Cloud-specific controls assessment and definitions 
  • Module 5 Cloud security awareness and training for staff 
  • Module 6 Incident management requirements based on ISO27035 
  • Module 7 Risk monitoring, reporting and development of a risk treatment plan, and continual improvement

Course Agenda

  • Day 1: Introduction to ISO/IEC 27017 and ISO/IEC 27018 and the initiation of a cloud security programme based on Prince2
  • Day 2: Cloud computing security risk assessment and management
  • Day 3: Risk treatment planning and activities
  • Day 4: Security incident management, monitoring, and improvement


  • All candidates at official training courses are tested throughout their course with quizzes and exercises, in combination with a final exam held on the last day of the course.  Both elements are a part of the overall score. For this course, the final exam constitutes a 12 question essay type which should be completed within 180 minutes. A passing score is achieved at 70%. Self-study candidates can purchase an exam voucher from our Store.
  • Exam results are returned within 24 hours, with successful candidates receiving both a digital badge and a Certificate of Achievement
download pdf