ISO/IEC 27035 Lead Incident Manager - Training & Certification

Develop the expertise to lead and manage information security incident response with the PECB ISO/IEC 27035 Lead Incident Manager training course. Based on the internationally recognized ISO/IEC 27035 standard, this self-paced certification program equips professionals with the knowledge and practical skills to establish, implement, manage, and continually improve an Information Security Incident Management (ISIM) process.

Participants learn how to design incident response plans, coordinate incident response teams, assess and manage security incidents, perform post-incident reviews, and strengthen organizational resilience using internationally recognized best practices. Upon successfully passing the certification examination, participants may apply for the PECB Certified ISO/IEC 27035 Lead Incident Manager credential.

Why Should You Attend?

Information security incidents have become an inevitable challenge for organizations across every industry. Cyberattacks, insider threats, ransomware, phishing campaigns, and accidental data exposures can disrupt operations, damage reputations, and result in significant financial losses.

The ISO/IEC 27035 Lead Incident Manager training course prepares professionals to manage the complete incident lifecycle—from planning and preparation to detection, response, recovery, and continual improvement. Aligned with ISO/IEC 27035 and complementary standards including ISO/IEC 27001 and ISO/IEC 27005, this course provides practical guidance for building effective incident management programs that strengthen organizational resilience.

Who Should Attend?

This course is designed for:

• Information security managers

• Cybersecurity managers

• Incident response managers

• Incident response team (IRT) members

• Security Operations Center (SOC) professionals

• Governance, Risk, and Compliance (GRC) professionals

• IT managers and administrators

• Information security consultants

• Risk management professionals

• Professionals responsible for developing incident response plans

• Individuals pursuing advanced incident management certifications

Learning Objectives

Upon completion of this course, participants will be able to:

• Explain the principles of information security incident management

• Develop and implement effective incident response plans

• Establish and manage incident response teams

• Conduct risk assessments to identify threats and vulnerabilities

• Apply international best practices for incident management

• Coordinate incident detection, reporting, response, and recovery activities

• Conduct post-incident reviews and identify lessons learned

• Continually improve organizational incident management processes

Educational Approach

This self-study certification program combines official PECB course materials with practical exercises based on real-world incident management scenarios.

Participants receive:

• Official PECB training materials

• More than 450 pages of comprehensive course content

• Practical examples and case studies

• Scenario-based exercises

• Interactive quizzes

• Certification exam preparation resources

Practice quizzes closely reflect the certification examination and help participants prepare with confidence.

Prerequisites

Participants should have:

• General knowledge of information security

• Familiarity with incident management processes

• Understanding of the ISO/IEC 27000 family of standards

Previous experience with information security or cybersecurity is recommended.

Course Agenda

Day 1

• Introduction to information security incident management

• ISO/IEC 27035 concepts and principles

Day 2

• Designing and preparing an incident management plan

Day 3

• Detecting and reporting information security incidents

Day 4

• Monitoring incident management activities

• Continual improvement of the incident management process

Day 5

• Certification examination

Examination

The PECB Certified ISO/IEC 27035 Lead Incident Manager examination meets the requirements of the PECB Examination and Certification Program (ECP).

The examination evaluates the following competency domains:

Domain 1

Fundamental principles and concepts of information security incident management

Domain 2

Information security incident management processes based on ISO/IEC 27035

Domain 3

Designing and developing an organizational incident management process

Domain 4

Preparing and executing incident response plans

Domain 5

Managing information security incidents

Domain 6

Continual improvement of incident management processes

Certification Requirements

After successfully passing the certification examination, participants may apply for one of the following credentials.

PECB Certified ISO/IEC 27035 Provisional Incident Manager

Requirements include:

• Successful completion of the certification examination

• No professional experience required

• Agreement to the PECB Code of Ethics

PECB Certified ISO/IEC 27035 Incident Manager

Requirements include:

• Two years of professional experience, including one year in Information Security Incident Management

• 200 hours of Information Security Incident Management project experience

• Agreement to the PECB Code of Ethics

PECB Certified ISO/IEC 27035 Lead Incident Manager

Requirements include:

• Five years of professional experience, including two years in Information Security Incident Management

• 300 hours of Information Security Incident Management project experience

• Agreement to the PECB Code of Ethics

PECB Certified ISO/IEC 27035 Senior Lead Incident Manager

Requirements include:

• Ten years of professional experience, including seven years in Information Security Incident Management

• 1,000 hours of Information Security Incident Management project experience

• Agreement to the PECB Code of Ethics

Qualifying incident management activities include:

• Defining an incident management approach

• Establishing incident management objectives and scope

• Performing risk assessments

• Developing incident management programs

• Defining risk evaluation and acceptance criteria

• Evaluating risk treatment options

• Monitoring and continually improving incident management programs

General Information

Participants receive:

• Official PECB certification examination included with course registration

• One complimentary exam retake within 12 months if the first attempt is unsuccessful (subject to PECB policies)

• More than 450 pages of official training materials

• Practical exercises and scenario-based learning

• Certificate of course completion

• 31 Continuing Professional Development (CPD) credits

Training Format

Self-Study

Complete the course at your own pace using official PECB training materials, practical exercises, quizzes, case studies, and certification preparation resources. The flexible online format allows professionals to build advanced incident management expertise while preparing for the ISO/IEC 27035 Lead Incident Manager certification examination.