hr en

PECB Certified ISO/IEC 27035 Foundation

Become acquainted with the best practices for implementing and managing a Security Incident Management Process based on ISO/IEC 27035


This course enables participants to learn about the best practices for implementing and managing an incident management process throughout their organization using the ISO/IEC 27035 standard as a reference framework. This training is fully compatible with ISO/ IEC 27035, which supports ISO/IEC 27001 by providing guidance for incident management. The course material has also taken into consideration leading industry standards, such as NIST SP 800-61.


Who should attend?

  • Members of an Information Security Risk Management team
  • Professionals wanting to gain a comprehensive knowledge of the main processes of Incident Management
  • Staff involved in the implementation of the ISO/IEC 27035 standard
  • Persons responsible for information security or conformity within an organization
  • Business Continuity Managers

Learning objectives

  • To understand the implementation of an Incident Management process
  • To understand the relationship between an Incident Management process with the requirements of different stakeholders of the organization
  • To know the concepts, approaches, standards, methods and techniques allowing an effective Information Security Incident Management based on ISO/IEC 27035
  • To acquire the necessary knowledge to contribute in implementing an ongoing information security incident management program according to ISO/IEC 27035

Course Agenda

Day 1: Introduction to the incident management framework, according to ISO/IEC 27035 

  • Information security incident management
  • The ISO/IEC 27035 core processes
  • Fundamental principles of information security
  • Linkage to business continuity
  • Legal and ethical issues

Day 2: Organizational Incident Management Process based on ISO/IEC 27035

  • Initiating a Security Incident Management Process
  • Understanding the organization and clarifying the objectives
  • Plan and prepare
  • Roles and functions
  • Policies and procedures
  • Analysis of lessons learned
  • Corrective actions
  • Competence and evaluation of incident managers 

Day 3: Certification Exam


Basic knowledge of Incident Management is preferred.

Educational approach

  • This training is based on both theory and practice:
  • Sessions of lectures illustrated with examples based on real cases
  • Review exercises to assist the exam preparation
  • Practice test similar to the certification exam
  • To benefit from the practical exercises, the number of training participants is limited
  • Examination and Certification
  • The “PECB Certified ISO/IEC 27035 Foundation” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competence domains:
  • Domain 1: Fundamental principles and concepts of Incident Management 
  • Domain 2: Information Security Incident Management
  • The “PECB Certified Security Incident Foundation” exam is available in different languages (the complete list of languages can be found in the examination application form)
  • Duration: 1 hour
  • For more information about exam, refer to PECB section on PECB Certified Security Incident Foundation
  • A certificate of "PECB Certified ISO/IEC 27035 Foundation" will be issued to participants who successfully pass the exam and comply with all the other requirements related to this credential

General Information

  • Certification fees are included in the exam price
  • A student manual containing over 200 pages of information and practical examples will be distributed to participants
  • A participation certificate of 14 CPD (Continuing Professional Development) credits certificate will be issued to participants
  • In case of failure of the exam, participants are allowed to retake the exam for free under certain conditions

Price: 5.750,00 Kn + VAT

ZIH d.o.o., tel:  01/4855-271, 4855-273, fax: 01/4855-272, e-mail:


download download