ISO/IEC 27035: Foundation
The ISO/IEC 27035: Foundation course provides participants with a comprehensive understanding of information security incident management based on ISO/IEC 27035, the international standard that defines best practices for planning, establishing, operating, and continually improving incident management processes. ISO/IEC 27035 is published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It complements ISO/IEC 27001 by providing structured guidance on how organizations detect, respond to, recover from, and learn from information security incidents. This Foundation-level course goes beyond awareness and introduces practical concepts, roles, processes, and documentation required for effective incident management. It prepares participants to support incident response activities, ISMS operations, audits, and continual improvement initiatives, and serves as a prerequisite for advanced ISO/IEC 27035 certifications. Course Objectives By the end of this course, participants will be able to: Understand the requirements and guidance of ISO/IEC 27035 Explain the information security incident management lifecycle Understand roles, responsibilities, and governance for incident management Support detection, reporting, assessment, and response activities Understand how incident management integrates with an ISMS Prepare for the ISO/IEC 27035 Foundation certification examination
Course Curriculum
1
- Information security events vs incidents
- Types of information security incidents
- Impact of incidents on business operations
- Objectives of incident management
2
- Purpose and scope of ISO/IEC 27035
- Structure of the standard
- Intended users and benefits
- Relationship with ISO/IEC 27001 and ISO/IEC 27002
3
- Structured and systematic response
- Timeliness and coordination
- Communication and escalation
- Continual improvement
4
- Planning and preparation
- Detection and reporting
- Assessment and decision-making
- Response and recovery
- Lessons learned and improvement
5
- Incident management policy and procedures
- Roles, responsibilities, and teams
- Incident response plans and playbooks
- Awareness and readiness
6
- Incident detection sources
- Reporting channels and escalation paths
- Incident logging and tracking
- Classification and prioritization
7
- Containment and eradication
- Recovery activities
- Coordination with business continuity
- Communication during incidents
8
- Incident records and reports
- Evidence collection and preservation (overview)
- Supporting investigations and audits
- Documentation control
9
- Post-incident review and lessons learned
- Root cause analysis (overview)
- Corrective and preventive actions
- Improving incident management processes
10
- Supporting ISO/IEC 27001 requirements
- Linking incidents to risk management
- Management review inputs
- Audit considerations
11
- Review of ISO/IEC 27035 Foundation syllabus
- Sample questions and exam techniques
- Certification exam guidance
12
- Information security and IT professionals
- ISMS implementers and coordinators
- Incident response and SOC team members
- Risk, compliance, and governance professionals
- Internal auditors and consultants
- Professionals preparing for ISO/IEC 27035 Foundation certification
13
- ISO/IEC 27035 Introduction or equivalent knowledge
- Basic understanding of information security concepts
This course includes
- 13+ Activity Modules
- 40 hours + lessons
- Lifetime access
- Certificate of completion
- Available on desktop and mobile
Some of Our Partners
