ISO/IEC 27035 Lead Incident Manager

The RQBSA ISO/IEC 27035 Lead Incident Manager training course provides participants with the expertise needed to assist organizations in establishing and executing a comprehensive process for managing information security incidents. Based on the ISO/IEC 27035 series and industry best practices, this course covers the full incident lifecycle—from preparation and response to post-incident activities. Additionally, participants will gain insights into the role of key stakeholders and the significance of collaboration with other organizations to effectively address security incidents.

Why Attend?

In today’s digital landscape, information security incidents—whether intentional or accidental—are almost unavoidable, affecting businesses across various industries. This course equips participants with the skills to detect, assess, respond to, and report security incidents, helping organizations protect their data and minimize operational disruptions.

Aligned with ISO/IEC 27001, ISO/IEC 27005, and other standards in the ISO/IEC 27000 series, this training offers practical guidance on managing security incidents.

Upon successfully completing the course and passing the exam, participants can apply for the “RQBSA Certified ISO/IEC 27035 Lead Incident Manager” credential, demonstrating their expertise in strategically managing and mitigating security incidents.

Who Should Attend?

This course is ideal for:

  • Managers or consultants looking to enhance their understanding of security incident management
  • Professionals responsible for forming and leading Incident Response Teams (IRTs)
  • IT and security risk managers aiming to strengthen their incident response capabilities
  • Incident response team members handling security incidents
  • Incident response coordinators or individuals responsible for incident handling and response

Learning Objectives

By the end of this course, participants will be able to:

  • Understand the core principles of incident management
  • Develop and implement effective incident response plans tailored to organizational needs
  • Select and structure an incident response team
  • Conduct thorough risk assessments to identify threats and vulnerabilities
  • Apply international best practices to enhance incident response effectiveness
  • Perform post-incident analysis and extract key lessons learned

Educational Approach

  • The course blends theoretical concepts with practical best practices for managing security incidents
  • Includes essay-based exercises and multiple-choice quizzes, some structured around real-world scenarios
  • Encourages collaboration and interactive discussions among participants
  • The quiz format mirrors the certification exam, ensuring participants are well-prepared

Prerequisites

Participants should have a basic understanding of incident management processes, information security principles, and the ISO/IEC 27000 standards family.

Day 1: Introduction to information security incident management concepts and ISO/IEC 27035

Day 2: Designing and preparing an information security incident management plan

Day 3: Detecting and reporting information security incidents

Day 4: Monitoring and continual improvement of the information security incident management process

Day 5: Certification exam

The “RQBSA Certified ISO/IEC 27035 Lead Incident Manager” exam aligns with the RQBSA Examination and Certification Program (ECP) requirements. It evaluates candidates across the following competency domains:

  • Domain 1: Core principles and concepts of information security incident management
  • Domain 2: Information security incident management process based on ISO/IEC 27035
  • Domain 3: Designing and developing an organizational incident management framework in line with ISO/IEC 27035
  • Domain 4: Preparing and implementing an incident response plan for security incidents
  • Domain 5: Executing incident management processes and overseeing security incidents
  • Domain 6: Enhancing and refining incident management processes and activities

For details on exam format, available languages, and other specifics, please refer to the List of RQBSA Exams and the Examination Rules and Policies.

After successfully passing the exam, you can apply for one of the RQBSA credentials listed below. Certification is awarded upon meeting all the requirements for the selected credential.

RQBSA Certified ISO/IEC 27035 Provisional Incident Manager
  • Exam: RQBSA Certified ISO/IEC 27035 Lead Incident Manager Exam or equivalent
  • Professional Experience: None
  • ISIMMS Project Experience: None
  • Other Requirements: Signing the RQBSA Code of Ethics
RQBSA Certified ISO/IEC 27035 Incident Manager
  • Exam: RQBSA Certified ISO/IEC 27035 Lead Incident Manager Exam or equivalent
  • Professional Experience: Two years, including one year of work experience in Information Security Incident Management
  • ISIMMS Project Experience: 200 hours in ISIM activities
  • Other Requirements: Signing the RQBSA Code of Ethics
RQBSA Certified ISO/IEC 27035 Lead Incident Manager
  • Exam: RQBSA Certified ISO/IEC 27035 Lead Incident Manager Exam or equivalent
  • Professional Experience: Five years, including two years of work experience in Information Security Incident Management
  • ISIMMS Project Experience: 300 hours in ISIM activities
  • Other Requirements: Signing the RQBSA Code of Ethics
RQBSA Certified ISO/IEC 27035 Senior Lead Incident Manager
  • Exam: RQBSA Certified ISO/IEC 27035 Lead Incident Manager Exam or equivalent
  • Professional Experience: Ten years, including seven years of work experience in Information Security Incident Management
  • ISIMMS Project Experience: 1,000 hours in ISIM activities
  • Other Requirements: Signing the RQBSA Code of Ethics
Incident Management Project Experience

The incident management project experience should follow best implementation practices and include:

  • Defining an incident management approach
  • Establishing incident management objectives and scope
  • Conducting risk assessments
  • Developing an incident management program
  • Setting risk evaluation and acceptance criteria
  • Assessing risk treatment options
  • Continuously monitoring and reviewing the incident management program

For more details on ISO/IEC 27035 certifications and the RQBSA Certification process, please refer to the Certification Rules and Policies.

  • The certification and examination fees are included in the training course price.
  • Participants will receive comprehensive training materials with over 450 pages of content, including practical examples, exercises, and quizzes.
  • Upon completing the training course, participants will receive an attestation of course completion, earning 31 CPD (Continuing Professional Development) credits.
  • Candidates who complete the course but do not pass the exam are entitled to one free retake within 12 months from the original exam date.

For further details, please contact us at support@rqbsa.com or visit www.rqbsa.com.

Get in touch with us today to begin your journey and take the first step toward achieving ISO/IEC 27035 certification.

Contact Us

Course Information

Training Days: 5

CPD Certification (Credits): 31

Exam Duration : 3 hours

Retake Exam: Yes

Courses

ISO/IEC 27035 Foundation

ISO/IEC 27035 Lead Incident Manager

Resources

Download Training details

ISO/IEC 27035 Info Kit

RABQSA offers the ISO/IEC 27035 Information Security Management training and certification that helps your organization secure their valuable information.

Learn more

choose the training that fits your career goals and get certified with RABQSA!

Contact Us
  • support@rabqsa.com
  • Rabqsa
  • Rabqsa
  • Rabqsa

Training & Certification

Resources

Network

Certification

  • • Certification Rules and Policies
  • • Certification Maintenance
  • • Certificate Verification
  • • Master Credentials

Company

  • • About Us
  • • Affiliations
  • • Jobs
  • • Leadership, Committees and Advisory Boards
  • • RABQSA Code of Ethics

© 2025 RABQSA. All rights reserved.

Terms and Conditions

Facebook Linkedin Twitter