Loading...
Integrated Specialist Program in Information Security Incident Management, Business Continuity, and Disaster Recovery Manager
Description: After completing the course, participants will be able to demonstrate the following competences:
  • Plan and manage a full incident response lifecycle in accordance with ISO/IEC 27035.
  • Detect, classify, report, and resolve information security incidents using structured processes.
  • Define and maintain a Business Continuity Management System (BCMS) in line with ISO 22301.
  • Conduct BIA, assign continuity objectives, and plan effective emergency procedures.
  • Develop and execute disaster recovery strategies aligned with ISO/IEC 27031.
  • Identify critical systems and resources, define RTOs, and assign DR roles and responsibilities.
  • Evaluate incidents and recovery exercises, extract lessons learned, and process improvement.
Previous skills/knowledge: Participants are expected to have the following basic knowledge:
  • Familiarity with ISO/IEC 27001 and basic information security principles.
  • Understanding of risk management, organizational resilience, and digital infrastructure.
  • Basic awareness of management systems (PDCA) and their role in maintaining operations.
Authorized Partners:
TRAINING LINK
Teaching requirements: Trainers should meet the following requirements:
  • Subject Matter Expertise: deep and broad knowledge of ISO/IEC 27035-1/2/3/4, ISO 22301, ISO/IEC 27031, and proven experience in implementing ISMS, BCMS, and DR frameworks.
  • Certifications: recommended credentials include ISO/IEC 27001, ISO/IEC 27031, and ISO 22301 Lead Implementer or Auditor, and specialized qualifications in incident handling, continuity coordination, and disaster recovery.
  • Training & Practical Experience: minimum of 3 years in the field, covering incident response, BIA and risk analysis, business continuity planning, DR testing and coordination of crisis or recovery teams.
Objectives to achieve: The course aims to achieve the following objectives:
  • Understand the purpose, structure, and interrelation of ISO/IEC 27035, ISO 22301, and ISO/IEC 27031.
  • Gain practical skills in detecting, reporting, analyzing, and responding to information security incidents.
  • Conduct Business Impact Analyses and risk assessments to define continuity priorities.
  • Develop and document business continuity strategies, plans, and communication protocols.
  • Design, implement, and test disaster recovery plans aligned with ICT system dependencies.
  • Lead and coordinate multidisciplinary teams across incident, continuity, and recovery domains.
  • Integrate the outcomes of incident response, continuity operations, and recovery learning into management reviews and improvement processes.

Authorized Partners:
ICONTEC