What is included?

• You have 12 months time as of reception of the learning material to learn, do the exam and get your certification
  
• Certification and examination fees are included in the price of the training course 
• Training material containing over 400 pages of information and practical examples will be distributed  
  
• An Attestation of Course Completion worth 31 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course. 
• In case candidates do not pass the exam, they are entitled to a free retake within 12 months from the date the coupon code is received  
• + 20% reduction on the first year subscription for our all-in-one ISMS/GRC management solution
  

Why should you take this training course?

The growing number of organizations that support remote work has increased the use of cloud computing services, which has, in turn, increased the demand for a secure cloud infrastructure proportionally. 

This training course is designed to help participants acquire the knowledge and skills needed to support an organization in effectively planning, implementing, managing, monitoring, and maintaining a cloud security program based on ISO/IEC 27017 and ISO/IEC 27018. It provides a comprehensive elaboration of cloud computing concepts and principles, cloud computing security risk management, cloud-specific controls, cloud security incident management, and cloud security testing.

The training course is followed by the certification exam. If you successfully pass it, you can apply for a “PECB Certified Lead Cloud Security Manager” credential. A PECB Lead Cloud Security Manager Certificate demonstrates your ability and competencies to manage a cloud security program based on best practices.

Who should attend?

This training course is intended for:

• Cloud security and information security professionals seeking to manage a cloud security program 
• Managers or consultants seeking to master cloud security best practices
• Individuals responsible for maintaining and managing a cloud security program
• Technical experts seeking to enhance their cloud security knowledge 
• Cloud security expert advisors

Training course structure

Module 1: Introduction to ISO/IEC 27017 and ISO/IEC 27018, and the initiation of a cloud security program

• Training course objectives and structure
• Standards and regulatory frameworks
• Fundamental cloud computing concepts and principles
• Understanding the organization’s cloud computing architecture
• Information security roles and responsibilities related to cloud computing
• Information security policy for cloud computing

Module 2: Cloud computing security risk management and cloud-specific controls

• Cloud computing security risk management
• Selection and design of cloud-specific controls
• Implementation of cloud-specific controls (part 1)

Module 3: Documented information management and cloud security awareness and training

• Implementation of cloud-specific controls (part 2)
• Documented information management in the cloud
• Cloud security awareness and training

Module 4: Cloud security incident management, testing, monitoring, and continual improvement

• Cloud security incident management
• Cloud security testing
• Monitoring, measurement, analysis, and evaluation
• Continual improvement
• Closing of the training course

Certification Exam

Learning objectives

Upon successfully completing the training course, you will be able to:

• Gain a comprehensive understanding of the concepts, approaches, methods, and techniques used for the implementation and effective management of a cloud security program 
• Acknowledge the correlation between ISO/IEC 27017, ISO/IEC 27018, and other standards and regulatory frameworks
• Gain the ability to interpret the guidelines of ISO/IEC 27017 and ISO/IEC 27018 in the specific context of an organization
• Develop the necessary knowledge and competence to support an organization in effectively planning, implementing, managing, monitoring, and maintaining a cloud security program
• Acquire the practical knowledge to advise an organization in managing a cloud security program by following best practices

Examination

The “PECB Certified ISO 28000 Lead Auditor” exam fully meets the requirements of the PECB Examination and Certification Program (ECP). It covers the following competency domains:

• Domain 1: Fundamental principles and concepts of cloud computing
• Domain 2: Information security policy for cloud computing and documented information management
• Domain 3: Cloud computing security risk management
• Domain 4: Cloud-specific controls based on ISO/IEC 27017 and ISO/IEC 27018 and best practices
• Domain 5: Cloud security awareness, training, roles, and responsibilities
• Domain 6: Cloud security incident management
• Domain 7: Cloud security testing, monitoring, and continual improvement

Duration: 3 hours
Location: Online through the PECB app OR in person in one of the PECB exam centers
Preparation: PECB Exam Preparation Guides
Language: The exam is available in multiple other languages and does not need to be taken in the same language as the training material. Additional time can be requested when your native language is not available in your mother tongue (to be requested by candidates on the exam day)
Retake: In case you fail the exam, you can retake it within 12 months following the initial attempt for free

For specific information about the exam type, languages available, and other details, please visit the List of PECB Exams and the Examination Rules and Policies.

Certification? 

After successfully passing the exam, you can apply for one of the credentials below. You will receive the certificate once you comply with all the relevant requirements.

The requirements for PECB Cloud Security Manager Certifications are as follows:

The cloud security project experience should follow best implementation and management practices and include the following activities:

• 1. Implementing a cloud security program
  2. Managing a cloud security program
  3. Managing documented information in the cloud
  4. Monitoring the cloud security performance
  5. Managing a cloud security team

​For more information about cybersecurity certifications and the PECB certification process, refer to the Certification Rules and Policies..

Contact us on [email protected] if you have other questions