Major Incident Response and Investigations

CSARN Global Cyber Academy

Format: Approximately 12 – 15 hours. Online and Self-paced. Using video presentations, written content, e-library and exercises. Study at a time and place suitable for you! Access to course tutor for enquiries and troubleshooting.


 Learning Outcomes and Assessment Criteria


Learning Outcomes.

Assessment Criteria: Assessment of these outcomes demonstrates a learner can:

1.1 Identifying and exploring the role of Incident Response Teams  (CERTS)

1.1 Describe and explain the processes and tools involved in Incident Responses and demonstrate an understanding of Incident and Emergency Response Team roles

2.1 Examine tools and techniques for Business Continuity and Disaster Recovery and establish underpinning standards, protocols and concepts in fields of DR, BC and Organisational Resilience

2.1 Explain, describe and apply concepts and practices in Business Continuity, Disaster Recovery and Organisational Resilience and apply the concepts to case study environments


3.1 Comprehend and describe how major security incidents are investigated and how evidence is contained and analysed and processed


3.1 Research, describe and explain the processes of planned and structured major security incident investigations. Apply frameworks such as the ACPO investigative guidelines and ISO standards for internal investigations (37008) and digital investigations (27037) (27041) and (27042)


3.2 Identify and explain laws and guidance in relation to the conduct of professional and structured major security incident investigations

3.2 Explain and apply relevant laws and professional practice in relation to security incidents and investigations



Indicative Content

  • Understanding cyber and physical security ‘threat Intelligence’ and security risk management
  • Legal and Ethical Principles underpinning workplace and cyber investigations
  • Understanding forensic science, lawful surveillance methods, forensic evidence and digital forensics
  • Building an investigations plan and resources
  • Implementing various international standards including generic ISO27001, NIST 800:34 and specialist such as ISO 27037
  • Building the right teams for Incident Response and Investigations
  • Integrating Incident Response and Crisis Management
  • Handling, recording and documenting evidence. Reporting and recording activity
  • Business Continuity Management (BCM)
  • Media and communications considerations
  • Devising your organisation’s Incident Response plan


Who should attend?

Workplace investigators. Senior Management Teams, CEOs, Chief Operating Officers, HR Managers and Directors, Chief Security Officers, IT Directors, Branch Managers, Aspiring Directors and Managers. Military and Police (closed sessions upon request).


About the tutor:

Richard Bingley is a cyber security risk manager and investigator. He is the author of several security books including the upcoming ‘Cyber Terrorism’ publication from IT Governance Press. A former Close Protection and information systems practitioner he served as senior lecturer for security and resilience at Buckinghamshire New University and a UK government ministerial events and press manager prior.

 Fee: £499 + VAT

Award: CSARN Academy Certificate of Achievement.


Credits: Passing this course by passing an additional 2000-word-assessment (submit an Incident Response Plan) provides 30 credits (UK Ofqual equivalent) for either of the Level 4 or Level 5 Diploma in Cyber Security, delivered by the CSARN Global Cyber Academy



Collections: Events, Frontpage, News

Type: Course

Related Items