The PECB Certified ISO/IEC 27032 Lead Cybersecurity Manager certification is for professionals needing to implement a cybersecurity management process throughout their organization using the ISO/IEC 27032 standard as a reference framework.
The principal competencies and knowledge skills needed by the market are the ability to support an organization in managing cybersecurity management process: planning, implementation, surveillance, re-examination and operation of cyber threats, continual improvement of protection from cyber-attacks, and stakeholders role on resolving Cybersecurity issues.
Various professions may apply for this certification:
- Cybersecurity professionals
- Information security experts
- Project managers wanting to manage the Cybersecurity program
- Technical experts wanting to prepare themselves for Cybersecurity functions
- Persons responsible to develop the Cybersecurity program
- Security and Business Process consultants
The requirements for the “PECB Certified ISO/IEC 27032 Lead Cybersecurity Manager” certifications are:
|Credential||Exam||Professional experience||CSMS project experience||Other requirements|
|ISO/IEC 27032 Provisional Cybersecurity Manager||PECB Certified ISO/IEC 27032 Lead Cybersecurity Manager Exam||Signing the PECB code of ethics|
|ISO/IEC 27032 Cybersecurity Manager||PECB Certified ISO/IEC 27032 Lead Cybersecurity Manager Exam||Two years One year of Cybersecurity Management related||Cybersecurity Management activities totaling 200 hours||Signing the PECB code of ethics|
|ISO/IEC 27032 Lead Cybersecurity Manager||PECB Certified ISO/IEC 27032 Lead Cybersecurity Manager Exam||Five years Two years of Cybersecurity Management related||Cybersecurity Management activities totaling 300 hours||Signing the PECB code of ethics|
For certification purposes, the following implementation types constitute valid implementation experience:
- External/consulting implementation
- Partial implementation
To be considered valid, these implementation activities should follow best implementation practices and include most of the following activities:
- Drafting a cybersecurity implementation business case
- Managing a Cybersecurity operation project
- Implementing and managing Cybersecurity processes based on ISO/IEC 27032
- Implementing objectives
- Implementing corrective or preventive action
- Performing internal controls
- Performing a management review
- Managing a Project team
Professional references must be from individuals who have professionally worked with you and can validate your service expertise in cybersecurity activities, current and previous work history, as well as your job performance. You cannot use anyone as a reference who falls under your supervision nor is a relative. At least two professional references are required.
Complete information is required: including job title, beginning dates, end dates, responsibilities and more. Summarize each assignment, providing sufficient detail to describe the nature of the responsibilities that you have had. This information can be detailed in your resume.
Cybersecurity Project experience
The candidate’s implementation log will be checked to ensure that the applicant has the minimal required number of implementation hours. The following implementation types constitute valid implementation experience: internal implementation, external/consulting implementation or partial implementation of Guidance on Project system. This information can be detailed in your resume.
Auditing of Certification Applications
PECB randomly audits applications to validate the candidate’s eligibility to certification. A candidate whose application is being audited will be notified in writing office and given a reasonable timeframe to provide any additional documentation if required. If a candidate does not respond by the deadline, or does not provide the required documentation within the given time frame, he or she may be declared ineligible.
Denial and Revocation of Certification
Certification will be denied or revoked for any of the following reasons:
- Falsification of application
- Violation of testing procedures
- Failure to pass the examination
- Denials or revocations of certification may be appealed to the Certification Board in writing.
Annual Renewal Certification Fee
To maintain your credentials active, there is an annual maintenance fee for each calendar year. Registrants who pay their annual maintenance fee will appear online in the PECB Directory of Certified Manager.
Maintain your Certification (Recertification)
The PECB designations are valid for three years. To maintain your certification, you must have accumulated the necessary 90 Continuing Professional Development credits (CPD) by the end of that three-year period and pay the recertification fee. CPD hours need to be inputted in your online PECB profile. PECB Certified Professionals who fail to provide the required CPD hours will have their PECB credentials revoked and will no longer be allowed to present themselves as certified PECB professionals.
Informations and registration:
Alexandra Niculae, Training Director ENVISO