ISO/IEC 27400 Lead Manager
Build the skill to establish, implement, manage and improve IoT security and privacy aligned with ISO/IEC 27400, addressing the key security and privacy risks of Internet of Things environments.
Who is this course for?
- Managers and consultants responsible for IoT security and privacy
- IT/OT and product security professionals
- Risk and compliance managers in connected environments
- Professionals building an IoT security specialisation
What you'll gain
- The PECB Certified ISO/IEC 27400 Lead Manager credential, recognised internationally
- The ability to establish and manage an IoT security and privacy program
- Command of IoT security and privacy risks and controls
- A specialised profile in a fast-growing IoT security market
Course programme
Day 1 · Foundational concepts and introduction to ISO/IEC 27400
- IoT concepts, stakeholders and threat landscape
- The ISO/IEC 27400 framework
- Context of the organisation and program scope
Day 2 · Planning IoT security and privacy
- Leadership, policy and objectives
- IoT security and privacy risk assessment
- Risk treatment and applicable controls
Day 3 · Implementing IoT security and privacy controls
- IoT security controls
- IoT privacy controls
- Supplier and lifecycle management
Day 4 · Operation, monitoring and improvement
- Monitoring, measurement and performance
- Incident management
- Continual improvement of the program
Day 5 · Certification exam
- Review and mock exam
- Official "PECB Certified ISO/IEC 27400 Lead Manager" exam (3 hours)
Exam, credits & certification
Once you pass the exam, you can apply for the "PECB Certified ISO/IEC 27400 Lead Manager" credential. The exam includes 2 attempts: the first plus a free retake, usable within the following 12 months. Passing first time is no longer a source of pressure. CPD credits correspond to the course level according to PECB. The exam duration is indicative; ask me for the exact details when you enrol.
Your trainer

Ricardo Coronel Lemus
More than 20 years in cybersecurity and compliance, today a vCISO and GRC consultant with real clients in France, Spain and Mexico. I don't approach these standards theoretically: I apply them day to day with real clients: that's what I bring to the coaching and exam preparation I offer.
Frequently asked questions
Do I need any prerequisites?
What language is the exam in?
What is the difference between Self-Study and Self-Study + Coaching?
What if I don't pass the exam?
Is it useful for OT/IoT security and NIS2?
Ready to get certified in IoT security and privacy?
Choose your option above and enrol online. A question or need some advice? Write to me or book a call.