-
Course Overview
RESILIA: Cyber Resilience Best Practice is designed to help commercial and government organisations around the world prevent, detect and correct any impact cyber attacks will have on the information required to do business. Adding RESILIA to the existing AXELOS global best practice portfolio, including ITIL® and PRINCE2®, brings a common cyber resilience best practice for security, IT service management and business. Active cyber resilience is achieved through people, process and technology.
The RESILIA Foundation course starts with the purpose, key terms, the distinction between resilience and security, and the benefits of implementing cyber resilience. It introduces risk management and the key activities needed to address risks and opportunities. Further, it explains the relevance of common management standards and best practice frameworks to achieve cyber resilience. Subsequently, it identifies the cyber resilience processes, the associated control objectives, interactions and activities that should be aligned with corresponding ITSM activities. In the final part of the course, it describes the segregation of duties and dual controls related to cyber resilience roles and responsibilities.
About the Course
After successfully completing the RESILIA Foundation course, you will have demonstrated their knowledge of:
- The purpose, benefits, and key terms of cyber resilience.
- The purpose of risk management and the key activities needed to address risks and opportunities.
- The purpose of a management system and how best practices and standards can contribute.
- The purpose of cyber resilience strategy, the associated control objectives, and their interactions with ITSM activities.
- The purpose of cyber resilience design, the associated control objectives and their interactions with ITSM activities.
- The purpose of cyber resilience transition, the associated control objectives, and their interactions with ITSM activities.
- The purpose of cyber resilience operation, the associated control objectives, and their interactions with ITSM activities.
- The purpose of cyber resilience continual improvement, the associated control objectives, and their interactions with ITSM activities.
- The purpose and benefits of segregation of duties and dual controls.
Who Should Attend
The RESILIA Foundation certification is aimed at:
- IT and security functions Risk and compliance functions Core business functions including HR, Finance, Procurement, Operations and Marketing.
- The awareness learning is for the entire organisation.
- The leadership engagement delivers specialised training and learning for the leaders within an organisation
Materials Provided
You will receive a copy of the classroom presentation material and Cyber Resilience Best Practices handbook.
-
Course Dates
-
Course Description
Course Outline
Module 1: Intro to Cyber Resilience
- Describe what cyber resilience is
- Identify the benefits of cyber resilience
- Identify the terms
- Identify the purpose of balancing
- Identify the need for:
- Confidentiality
- Integrity
- Availability
- Authentication
- Nonrepudiation
Module 2: Risk management
- Describe what risk management is
- Identify the purpose of risk management
- Identify the terms: risk, asset, vulnerability, threat
- Describe actions to address risks and opportunities:
- Establish context
- Establish criteria for risk assessment and acceptance
- Risk identification
- Risk analysis and evaluation
- Risk treatment
- Risk monitoring and review
- Identify the terms:
- Risk register
- Risk avoidance
- Risk modification
- Risk sharing
- Risk retention
- Risk treatment plan
- Defence-in-depth
Module 3: Managing Cyber Resilience
- Identify the purpose and scope of a management system
- Identify the components of a management system
- Recognise the relevance of common management standards and best practice frameworks to cyber resilience
- Describe the difference between management, governance, and compliance
Module 4: Cyber Resilience Strategy
- Identify what cyber resilience strategy is intended to achieve
- Identify cyber resilience activities that should be aligned with IT service strategy
- Describe the purpose and key features of the control objectives
- Identify interactions between the following ITSM processes and cyber resilience
Module 5: Cyber Resilience Design
- Identify what cyber resilience design is intended to achieve
- Identify cyber resilience activities that should be aligned with IT service design
- Describe the purpose and key features of the control objectives
- Identify interactions between the following ITSM processes and cyber resilience
Module 6: Cyber Resilience Transition
- Identify what cyber resilience transition is intended to achieve
- Describe the purpose and key features of the control objectives
- Identify interactions between the following ITSM processes and cyber resilience
Module 7: Cyber Resilience Operation
- Identify what cyber resilience operation is intended to achieve
- Describe the purpose and key features of the control objectives
- Identify interactions between the following ITSM processes and cyber resilience
Module 8: Cyber Resilience Continual Improvement
- Identify what cyber resilience continual improvement is intended to achieve
- Recognise maturity models and their purpose
- Describe the purpose and key features of the control objectives
- Describe how the seven-step improvement process can be used to plan cyber resilience improvements 8.5 Describe how to use ITIL CSI approach to plan cyber resilience improvements
Module 9: Cyber Resilience Roles & Responsibilities
- Describe segregation of duties and dual controls