Overview:
RESILIA™ Practitioner is an additional two-day course which equips individuals with practical skills to achieve the best balance of risk, cost, operational benefits and flexibility within an organisation.
It covers all aspects of Cyber Resilience, beginning with creating and managing a risk treatment plan, and then moving onto creating a cyber resilience strategy. Then, it explains design and how ITSM processes and cyber resilience interact. The next module explores the operational aspect of cyber resilience before finishing with continual business improvements.
Target Audience:
The RESILIA™ Foundation course audience includes all teams across the IT and Risk functions.
Pre- requisites:
RESILIA™ Foundation / Module 1: Cyber Resilience Risk Management
Introduction to XYZ consulting and training case study
Distinguish between the terms: risk, asset, vulnerability, threat
Determine the actions needed to address risks and opportunities and explain their purpose –Establish context
-Establish criteria for risk assessment and acceptance
-Risk identification
-Risk analysis and evaluation
-Risk treatment
-Risk monitoring and review
Create and manage a risk register
Create and manage a risk treatment plan
Module 2: Cyber Resilience Strategy
Explain the purpose and use of the control objectives
– Establish governance
-Manage stakeholders
-Identify and categorise stakeholders
-Create and manage cyber resilience policies
-Manage audit and compliance
Explain how ITSM processes and cyber resilience interact
-Strategy management for IT Services
-Service portfolio management
-Financial Management for IT services
-Demand Management
-Business Relationship management
-Information risk management and risk treatment
Module 3: Cyber Resilience Design
Explain the purpose and key features of the control objectives:
-Human resource security
-System acquisition, development, architecture and design
-Supplier and 3rd party security
-Endpoint security
-Cryptography
-Business continuity
Explain how ITSM processes and cyber resilience interact: (knowledge of the underlying ITSM processes will not be examined)
-Design co-ordination
-Service catalogue management
-Service level management
-Availability management
-Capacity management
-IT Service continuity management / Module 4: Cyber Resilience Design
- Explain the purpose and use of the control objectives:
-Classification and handling
-Data transportation and removable media
-Change management
-Testing
-Training
-Documentation management
-Information retention
-Information
- Explain how ITSM processes and cyber resilience interact: (knowledge of the underlying ITSM processes will not be examined)
-Change management
-Service asset and configuration management
-Release and deployment management
-Service validation and testing
-Change evaluation
-Knowledge management
-Management of organisational change
Module 5: Cyber Resilience Operation
- Explain the purpose and use of the control objectives
-System acquisition, development, architecture and design
-Supplier and 3rd party security
-Endpoint security
-Cryptography
-Business continuity
- Explain how ITSM processes and cyber resilience interact: (knowledge of the underlying ITSM processes will not be examined)
-Incident management
-Request fulfilment
-Problem management
-Access management
-Service desk
-Technical management
-Application management
-IT Operations management
Module 6: Cyber Resilience Continual Improvement
- Explain the purpose and use of the control objectives
-Control assessment
-Key performance indicators
-Business continuity improvements
-Process improvements
-Remediation and improvement planning
Apply the seven-step improvement process to plan cyber resilience improvements
Apply the ITL CSI approach to cyber resilience
- Purpose and benefits of segregation of duties and dual controls
-Segregation of duties: development and operations
-Roles and responsibilities, and separation of controls
-What is meant by ‘dual control?’
-Segregation of duties and cyber resilience
RESILIATM is a trade mark of AXELOS Limited, used under permission of AXELOS Limited. All rights reserved.