Module 1: Course Introduction
- 1.1 Let us get to know each other
- 1.2 Course learning objectives
- 1.6 Course book structure
- 1.7 RESILIA certification
Module 2: Risk Management
- 2.1 Distinguish between the terms: risk, asset, vulnerability, threat
- 2.2 Determine the actions needed to address risks and opportunities and explain their purpose
- 2.3 Create and manage a: a) Risk register; b) Risk treatment plan
Module 3: Cyber Resilience Strategy
- 3.1 Explain the purpose and use of the control objectives: a) Establish governance; b) Manage stakeholders; c) Identify and categorize stakeholders; d) Create and manage cyber resilience policies; e) Manage audit and compliance
- 3.2 Explain how ITSM processes and cyber resilience interact
Module 4: Cyber Resilience Design
- 4.1 Explain the purpose and use of the control objectives: a) Human resource security; b) System acquisition, development, architecture and design; c) Supplier and 3rd party security; d) Endpoint security; e) Cryptography; f) Business continuity
- 4.2 Explain how ITSM processes and cyber resilience interact
Module 5: Cyber Resilience Transition
- 5.1 Explain the purpose and use of the control objectives: a) Asset management and configuration management; b) Classification and handling; c) Data transportation and removable media; d) Change management; e) Testing; f) Training; g) Documentation management; h) Information retention; i) Information disposal
- 5.2 Explain how ITSM processes and cyber resilience interact
Module 6: Cyber Resilience Operation
- 6.1 Explain the purpose and use of the control objectives: a) Access control; b) Network security management; c) Physical security; d) Operations security; e) Incident management
- 6.2 Explain how ITSM processes and cyber resilience interact
Module 7: Cyber Resilience Continual Improvement
- 7.1 Explain the purpose and use of the control objectives: a) Audit and review; b) Control assessment; c) Key Performance Indicators; d) Business continuity improvements; e) Process improvements; f) Remediation and improvement planning
- 7.2 Apply the seven-step improvement process to plan cyber resilience improvements
- 7.3 Apply the ITIL CSI approach to cyber resilience
Module 8: Segregation of Duties and Dual Controls
- 8.1 Apply the concepts of segregation of duties and dual controls to an organizational context
3.1 Explain the purpose and use of the control objectives: a) Establish governance; b) Manage stakeholders; c) Identify and categorize stakeholders; d) Create and manage cyber resilience policies; e) Manage audit and compliance 3.2 Explain how ITSM processes and cyber resilience interact
4.1 Explain the purpose and use of the control objectives: a) Human resource security; b) System acquisition, development, architecture and design; c) Supplier and 3rd party security; d) Endpoint security; e) Cryptography; f) Business continuity 4.2 Explain how ITSM processes and cyber resilience interact
5.1 Explain the purpose and use of the control objectives: a) Asset management and configuration management; b) Classification and handling; c) Data transportation and removable media; d) Change management; e) Testing; f) Training; g) Documentation management; h) Information retention; i) Information disposal 5.2 Explain how ITSM processes and cyber resilience interact
6.1 Explain the purpose and use of the control objectives: a) Access control; b) Network security management; c) Physical security; d) Operations security; e) Incident management 6.2 Explain how ITSM processes and cyber resilience interact
