Cyber Resilience RESILIA Foundation (CRRF) – Outline

Detailed Course Outline

Module 1: Intro to Cyber Resilience

  • 1.1 Describe what cyber resilience is
  • 1.2 Identify the benefits of cyber resilience
  • 1.3 Identify the terms
  • 1.4 Identify the purpose of balancing
  • 1.5 Identify the need for:
    • a) Confidentiality
    • b) Integrity
    • c) Availability
    • d) Authentication
    • e) Nonrepudiation

Module 2: Risk management

  • 2.1 Describe what risk management is
  • 2.2 Identify the purpose of risk management
  • 2.3 Identify the terms: risk, asset, vulnerability, threat
  • 2.4 Describe actions to address risks and opportunities:
    • a) Establish context
    • b) Establish criteria for risk assessment and acceptance
    • c) Risk identification
    • d) Risk analysis and evaluation
    • e) Risk treatment
    • f) Risk monitoring and review
  • 2.5 Identify the terms:
    • a) Risk register
    • b) Risk avoidance
    • c) Risk modification
    • d) Risk sharing
    • e) Risk retention
    • f) Risk treatment plan
    • g) Defence-in-depth

Module 3: Managing Cyber Resilience

  • 3.1 Identify the purpose and scope of a management system
  • 3.2 Identify the components of a management system
  • 3.3 Recognize the relevance of common management standards and best practice frameworks to cyber resilience
  • 3.4 Describe the difference between management, governance, and compliance

Module 4: Cyber Resilience Strategy

  • 4.1 Identify what cyber resilience strategy is intended to achieve
  • 4.2 Identify cyber resilience activities that should be aligned with IT service strategy
  • 4.3 Describe the purpose and key features of the control objectives
  • 4.4 Identify interactions between the following IT service management processes and cyber resilience

Module 5: Cyber Resilience Design

  • 5.1 Identify what cyber resilience design is intended to achieve
  • 5.2 Identify cyber resilience activities that should be aligned with IT service design
  • 5.3 Describe the purpose and key features of the control objectives
  • 5.4 Identify interactions between the following IT service management processes and cyber resilience

Module 6: Cyber Resilience Transition

  • 6.1 Identify what cyber resilience transition is intended to achieve
  • 6.2 Describe the purpose and key features of the control objectives
  • 6.3 Identify interactions between the following IT service management processes and cyber resilience

Module 7: Cyber Resilience Operation

  • 7.1 Identify what cyber resilience operation is intended to achieve
  • 7.2 Describe the purpose and key features of the control objectives
  • 7.3 Identify interactions between the following IT service management processes and cyber resilience

Module 8: Cyber Resilience Continual Improvement

  • 8.1 Identify what cyber resilience continual improvement is intended to achieve
  • 8.2 Recognise maturity models and their purpose
  • 8.3 Describe the purpose and key features of the control objectives
  • 8.4 Describe how the seven-step improvement process can be used to plan cyber resilience improvements
  • 8.5 Describe how to use ITIL CSI approach to plan cyber resilience improvements

Module 9: Cyber Resilience Roles & responsibilities

  • 9.1 Describe segregation of duties and dual controls

Examinations

  • Syllabus scope: understand and recognize RESILIA™: Cyber Resilience Best Practice
  • Bloom's level: 1-2
  • Format: Multiple Choice
  • Number of questions: 50
  • Duration: 100 minutes
  • Exam Format: closed book exam
  • Proctoring: Live or Web-proctored

Follow-on Courses:

Cyber Resilience RESILIA Practitioner Course.