About the course
About this Course
Cyber Resilience RESILIA from Axelos is the Cyber best practice, designed to help commercial and government organisations prevent, detect and address the impact that cyber-attacks have on the information required to do business.
The Cyber Resilience RESILIA™ Foundation course starts with the purpose, key terms, the distinction between resilience and security, and the benefits of implementing cyber resilience. It introduces risk management and the key activities needed to address risks and opportunities. Further, it explains the relevance of common management standards and best practice frameworks to achieve cyber resilience. Subsequently, it identifies the cyber resilience processes, the associated control objectives, interactions and activities that should be aligned with corresponding IT Service Management activities. In the final part of the course, it describes the segregation of duties and dual controls related to cyber resilience roles and responsibilities.
Target Audience:
The Cyber Resilience RESILIA Foundation course audience includes all teams across the IT, Security and Risk functions, including:
Business Analysis and Design
- Business analysts
- IT Architects
- Systems Development
IT Project & Programme Management
- Security, Risk and Compliance
- Information Security management
- Business Continuity managers
IT Service Management
- Operations and Incident management
- IT Change & Release management
- IT Supplier & Vendor management
What's Included
QA offers more benefits. Here is what's included with this course:
Exam(s) included
Prerequisites
We recommend that delegates have attended an ITIL foundation course prior to taking the Cyber Resilience RESILIA course. Note: This course is not designed for those that hold an ITIL expert or master qualification.
Delegates will learn how to
Individuals certified at Cyber Resilience RESILIA Foundation will demonstrate their knowledge of:
- The purpose, benefits, and key terms of cyber resilience.
- Risk management and the key activities needed to address risks and opportunities.
- The purpose of a security management system and how best practices and standards can contribute.
- Cyber resilience strategy, design, transition, operation and continual improvement with the associated control objectives, and their interactions with IT service management activities.
- The purpose and benefits of segregation of duties and dual controls.
Benefits
Participants to this course learn about the methods and use of preventative, detective, and corrective controls allowing them to recognize risks and to operate effectively in a challenging environment. The course provides insights into common security management standards and best practice security frameworks that would assist in making decisions to anticipate, counter and/or recover accordingly from cyber-attacks. Participants on completing this course would be better positioned in an organization to effectively govern, manage and comply with cyber resilience.
Outline
Module 1: Intro to Cyber Resilience
1.1 Describe what cyber resilience is
1.2 Identify the benefits of cyber resilience
1.3 Identify the terms
1.4 Identify the purpose of balancing
1.5 Identify the need for:
a) Confidentiality
b) Integrity
c) Availability
d) Authentication
e) Nonrepudiation
Module 2: Risk management
2.1 Describe what risk management is
2.2 Identify the purpose of risk management
2.3 Identify the terms: risk, asset, vulnerability, threat
2.4 Describe actions to address risks and opportunities:
a) Establish context
b) Establish criteria for risk assessment and acceptance
c) Risk identification
d) Risk analysis and evaluation
e) Risk treatment
f) Risk monitoring and review
2.5 Identify the terms:
a) Risk register
b) Risk avoidance
c) Risk modification
d) Risk sharing
e) Risk retention
f) Risk treatment plan
g) Defence-in-depth
Module 3: Managing Cyber Resilience
3.1 Identify the purpose and scope of a management system
3.2 Identify the components of a management system
3.3 Recognize the relevance of common management standards and best practice frameworks to cyber resilience
3.4 Describe the difference between management, governance, and compliance
Module 4: Cyber Resilience Strategy
4.1 Identify what cyber resilience strategy is intended to achieve
4.2 Identify cyber resilience activities that should be aligned with IT service strategy
4.3 Describe the purpose and key features of the control objectives
4.4 Identify interactions between the following IT service management processes and cyber resilience
Module 5: Cyber Resilience Design
5.1 Identify what cyber resilience design is intended to achieve
5.2 Identify cyber resilience activities that should be aligned with IT service design
5.3 Describe the purpose and key features of the control objectives
5.4 Identify interactions between the following IT service management processes and cyber resilience
Module 6: Cyber Resilience Transition
6.1 Identify what cyber resilience transition is intended to achieve
6.2 Describe the purpose and key features of the control objectives
6.3 Identify interactions between the following IT service management processes and cyber resilience
Module 7: Cyber Resilience Operation
7.1 Identify what cyber resilience operation is intended to achieve
7.2 Describe the purpose and key features of the control objectives
7.3 Identify interactions between the following IT service management processes and cyber resilience
Module 8: Cyber Resilience Continual Improvement
8.1 Identify what cyber resilience continual improvement is intended to achieve
8.2 Recognise maturity models and their purpose
8.3 Describe the purpose and key features of the control objectives
8.4 Describe how the seven-step improvement process can be used to plan cyber resilience improvements
8.5 Describe how to use ITIL CSI approach to plan cyber resilience improvements
Module 9: Cyber Resilience Roles & responsibilities
9.1 Describe segregation of duties and dual controls
Examinations
- Syllabus scope: understand and recognize RESILIA™: Cyber Resilience Best Practice
- Bloom's level: 1-2
- Format: Multiple Choice
- Number of questions: 50
- Duration: 100 minutes
- Exam Format: closed book exam
Follow-on Courses:
-
Cyber Resilience RESILIA Practitioner Course.