RESILIA Cyber Resilience Foundation (RCRF)

AXELOS RESILIA™: Cyber Resilience Best Practice is designed to help commercial and government organizations around the world prevent, detect and correct any impact cyber-attacks will have on the information required to do business. Adding RESILIA to the existing AXELOS global best practice portfolio, including ITIL® and PRINCE2®, brings a common cyber resilience best practice for security, IT service management and business. Active cyber resilience is achieved through people, process and technology.


Target Audience

IT Service Management, Business analysts, IT Architects, IT Project & Programme Management


Objectives

  • The purpose, benefits, and key terms of cyber resilience.
  • Risk management and the key activities needed to address risks and opportunities.
  • The purpose of a management system and how best practices and standards can contribute.
  • Cyber resilience strategy, the associated control objectives, and their interactions with ITSM activities.
  • Cyber resilience design, the associated control objectives and their interactions with ITSM activities.
  • Cyber resilience transition, the associated control objectives, and their interactions with ITSM activities.
  • Cyber resilience operation, the associated control objectives, and their interactions with ITSM activities.
  • Cyber resilience continual improvement, the associated control objectives, and their interactions with ITSM activities.
  • The purpose and benefits of segregation of duties and dual controls


Prerequisites

There are no prerequisites for this course.


Testing and Certification

  • Syllabus scope: understand and recognize RESILIA™: Cyber Resilience Best Practice
  • Bloom’s level: 1-2
  • Format: Multiple Choice
  • Number of questions: 50
  • Duration: 100 minutes
  • Exam Format: closed book exam
  • Exam is included in the course fee.
Show details


Course Content

Module 1: Intro to Cyber Resilience

  • Describe what cyber resilience is
  • Identify the benefits of cyber resilience
  • Identify the terms
  • Identify the purpose of balancing
  • Identify the need for:
  • Confidentiality
  • Integrity
  • Availability
  • Authentication
  • Nonrepudiation


Module 2: Risk management

  • Describe what risk management is
  • Identify the purpose of risk management
  • Identify the terms: risk, asset, vulnerability, threat
  • Describe actions to address risks and opportunities:
  • Establish context
  • Establish criteria for risk assessment and acceptance
  • Risk identification
  • Risk analysis and evaluation
  • Risk treatment
  • Risk monitoring and review
  • Identify the terms:
  • Risk register
  • Risk avoidance
  • Risk modification
  • Risk sharing
  • Risk retention
  • Risk treatment plan
  • Defence-in-depth


Module 3: Managing Cyber Resilience

  • Identify the purpose and scope of a management system
  • Identify the components of a management system
  • Recognize the relevance of common management standards and best practice frameworks to cyber resilience
  • Describe the difference between management, governance, and compliance


Module 4: Cyber Resilience Strategy

  • Identify what cyber resilience strategy is intended to achieve
  • Identify cyber resilience activities that should be aligned with IT service strategy
  • Describe the purpose and key features of the control objectives
  • Identify interactions between the following ITSM processes and cyber resilience


Module 5: Cyber Resilience Design

  • Identify what cyber resilience design is intended to achieve
  • Identify cyber resilience activities that should be aligned with IT service design
  • Describe the purpose and key features of the control objectives
  • Identify interactions between the following ITSM processes and cyber resilience


Module 6: Cyber Resilience Transition

  • Identify what cyber resilience transition is intended to achieve
  • Describe the purpose and key features of the control objectives
  • Identify interactions between the following ITSM processes and cyber resilience


Module 7: Cyber Resilience Operation

  • Identify what cyber resilience operation is intended to achieve
  • Describe the purpose and key features of the control objectives
  • Identify interactions between the following ITSM processes and cyber resilience


Module 8: Cyber Resilience Continual Improvement

  • Identify what cyber resilience continual improvement is intended to achieve
  • Recognise maturity models and their purpose
  • Describe the purpose and key features of the control objectives
  • Describe how the seven-step improvement process can be used to plan cyber resilience improvements
  • Describe how to use ITIL CSI approach to plan cyber resilience improvements


Module 9: Cyber Resilience Roles & responsibilities

  • Describe segregation of duties and dual controls