Learning Objectives

Get to know methods and techniques to determine protection requirements of business processes and related supporting assets from business perspective. Experience best practice examples for BIA/RIA and discuss different approaches with experts. Learn about different risk aspects with regard to availability and the impact of preventive and reactive security measures.

Raise your knowledge about procedure, typical content and follow-up measures related to Business Continuity tests & exercises.

Target Audience

Person in charge for

• Information Security Management
• Business Continuity Management
• Information Security Risk Management
• IT Security Risk Management
• Process Management (core processes)
• (internal) auditing

Course Content

• Regulatory requirements
• Prerequisites for Business Continuity Management:
  • Organizational structure
  • Scope definition
• Business Impact Analysis (BIA):
  • Crucial business processes
  • Dependency of supporting assets
• Risk Impact Analysis (RIA):
  • Relevant threats and vulnerabilities
  • Likelihood and resulting risks
• Preventive actions:
  • Risk treatment plan
  • Selection of preventive measures
• Preparation activities:
  • Documentation and processes
  • Organizational framework conditions
  • Facilities and equipment for emergency / crisis reaction
• Exercise activities:
  • Functional tests
  • Plan discussions & reviews
  • Simulations / emergency drills
• Maintenance activities:
  • Review / lessons learned
  • Corrective actions & improvement

Prerequisites

Basic knowledge about Business Continuity Management (e.g. according to ISO 22301) and Information Security Management (e.g. according to ISO 27001).

Interested in this training?

Get in touch with us!