Oct 03, 2019 CERT.Global 227times

ICT Business Continuity and Disaster Recovery Professional Training Course

Understand how to apply business continuity risk management principles (ISO 22301) on the organization's ICT business continuity and disaster recovery management.

Introduction 

The business continuity management system provide by ISO 22301 are the foundation of "business continuity risk management approach" for ALL types of organization, in addition, the ISO/IEC 27031 provides more detail guidelines for ICT business continuity. This course adapted the approaches from ISO 22301 and integrated the ICT business continuity and disaster recovery guidelines from the ISO/IEC 27031. 

To participate in this training course, the following prior knowledge was expected

  1. Understand the concept of management systems in accordance with ISO 19600
    • Management system process (PDCA, Plan-Do-Check-Act)
    • Understand the Organisation 
    • Leadership and commitment
    • Planning and risk management system requirements
    • Supporting the management system
    • Operating the management system 
    • Performance evaluation 
    • Continual improvement 
  2. Knowledge of business continuity management principles and concepts includes but not limited to:
    • The purpose and benefits of a business impact analysis (BIA)
    • The principals of risk assessment and analysis
    • Typical business continuity strategies
    • Business continuity response options
    • Recovery procedures 
    • BCMS performance metrics, monitoring and performance measurement
    • BCP exercise and testing methodologies
  3. Knowledge of information security management principles and concepts includes but not limited to:
    • awareness of the need for information security;
    • the assignment of responsibility for information security;
    • incorporating management commitment and the interests of stakeholders;
    • enhancing societal values;
    • using the results of risk assessments to determine appropriate controls to reach acceptable levels of risk;
    • incorporating security as an essential element of information networks and systems;
    • the active prevention and detection of information security incidents;
    • ensuring a comprehensive approach to information security management;
    • continual reassessment of information security and make of modifications as appropriate.

Who should attend?

This is intended for those who will be involved in ICT business continuity risk management in any organization. Suggested job functions and their teams include:

  • Anyone involved in management system activities
  • ICT risk management and legal compliance 
  • Corporate governance and TOP management 
  • Consultant and Auditor
  • Management system representative

Learning objectives

  • Learn the main component of BCMS, particular on ICT business continuity risk and disaster recovery management requirement 
  • Understand the business continuity risk management framework and processes in accordance with ISO 22301

Course benefits

  • Improve the competence of business continuity risk management
  • Understand the gap of existing risk management and best practice according to ISO 22301 and ISO/IEC 27031

Course outline

Day 1, Business Continuity Management Framework  

  • Process approach, Plan-Do-Check-Act (PDCA) and BCMS key components 
    • Overview BCMS implementation process 
    • Documented information for BCMS
    • Challenges of Business Continuity Planning
  • Business continuity risk and disaster recovery management approach in ICT
    • Understand the Organisation
    • Requirements and expectation of interested parties
    • Other requirements and criteria, i.e. legal, legislation, contractual obligation, standards, policy and procedures 
  • Risk assessment (RA)
    • Identify the risk 
    • Analysis of the risk 
    • Evaluate the risk
  • Business impact analysis (BIA) 

Day 2, ICT business continuity and recovery strategy and implementing 

  • ICT business continuity options and recovery implementation strategies  on
    • Personnel competence - Skills and Knowledge
    • Facilities
    • Technology 
    • Data 
    • Supplier
    • ICT service monitoring criteria

Day 3, ICT business continuity and recovery planning

  • Incident response and management framework
  • Recovery plan - Human resources and competent
  • Recovery plan - Facility and Utility
  • Recovery plan - Communication and Networking
  • Recovery plan - IT system and data

Day 4, IRBC plans to test and exercise

  • Test and exercise planning
  • Incident response exercise 
  • Recovery plan(s) exercise
  • IRBC performance evaluation
  • Course summary / Q&A / Course exam

What's included?

  • Course material and media 
  • Course examination 
  • Course certificate

Organizational information

  • Delegates should note that there are evening works during the course
  • The minimal numbers of delegates for this course are 4 and the maximum is 20. If the students are less than 4, the course will be postponed.
  • The training organizer shall ensure and provide all students with high-speed Internet access to TKSG.Global from the training venue. 
  • This course is facilitated by TKSG.Global online learning management system (LMS). The participants should have the capability to use their own PC, laptop notebook or suitable mobile devices to access the LMS.

Additional Info

Venue (地點): Public or In-house training
Time (時間): Course time:
4 days (32 hours)
09:00 ~ 17:00
Facilitator (講師): Authorized tutor

Related items

Business Continuity Management Systems (BCMS, ISO 22301:2012) Internal Auditor Training Course
Business Continuity Management Systems (BCMS, ISO 22301:2012) Internal Auditor Training Course

Through the management system auditing and certification, the organization can demonstrate its ability on legallegislation (i.e. Emergency, Transportation, Financial, Utility service availability regulations), standards (i.e. ISO, IEC, IEEE), contractual obligation (i.e. 7x24 services, Supply Chain Continuity), policy and procedures compliance.

Also, the competence to plan, operation and continual improvements the management system to control the risks and achieve its expected outcome.

Oct 03, 2019
Information Security Management Systems (ISMS, ISO/IEC 27001:2013) Foundation Training Course
Information Security Management Systems (ISMS, ISO/IEC 27001:2013) Foundation Training Course

Personal Data Protection, EU GDPR (and ePrivacy regulation), Trade Secret, Asset management, Information Security Risk Management, Incident and Problem, Access controls on environmental, facilities, equipments, people, communication, networking, system and application

Oct 03, 2019
Information Security Management Systems (ISMS, ISO/IEC 27001:2013) Implementer Training Course
Information Security Management Systems (ISMS, ISO/IEC 27001:2013) Implementer Training Course

Personal Data Protection, EU GDPR (and ePrivacy regulation), Trade Secret, Asset management, Information Security Risk Management, Incident and Problem, Access controls on environmental, facilities, equipment, people, communication, networking, system, and application.

Oct 03, 2019
Information Security Management Systems (ISMS, ISO/IEC 27001:2013) Internal Auditor Training Course
Information Security Management Systems (ISMS, ISO/IEC 27001:2013) Internal Auditor Training Course

To compliance with ISO/IEC 27001, the organisation shall demonstrate its capability on conducting an effective Internal Audit, to ensure the management system fulfills legal (i.e. EU GDPR, DPA, IPRs), legislation, standards (i.e. ISO, IEC, IEEE), contractual obligation (i.e. Trade Secret, IP), policy and procedures requirements.

Also, the competence to plan, operation and continual improvements the management system to control the risks and achieve its expected outcome.

Oct 03, 2019
Information Security Management Systems (ISMS, ISO/IEC 27001:2013) Lead Implementer Training Course
Information Security Management Systems (ISMS, ISO/IEC 27001:2013) Lead Implementer Training Course

Personal Data Protection, EU GDPR (and ePrivacy regulation), Trade Secret, Asset management, Information Security Risk Management, Incident and Problem, Access controls on environmental, facilities, equipments, people, communication, networking, system and application

Oct 03, 2019
智慧型網路惡意攻擊偵測服務 CyberSecurity (ISO/IEC 27032) and Malicious Threat Detection Services
智慧型網路惡意攻擊偵測服務 CyberSecurity (ISO/IEC 27032) and Malicious Threat Detection Services

協助企業在即時偵測惡意攻擊與可疑的內部資料外洩偵測行為,防止惡意軟體蒐集將資料外送。

Oct 03, 2019
Risk Management (ISO 31000) on Information Security Management Training Course
Risk Management (ISO 31000) on Information Security Management Training Course

Understand how to apply risk management principles (ISO 31000) on organization's information security management.

Oct 03, 2019
Information Security Management Systems (ISMS, ISO/IEC 27001:2013) Auditor/Lead Auditor Training Course
Information Security Management Systems (ISMS, ISO/IEC 27001:2013) Auditor/Lead Auditor Training Course

(Registered Course Nr. PR320 / A17533)

Through the management system audit and certification, the organization can demonstrate its ability on legal (i.e. EU GDPR, DPA, IPRs), legislation, standards (i.e. ISO, IEC, IEEE), contractual obligation (i.e. Trade Secret, IP), policy and procedures compliance.

Also, the competence to plan, operation and continual improvements in the management system to control the risks and achieve its expected outcome.

Oct 03, 2019
Go to top
JSN Educare is designed by JoomlaShine.com | powered by JSN Sun Framework