• Classroom
  • Online, Instructor-Led
Course Description

This course focuses on preserving and recovering business operations in the event of outages, disasters or workforce interruptions. Measures and technologies used for forensics, as well as computer crime and security investigation, are addressed.

Learning Objectives

  • Understand rudimentary principles of risk assessment in order to identify and valuate the assets using qualitative and quantitative metrics. Understand how a disaster event is defined and quantified, and how Business Continuity Plans fit into the NIST SP800-34 Interrelationship of Emergency Action Plans framework.
  • Prioritize spending for mitigating risk of financial loss, data exposure, or downtime. Evaluate how information system assets relate to critical business functions through Business Impact Analysis. Explore the role of the BIA, how a BIA may be conducted, and how a BIA may be presented to senior management.
  • Learn prioritization methods and develop a response in the form of a Recovery Strategy consisting of pre-defined methods, responsibilities, procedures, and actions to mitigate the impact of business disruption.
  • Demonstrate the goals and objectives of a Disaster Recovery Plan to re-establish services and minimize the threat of exposure or loss based on NIST SP800-34. Learn industry best practices to maintain a DRP, and assess DRP performance using the following forms of tests: Structured Walk-Through, Checklist, Simulation, Parallel, and Full Interruption.
  • Understand NIST SP800-34 Technical Considerations concerning disaster recovery events, including data backup and retention, backup methodology and tertiary store definitions, fault tolerance methods (RAID), network redundancy, hot/warm/cold sites, load balancing, and consideration for redirected telephony circuits.
  • Demonstrate procedures for collecting, processing, and disseminating intelligence during a disaster, as codified in a Crisis Communication Plan. Understand issues surrounding intelligence control, chain of authority, media relationships, vendor relationships, and company spokespersons.
  • Explore the legal foundation that establishes data and electronic systems as private property. Understand procedures for responding to a cyber incident as codified by a Cyber Incident Response Plan.

Framework Connections