DRI Ethiopia

DRI Ethiopia Training & Certefications
Business Continuity ,Disaster Recovery & Enterprise Risk Management

23/06/2024

Training & Certefications
Business Continuity ,Disaster Recovery & Enterprise Risk Management

International Courses & Certefications Cyber Resilience (CRLE 2000)Track: Cyber ResilienceCourse Title: Cyber Resilience...
01/06/2024

International Courses & Certefications

Cyber Resilience (CRLE 2000)

Track: Cyber Resilience

Course Title: Cyber Resilience

Course ID: CRLE 2000

Relevant Certifications (requires additional step): ACRP, CCRP

Duration: 4 Days (4 full days of instruction 8:30 a.m. – 5:00 p.m.; Examination online at your leisure) 32 Continuing Education Activity Points (CEAPs) may be awarded towards recertification.

Examination: Cyber Resilience Examination

Description
Cyberattacks are causing increased losses and significant delays in the recovery of mission-critical business functions. A cyber resilience practice can enhance overall resilience and mitigate losses caused by such attacks. That’s why this course is an absolute must. Cyber Resilience is an information-packed, four-day experience that will provide a holistic perspective and understanding of how the entire organization should prepare for, respond to, and recover from cyberattacks.

Through this course, you’ll discover how business continuity, cybersecurity, and mission-critical functions must integrate within every organization, using the five elements of cyber resilience:

prepare/identify, protect, detect, respond, and recover. Collectively, these concepts and the resulting action plans will help you develop a strategy to effectively respond to unforeseen events and get your organization back up and running as quickly as possible.

Collaboration is essential for a prompt, effective, and efficient response, and with this course, you’ll learn how to make that happen in your organization. Doing so will result in well-coordinated preparation, response, and recovery to cyberattacks and data breaches. As a cyber resilience professional, you’ll not only be giving your organization an advantage against cyberattacks, but you’ll also be giving yourself the professional advantage, bringing the most current information and skillsets to the table.



Objective
1. Provide students with detailed instruction, case studies, examples, frameworks, and guidance for implementing the concepts essential to combining cyber security and business continuity into an effective Cyber Resilience program.



2. Prepare students with, activities, exercises, and actionable recommendations to represent an appropriate “value proposition” to an organization’s executive management that will help to ensure any investment necessary to step up to a strong Cyber Resilience program.

3. Have students engage in cyber, response, and recovery exercises to help understand the issues t they will face.

4. Share experiences with other professionals.

5. Prepare to pass the Cyber Resilience Examination, so students can take next steps toward being certified as a DRI International Certified Cyber Resilience Professional.



Outline
DAY 1

• Stepping up from cybersecurity into cyber resilience

• Types of recent cyber threats and cyberattacks

• The cause-and-effect relationship and how cybersecurity affects business continuity

• NIST, the cybersecurity framework

• The CIA triad and cyber resilience

• The problem, the challenge, and the approach

DAY 2

• The value of cyber resilience

• Achieving cyber resilience with cultural change

• Cyber resilience minimum requirements

• The powerful business impact analysis aligned with cybersecurity

• Integrating cybersecurity and business continuity

• Cyber insurance

• Cybersecurity framework and regulations

DAY 3

• Cyber resilience planning

• Adapting the cybersecurity framework

• Creating effective o Preparation and identification plans o Protection and detection plans o Response and recovery plans

• Effective collaboration between cyber incident response and business recovery of operations







DAY 4

• Describe the importance of regular cyber awareness training

• Understand how cybersecurity and business continuity both work with reputation management

• Maintaining your plans

• Creating effective crisis communication plans for cyber incidents

• Discuss how training and awareness initiatives should be employed to embed cyber resilience within the entire organization and ensure that personnel are ready to respond and recover • Cyberattack tabletop





For in-person courses:

This course will be held in-person and the exam will be online, at-leisure. A computer is required for this course in order for you to take the exam. The system requirements will be sent to you via email together with information about how to access the course materials prior to the start of the course.

For courses held online:

All online courses are held via Zoom and a computer is required for this course. The system requirements will be sent to you via email together with information about how to access the course materials prior to the start of the course. You will also be provided with instructions for how to take the exam online, at- leisure following the course.

For international courses:

This course is being hosted by a DRI International partner. To register, you will be asked to provide your contact information and we will put you in touch with the local team for details.

For courses held pre-conference:

This course is being held in-person prior to the DRI Annual Conference at or near the conference venue. You can attend the conference immediately following the course with an additional registration (separate fee applies).

International Courses & Certefications Track: Risk ManagementCourse Title: Risk Management for Business ContinuityCourse...
01/06/2024

International Courses & Certefications

Track: Risk Management

Course Title: Risk Management for Business Continuity

Course ID: RMLE 2000

Duration: 4 Days (4 full days of instruction 8:30 a.m. – 5:00 p.m.; Examination online at your leisure)

32 Continuing Education Activity Points (CEAPs) may be awarded towards recertification if applicable

Examination: Risk Management Examination

Description
Risk Management is a top priority in all sectors, from supply chain to cyber security. As a professional in this field, you have to be at the top of your game, to truly identify the threats your organization faces and how to protect against them. You need to be able to perform risk assessments, reduce organizational vulnerabilities, select cost effective risk controls, and obtain buy in from upper management. Risk Management Continuity (RMLE 2000) focuses on teaching those skills and many more. Developed and taught by experienced instructors, this course combines theory with real world practices to give you in depth instruction and tools you can put to use in creating a robust Risk

Management program. The course is designed to give students the tools they need to pass the Risk Management Examination and continue on the path toward becoming a DRI Certified Risk Management Professional (CRMP) or Associate Risk Management Professional (ARMP).

Objectives
1. Provide students with detailed instruction and tools for implementing DRI business continuity management risk evaluation and control

2. Delineate the skills, knowledge and procedures business continuity professionals need to develop and manage a Business Continuity Risk Management program

3. Prepare to pass the Risk Management Examination with a minimum passing grade of 75%

Outline
Lesson 1: Risk Terminology and Framework

• Learn risk management court rulings and success factors

• Explore the framework for risk management roles and responsibilities

• Learn risk analysis and communication

• Learn how to establish risk tolerance levels and measures

• Learn how to establish resource requirements

Lesson 2: Risk Models and Processes

• Explore qualitative and quantitative methods

• Learn risk identification

• Learn asset impact analysis

Lesson 3: Threat Analysis

• Learn how to conduct a vulnerability analysis

• Explore the use of risk identification metrics

Lesson 4: Monitoring and Reporting

• Explore risk aggregation concepts, the annualized loss expectancy (ALE) formula and the DRI Risk Management Toolbox

• Participate in a comprehensive review for the Risk Management Examination



For in-person courses:

This course will be held in-person and the exam will be online, at leisure. A computer is required for this course in order for you to take the exam. The system requirements will be sent to you via email together with information about how to access the course materials prior to the start of the course.

For courses held online:

All online courses are held via Zoom and a computer is required for this course. The system requirements will be sent to you via email together with information about how to access the course materials prior to the start of the course. You will also be provided with instructions for how to take the exam online, at leisure following the course.

For international courses:

This course is being hosted by a DRI International partner. To register, you will be asked to provide your contact information and we will put you in touch with the local team for details.

For courses held pre-conference:

This course is being held in-person prior to the DRI Annual Conference at or near the conference venue. You can then attend the conference immediately following your course with an additional registration (separate fee applies).

Career Track:

Educate. Certify. Connect.

Business Continuity (BCLE 2000)Track: Business Continuity Course Title: Business Continuity Course ID: BCLE 2000 Relevan...
28/05/2024

Business Continuity (BCLE 2000)

Track: Business Continuity Course Title: Business Continuity Course ID: BCLE 2000 Relevant Certifications (requires additional step): ABCP, CBCP, CBCV, CFCP
Duration: 4 Days (4 full days of instruction 8:30 a.m. – 5:00 p.m.; Examination online at your leisure)

32 Continuing Education Activity Points (CEAPs) may be awarded towards recertification Examination: Qualifying Examination

The cost of this course includes both the course and the exam.

Cost: $2,850.00



Description
DRI’s seminal course, Business Continuity (BCLE 2000), enables you to build a business continuity program based on the most up-to-the-minute information and the most utilized and time tested standard in the field because the DRI International Professional Practices for Business Continuity Management are just that. Long the leading standard in our profession by a mile, the Professional Practices are the foundation upon which this four-day, in-depth, hands-on course is built.

Instruction includes all ten Professional Practices detailed below, including new and expanded coverage of cloud computing, cyber threats, supply chain, risk transfer, insurance considerations, legal and regulatory requirements, and manufacturing processes, as well as more traditional topics such as evaluating risks, gaining leadership buy-in, crisis communications, and program audit. An experienced instructor using real world examples and interactive workshop exercises will walk you through the key elements of business continuity management, making this the perfect course for those who are relatively new to the profession and want a thorough, leave no stone unturned educational experience.

The participatory nature of the course immerses you in the learning process, enables you to learn by doing, and ensures that you leave having outlined a firm foundation for your program that is specific to your entity. Additionally, the course as well as the supporting material provided to every student is designed to give you all the tools you need to pass the Qualifying Examination and continue on the path toward becoming a DRI Certified Business Continuity Professional (CBCP), Associate Business Continuity Professional (ABCP), Master Business Continuity Professional (MBCP), Certified Functional Continuity Professional (CFCP), or Certified Business Continuity Vendor (CBCV).

Objectives
1. Review the Professional Practices for Business Continuity Management body of knowledge designed to assist in the development, implementation, and maintenance of business continuity programs.

2. Highlight the terms and methodologies presented in The International Glossary for Resilience and the Professional Practices.

3. Prepare you for the Qualifying Examination.

Outline
Lesson 1: Program Management
• Establish the need for a business continuity program.

• Obtain support and funding for the business continuity program.

• Build the organizational framework to support the business continuity program.

• Introduce key concepts, such as program management, risk awareness, identification of critical functions/processes, recovery strategies, training and awareness, and exercising/testing.

• Class Exercise: Learn about practical application by developing a presentation for leadership on the importance of business continuity, relevant legal and regulatory requirements, project resource requirements, and a project plan overview with well defined deliverables.

Lesson 2: Risk Assessment
• Identify risks that can adversely affect an entity’s resources or image.

• Assess risks to determine the potential impacts to the entity, enabling the entity to determine the most effective use of resources to reduce these potential impacts.

• Class Exercise: Develop a presentation for leadership identifying three significant threats, determining what controls are currently in place for these threats, and your recommendations to improve current controls or implement new controls for each threat; develop an outline for a risk assessment report.

Lesson 3: Business Impact Analysis
• Identify and prioritize the entity’s functions and processes in order to ascertain which ones will have the greatest impact should they not be available.

• Assess the resources required to support the business impact analysis process.

• Analyze the findings to ascertain any gaps between the entity’s requirements and its ability to deliver those requirements.

• Class Exercise: Develop a prioritized list of business functions and processes, the criticality category of each business function and process, and their RTOs.

Lesson 4: Business Continuity Strategies
• Select cost-effective strategies to reduce deficiencies as identified during the risk assessment and business impact analysis processes.

• Workshop Exercise: Build on previous exercises to identify continuity/recovery strategies, including a brief description, the advantages and disadvantages, and a cost estimate of each strategy. Discuss how you would present recommendations for leadership approval.

Lesson 5: Incident Preparedness and Response
• Develop and assist with the implementation of an incident management system that defines organizational roles, lines of authority and succession of authority.

• Define requirements to develop and implement the entity’s incident response plan. Ensure that incident response is coordinated with outside organizations in a timely and effective manner when appropriate.

• Class Exercise: Identify the actions needed to be performed to respond to events, list any special training needed, determine type of plan needed, and list recommendations needed for incident response.

Lesson 6: Plan Development and Implementation
• Document plans to be used during an incident that will enable the entity to continue to function.

• Class Exercise: Identify the type of business continuity plan needed by your entity, develop the plan’s scope, objectives and assumptions, and outline basic information about the plan and how it relates to the business continuity program.

Lesson 7: Awareness and Training Programs
• Establish and maintain training and awareness programs that result in personnel being able to respond to incidents in a calm and efficient manner.

• Class Exercise: Develop a floor warden training program that includes vital training subjects, frequency, selection process, and other emergency response recommendations.

Lesson 8: Business Continuity Plan Exercise/Test, Audit, and Maintenance
• Establish an exercise, assessment and maintenance program to maintain a state of readiness.

• Class Exercise: Develop an exercise/test scenario relevant for your entity, assess the resources needed, what will be exercised/tested, and write the steps to follow.

Lesson 9: Crisis Communications
• Provide a framework for developing a crisis communications plan.

• Ensure that the crisis communications plan will provide for timely, effective communication with internal and external parties.

• Class Exercise: Determine whether an event is a potential crisis, the nature of the crisis, the interested parties, the spokesperson(s), and the key message.

Lesson 10: Coordination with External Agencies and Resources

• Establish policies and procedures to coordinate incident response activities with public entities.

Lesson 11: Qualifying Examination Review
• Review the important concepts from each of the earlier lessons.

• Prepare for the Qualifying Examination through a review of the practice exam questions.



For in-person courses:

This course will be held in-person and the exam will be online, at leisure. A computer is required for this course in order for you to take the exam. The system requirements will be sent to you via email together with information about how to access the course materials prior to the start of the course.

For courses held online:

All online courses are held via Zoom and a computer is required for this course. The system requirements will be sent to you via email together with information about how to access the course materials prior to the start of the course. You will also be provided with instructions for how to take the exam online, at leisure following the course.

For international courses:

This course is being hosted by a DRI International partner. To register, you will be asked to provide your contact information and we will put you in touch with the local team for details.

For courses held pre-conference:

This course is being held in-person prior to the DRI Annual Conference at or near the conference venue. You can then attend the conference immediately following your course with an additional registration (separate fee applies).

Whatsapp +251911508734

Business continuity and Business Resilience:**Business Continuity**:- Business continuity focuses on maintaining critica...
28/05/2024

Business continuity and Business Resilience:

**Business Continuity**:

- Business continuity focuses on maintaining critical business operations and functions during and after a disruptive event.
- The goal is to ensure that an organization can continue to operate, or quickly resume operations, in the face of a crisis or disaster.
- Business continuity planning involves identifying potential threats, assessing risks, and developing strategies to mitigate those risks.
- Key elements include backup systems, disaster recovery plans, emergency response procedures, and supply chain management.
- The focus is on restoring critical processes and returning to a "business as usual" state as soon as possible.

**Business Resilience**:

- Business resilience is a broader concept that encompasses business continuity, but also focuses on an organization's ability to adapt and thrive in the face of change and disruption.
- Resilient organizations are not just able to bounce back, but also to learn, innovate, and grow from challenges.
- Resilience involves building organizational capabilities, such as agility, flexibility, and the ability to anticipate and respond to changes in the business environment.
- Key aspects include strong leadership, a resilient culture, effective risk management, and the ability to leverage technology and data to support decision-making.
- The goal is not just to maintain operations, but to emerge from disruptions stronger and better able to compete in the marketplace.

In summary, while business continuity focuses on maintaining critical functions during a crisis, business resilience is a more comprehensive approach that enables an organization to adapt, evolve, and thrive in the face of both expected and unexpected challenges. Resilient organizations are better equipped to navigate uncertainty and capitalize on new opportunities that arise from disruptive events.

Business Continuity Vs Disaster Recovery:**Business Continuity**:Business continuity is the process of ensuring that an ...
28/05/2024

Business Continuity Vs Disaster Recovery:

**Business Continuity**:

Business continuity is the process of ensuring that an organization's critical business functions can continue to operate during and after a disruptive event. The goal of business continuity is to minimize the impact of an incident on the organization's operations and ensure that essential services and products can still be delivered to customers.

Key aspects of business continuity include:

- Identifying critical business functions and processes
- Assessing potential risks and threats
- Developing plans and strategies to maintain operations
- Establishing backup and redundancy measures
- Implementing employee training and awareness programs
- Regularly testing and updating the business continuity plan

Business continuity planning helps organizations prepare for and respond to a wide range of potential disruptions, such as natural disasters, cyber attacks, power outages, or supply chain issues.

**Disaster Recovery**:

Disaster recovery, on the other hand, is a subset of business continuity and focuses specifically on the restoration and recovery of an organization's information technology (IT) systems and data after a disruptive event.

Disaster recovery planning includes:
- Identifying critical IT systems and data
- Establishing backup and recovery procedures
- Implementing redundant infrastructure and failover mechanisms
- Developing recovery time objectives (RTOs) and recovery point objectives (RPOs)
- Testing and updating the disaster recovery plan

The primary goal of disaster recovery is to ensure that an organization can quickly restore its IT systems and data, and resume critical business operations in the event of a disaster, such as a data center failure, ransomware attack, or natural disaster.

In summary, while business continuity focuses on maintaining overall business operations, disaster recovery is concerned with the restoration and recovery of an organization's technology infrastructure and data after a disruptive event.

Training & International Certefications:▪︎ Business Continuity Management ▪︎Disaster Recovery Management ▪︎ Enterprise R...
17/03/2024

Training & International Certefications:
▪︎ Business Continuity Management
▪︎Disaster Recovery Management
▪︎ Enterprise Risk Management
▪︎Cyber Resilience

25/02/2024

Recovery time requirements (RTR): Recovery time requirements (RTR) are an important aspect of system design and planning...
25/01/2024

Recovery time requirements (RTR):

Recovery time requirements (RTR) are an important aspect of system design and planning, particularly in the context of disaster recovery and business continuity.

1. Systems/Services: Identify the specific systems or services that are critical to the organization's operations. This may include the main IT infrastructure, databases, applications, communication networks, and other key components.

2. Recovery Time Objective (RTO): The RTO is the target time within which a system or service must be restored after an incident. It is typically expressed as a specific duration, such as four hours or one day. The RTO helps determine the level of urgency and resources required for recovery.

3. Critical Components: Identify the critical components within the systems or services that must be restored to achieve full functionality. This could include servers, storage devices, network equipment, software applications, and databases.

4. Dependencies: Identify the dependencies between different components and systems. Understanding these dependencies is crucial for determining the sequence and timing of recovery actions. For example, an application may rely on a specific database, which in turn relies on the availability of a particular server.

5. Failover and Redundancy: Determine if failover mechanisms or redundant systems are in place to minimize downtime. Failover refers to the automated process of switching to a backup system when the primary system fails. Redundancy involves having duplicate hardware, software, or infrastructure to ensure availability.

6. Testing and Validation: Regularly test the recovery procedures to ensure they are effective and meet the defined recovery time requirements. This can involve conducting mock disaster scenarios, simulating failures, and measuring the actual recovery time.

7. Disaster Scenarios: Consider different scenarios that could potentially disrupt the systems or services, such as hardware failures, software bugs, natural disasters, cyber-attacks, or power outages. Each scenario may have different recovery time requirements based on its severity and impact.

8. Recovery Strategies: Define the strategies and approaches for recovery based on the identified scenarios. This might involve procedures for data backup and restoration, system reconfiguration, hardware replacement, or alternative workarounds.

9. Communication and Notification: Establish clear communication channels and protocols for notifying stakeholders, such as employees, customers, and partners, about the incident and recovery progress.

10. Post-Recovery Activities: Consider the activities that need to be performed after the system or service has been restored to ensure its stability, integrity, and ongoing functionality.

Disaster Time Line:
21/01/2024

Disaster Time Line:

Maximum tolerable Outages (MTO) : The concept of maximum tolerable outages (MTO) refers to the acceptable length or freq...
21/01/2024

Maximum tolerable Outages (MTO) :

The concept of maximum tolerable outages (MTO) refers to the acceptable length or frequency of disruptions to a system or its components before significant negative consequences are experienced. The specific elements and components that determine MTO can vary depending on the context and the system being considered. However, here are some common elements and their descriptions:

1. Critical Infrastructure: Critical infrastructure refers to the essential components and systems that are vital for the functioning of a society or organization. These can include power grids, transportation networks, communication systems, water supply facilities, and more. The MTO for critical infrastructure is typically very low, as even short outages can have severe consequences.

2. Data Centers: Data centers house the servers and networking equipment that support various digital services and applications. The MTO for data centers is often measured in terms of downtime, indicating the maximum allowable time that the data center can be non-operational without causing significant disruptions to services. MTO for data centers is usually very low, ranging from a few minutes to a few hours per year.

3. Network Components: Network components include routers, switches, firewalls, and other devices that enable the transmission of data between computers and other networked devices. The MTO for network components typically depends on their criticality and importance within the network infrastructure. High-priority components may have a very low MTO, while lower-priority components may have a higher MTO.

4. Software Systems: Software systems encompass a wide range of applications and services that are used to perform specific functions or provide certain capabilities. The MTO for software systems can vary significantly depending on the impact of their failure. Critical software systems, such as those used in healthcare or finance, may have a very low MTO, while non-critical systems may have a higher MTO.

5. Industrial Equipment: In industrial settings, various equipment and machinery are used for manufacturing, production, and other processes. The MTO for industrial equipment depends on factors such as safety requirements, production schedules, and the availability of backup systems. Outages in industrial equipment can result in productivity loss, safety hazards, and financial implications, so the MTO is typically kept as low as possible.

It is important to note that the specific MTO values can vary widely based on industry standards, regulatory requirements, business needs, and risk assessments. Organizations and industries typically define their own MTO thresholds based on these considerations to ensure the reliability and availability of their systems.

Components of Cyber Resilience:1. Risk Assessment: Identifying and assessing potential cyber risks and vulnerabilities t...
14/01/2024

Components of Cyber Resilience:
1. Risk Assessment: Identifying and assessing potential cyber risks and vulnerabilities to understand the organization's exposure to threats.
2. Incident Response Planning: Developing a comprehensive plan that outlines the steps to be taken in the event of a cyber incident, including roles and responsibilities, communication channels, and technical procedures.
3. Business Continuity Management: Ensuring the organization can continue its critical operations even in the face of a cyber attack or disruption, through backup systems, redundant infrastructure, and disaster recovery plans.
4. Security Awareness and Training: Educating employees about cybersecurity best practices, including how to identify and report suspicious activities, how to protect sensitive data, and how to respond to potential threats.
5. Threat Intelligence: Gathering information about current and emerging cyber threats, including the tactics, techniques, and procedures employed by threat actors, to proactively identify and mitigate risks.
6. Security Monitoring and Incident Detection: Implementing technologies and processes to monitor the organization's networks, systems, and applications for signs of unauthorized access, malicious activities, or anomalous behavior.
7. Vulnerability Management: Conducting regular assessments and scans to identify vulnerabilities in the organization's infrastructure, systems, and applications, and taking appropriate actions to address them.
8. Cyber Insurance: Obtaining insurance coverage to mitigate financial losses and liabilities resulting from cyber incidents.

Adresse

Democratic Republic Of The

Notifications

Soyez le premier à savoir et laissez-nous vous envoyer un courriel lorsque DRI Ethiopia publie des nouvelles et des promotions. Votre adresse e-mail ne sera pas utilisée à d'autres fins, et vous pouvez vous désabonner à tout moment.

Contacter L'entreprise

Envoyer un message à DRI Ethiopia:

Partager