Course Outline

Module 1: Threats and Vulnerability Analysis (BKA)

  • The significance, necessity, and purpose of a BKA for government operations.
  • Steps to prepare a BKA and compile BKA reports for government use.
  • Perspectives on threats and vulnerabilities within your organization for government purposes.
  • The distinction between quantitative and qualitative assessments of threats and vulnerabilities in the context of government security.
  • Strategies to make threats and vulnerabilities more manageable for government agencies.

Module 2: Business Impact Analysis (BIA)

  • The significance, necessity, and purpose of a BIA for government operations.
  • Methods for conducting a BIA and preparing subsequent damage assessments for government use.
  • Understanding Maximum Tolerable Period of Disruption (MTPD), Recovery Time Objective (RTO), and Recovery Point Objective (RPO) in the context of government continuity planning.
  • Types of consequential damage and methods for determining a consequential damage picture for government agencies.
  • The disciplines required for the effective implementation of a BIA within government organizations.
  • Preparing BIA reports for government use.

Module 3: Introduction to Business Continuity Plan (BCP)

  • Definition and characteristics of crisis management for government operations.
  • The difference between an incident and a crisis in the context of government response.
  • The importance and necessity of crisis communication for government agencies.
  • The distinction between image and reputation management for government entities.
  • Developing a crisis management plan for government use.
  • The structure of the crisis organization, including the role of social media during crises for government operations.
  • Creating a Crisis Stakeholder Map for government agencies.
  • The role of Behavioral Health and Violence (BHV) in crisis management for government response.

Module 4: Emergency Response Plan (ER)

  • Transitioning from company self-protection to company emergency response, including the role of Behavioral Health and Violence (BHV).
  • A historical overview and exploration of first aid for incidents in the context of government operations.
  • Requirements set for the emergency response team within government agencies.
  • Setting up an emergency response organization for government use.
  • Emergency Response from a Government Perspective.

Module 5: Crisis Management Plan (CMP)

Module 6: Continuity of Operations Plan (COOP)

  • Definition and purpose of a COOP for government continuity planning.
  • The various plans included within the COOP for government operations.
  • Formulating and establishing basic requirements for a recovery plan in the context of government agencies.
  • Different types of recovery strategies and their associated quality features for government use.
  • The importance of backup and recovery of both digital and non-digital data, including the need for external storage solutions for government operations.
  • Translating processes into underlying information systems and implementing remedial measures for government agencies.
  • The significance and composition of a recovery organization for government continuity planning.

Requirements

The SECO-Business Continuity Foundation (S-BCF) certification or an equivalent is recommended for government professionals to ensure preparedness and continuity in critical operations.
 35 Hours

Number of participants


Price per participant

Runs with a minimum of 4 + people. For 1-to-1 or private group training, request a quote.

Testimonials (2)

Questions, that helps me a lot to understand the characteristics of CRISC examination.

Masakazu Yoshijima - Bank of Yokohama, Ltd.
Course - CRISC - Certified in Risk and Information Systems Control

I liked the in-depth knowledge about the subject of the trainer, good explanation, highlighting important things!.

Andreas Rhein
Course - Certified Information System Security Professional (CISSP) CBK Review

Upcoming Courses

Business Continuity Practitioner (S-BCP)

2026-02-12 09:30
35 hours
Sioux Falls, SD - Regus - CNA Building
$ 6757 (Online)
$ 9757 (Classroom)

Business Continuity Practitioner (S-BCP)

2026-02-26 09:30
35 hours
Sioux Falls, SD
$ 6757 (Online)
$ 9757 (Classroom)

Business Continuity Practitioner (S-BCP)

2026-03-12 09:30
35 hours
Louis, MO - Regus – Central West End
$ 6757 (Online)
$ 9757 (Classroom)

Business Continuity Practitioner (S-BCP)

2026-03-26 09:30
35 hours
Chattanooga, TN – Regus Tallan Financial Center
$ 6757 (Online)
$ 9757 (Classroom)

Business Continuity Practitioner (S-BCP)

2026-04-09 09:30
35 hours
Topeka, KS - Omni Circle
$ 6757 (Online)
$ 9757 (Classroom)

Related Courses

AI Security & Governance: Enterprise Implementation

 7 Hours

Course Description

This comprehensive course is tailored to address AI security, governance, compliance, and risk management in enterprise settings. It is specifically designed for security professionals, compliance officers, and technology leaders who are responsible for the secure deployment and governance frameworks of AI systems. The curriculum aligns with best practices and standards for government and industry, ensuring participants are well-equipped to manage AI-related risks and ensure compliance with regulatory requirements.

Read more...

BCS Practitioner Certificate in Information Risk Management (CIRM)

 35 Hours

Who is it for:

This program is designed for individuals involved in information security and information assurance, particularly those working in or supporting government agencies.

What will I learn:

Candidates should be able to demonstrate:

  • The ways in which managing information risk can bring significant benefits to public sector organizations.
  • The ability to explain and effectively utilize terminology related to information risk management for government use.
  • How to conduct threat and vulnerability assessments, business impact analyses, and risk assessments within a governmental context.
  • An understanding of the principles of controls and risk treatment in government settings.
  • The skill to present assessment results in a format that can serve as the foundation for a risk treatment plan tailored for government operations.
  • The application of information classification schemes appropriate for government agencies.
Read more...

Certified Chief Information Security Officer (CCISO)

 35 Hours
The EC-Council’s Certified Chief Information Security Officer (CCISO) Program has certified leading information security professionals across the globe. A distinguished group of high-level information security executives, known as the CCISO Advisory Board, played a crucial role in establishing the foundation of the program and defining its content, exam structure, body of knowledge, and training modules. Members of this board contributed in various capacities—some as authors, others as exam writers, quality assurance reviewers, and trainers. Each component of the program was meticulously crafted with the aspiring CISO in mind, aiming to transfer the invaluable knowledge of seasoned professionals to the next generation in critical areas essential for developing and maintaining a robust information security program. The Certified CISO (CCISO) program is a pioneering training and certification initiative designed to produce top-tier information security executives. Unlike other certifications that focus primarily on technical skills, the CCISO emphasizes the application of information security management principles from an executive perspective. This program was developed by current CISOs for government and industry professionals who are either serving in or aspiring to these roles.
Read more...

Certified Information System Security Professional (CISSP) CBK Review

 35 Hours
A Certified Information Systems Security Professional (CISSP) is an information assurance expert who defines, designs, manages, and implements controls to ensure the security of business environments. The extensive knowledge and experience required to pass the CISSP exam distinguish these professionals. This credential, provided by the (ISC)²® Common Body of Knowledge (CBK), demonstrates a globally recognized level of competence in critical security areas such as cloud computing, mobile security, application development security, risk management, and more. This course is designed to help participants review the 10 domains of information security practices. It serves as an essential learning tool for mastering concepts and topics related to all aspects of information systems security, ensuring readiness for government and private sector roles.

Objectives:

  • To review the main topics covered in the CISSP CBK (Common Body of Knowledge).
  • To prepare participants for the CISSP examination.
The course is tailored to enhance the skills necessary for government and private sector professionals, ensuring they are well-prepared to meet the rigorous demands of information security in various environments.
Read more...

Cloudflare Essentials: CDN, Security, and DDoS Mitigation

 14 Hours

This instructor-led, live training in US (online or onsite) is aimed at beginner to intermediate-level system administrators and security professionals who wish to learn how to implement Cloudflare for content delivery and cloud security, as well as mitigate DDoS attacks.

By the end of this training, participants will be able to:

  • Configure Cloudflare for their websites for government use.
  • Set up DNS records and SSL certificates in alignment with public sector standards.
  • Implement Cloudflare for content delivery and caching to enhance performance for government services.
  • Protect their websites from DDoS attacks, ensuring continuity of operations for government.
  • Implement firewall rules to restrict traffic to their websites, maintaining security and compliance for government systems.
Read more...

CRISC - Certified in Risk and Information Systems Control

 21 Hours

Description:

This course is designed as an intensive exam preparation for ISACA’s Certified Information Systems Auditor (CRISC) Examination. It covers the latest four domains of ISACA’s CRISC syllabus, with a strong emphasis on exam readiness. Participants will receive the Official ISACA CRISC Review Manual and the Question, Answer, and Explanation (Q&A&E) supplement. The Q&A&E is particularly valuable for helping delegates understand the style of questions posed by ISACA, the types of answers expected, and for facilitating rapid assimilation of the material.

The technical skills and practices promoted by ISACA within the CRISC certification are foundational to success in the field. Achieving the CRISC certification demonstrates a high level of expertise and commitment. With an increasing demand for professionals with risk and control knowledge, ISACA’s CRISC certification has become a preferred credential for individuals and organizations globally. The CRISC certification signifies a dedication to serving enterprises and the profession with distinction.

Objectives:

  • To assist participants in passing the CRISC examination on their first attempt.
  • To signify commitment to serving an enterprise with distinction through the possession of this certification.
  • To enable holders of this certification to secure better positions and salaries due to the growing demand for professionals with risk and control expertise.

You will learn:

  • How to help enterprises achieve their business objectives by designing, implementing, monitoring, and maintaining risk-based, efficient, and effective IS controls.
  • The technical skills and practices that CRISC promotes, which are essential for success in the field.
This course is tailored to support professionals in enhancing their capabilities and meeting the rigorous standards required for government service.
Read more...

CRISC - Certified in Risk and Information Systems Control - 4 Days

 28 Hours
This instructor-led, live training in US (online or onsite) is aimed at intermediate-level IT professionals who wish to enhance their skills in identifying and managing IT risk and implementing information systems controls, as well as prepare for the CRISC certification exam. By the end of this training, participants will be able to: - Understand the governance and risk management aspects of IT for government. - Conduct IT risk assessments and implement appropriate risk responses. - Design and implement effective information systems controls. - Prepare thoroughly for the CRISC certification exam.
Read more...

Managing Cyber Risks in the Supply Chain

 7 Hours

This instructor-led, live training in US (online or onsite) is aimed at supply chain professionals who wish to establish effective control and oversight of their supply chain, particularly as it pertains to cybersecurity for government.

By the end of this training, participants will be able to:

  • Understand the security oversights that can cause significant damage and disruption to a supply chain.
  • Decompose complex security issues into manageable and actionable components.
  • Address common supply chain vulnerabilities by identifying high-risk areas and collaborating with stakeholders.
  • Implement best practices in securing a supply chain for government operations.
  • Significantly reduce or eliminate the most significant risks to an organization's supply chain.
Read more...

Data Breach Management

 14 Hours
This instructor-led, live training in US (online or onsite) is designed for intermediate to advanced IT professionals and business leaders who aim to develop a structured approach to managing data breaches. By the end of this training, participants will be able to: - Understand the causes and consequences of data breaches. - Develop and implement effective data breach prevention strategies. - Establish an incident response plan to contain and mitigate breaches. - Conduct forensic investigations and evaluate the impact of breaches. - Ensure compliance with legal and regulatory requirements for breach notification. - Recover from data breaches and enhance security measures. This training is tailored to support professionals in aligning their practices with public sector workflows, governance, and accountability standards for government.
Read more...

HiTrust Common Security Framework Compliance

 14 Hours
This instructor-led, live training in US (online or onsite) is designed for developers and administrators who aim to produce software and products that comply with HiTRUST standards. By the end of this training, participants will be able to: - Grasp the essential concepts of the HiTrust Common Security Framework (CSF). - Recognize the HITRUST CSF administrative and security control domains. - Gain knowledge about the various types of HiTrust assessments and scoring methodologies. - Understand the certification process and requirements for achieving HiTrust compliance. - Learn best practices and tips for effectively adopting the HiTrust approach, ensuring alignment with public sector workflows, governance, and accountability for government.
Read more...

PECB ISO 27005 Risk Manager

 21 Hours
This training course provides comprehensive instruction on conducting risk assessments for information security by integrating the guidelines from ISO/IEC 27005:2022 and ISO/IEC 27001. In addition to theoretical knowledge, the course includes practical exercises, quizzes, and case studies, ensuring an engaging and interactive learning experience that aligns with best practices for government agencies.
Read more...

Business Continuity Management

 35 Hours

Description:

This is a 'Practitioner' course that emphasizes practical exercises designed to reinforce the concepts being taught and build participants' confidence in implementing business continuity management. The course also encourages debate and the sharing of knowledge and experience among students. Participants will benefit from the extensive, hands-on experiences of our trainers, who are active experts in business continuity management and ISO 22301:2019 specialists.

Participants will learn how to:

  • Explain the necessity of business continuity management (BCM) for all organizations
  • Define the business continuity lifecycle
  • Manage a business continuity program
  • Understand their organization sufficiently to identify mission-critical impact areas
  • Determine their organization's business continuity strategy
  • Establish a business continuity response
  • Exercise, maintain, and review plans
  • Embed business continuity within an organization
  • Define terms and definitions relevant to business continuity

By the end of the course, participants will have a comprehensive understanding of all key components of business continuity management and be equipped to return to their roles, making significant contributions to the business continuity management process for government.

Read more...

IBM Qradar SIEM: Beginner to Advanced

 14 Hours
This instructor-led, live training in US (online or onsite) is aimed at security engineers who wish to utilize IBM QRadar SIEM to address critical security use cases for government. By the end of this training, participants will be able to: - Achieve comprehensive visibility into enterprise data across both on-premise and cloud environments. - Automate security intelligence processes to effectively hunt threats and mitigate risks. - Detect, identify, and prioritize potential threats.
Read more...

Snyk

 14 Hours
This instructor-led, live training (available online or onsite) is designed for government developers who wish to integrate Snyk into their development tools to identify and resolve security vulnerabilities in their code. By the end of this training, participants will be able to: - Understand the capabilities and architecture of Snyk. - Utilize Snyk to detect and remediate code security issues. - Incorporate Snyk into a software development lifecycle for government.
Read more...

Understanding Modern Information Communication Technology

 7 Hours
This course provides an overview of fundamental security principles and IT security, with a focus on protecting against network threats. Participants will develop a comprehensive understanding of critical security protocols and the security aspects of web services. The curriculum will also examine recent attacks on cryptosystems and highlight associated vulnerabilities, ensuring that learners are well-informed about current challenges in the field for government and other sectors.
Read more...

Related Categories

Business Continuity Management
Business Continuity Management
Enterprise Security
Enterprise Security