Business Information Continuity is a course that will train business managers to respond to varying threats that might impact their organization's access to information. This course provides requisite background theory and recommended best practices needed by managers to keep their offices running during incidents of different types. Topics include an overview of business information continuity; guides for implementing and managing business information continuity plan, a discussion of technical vulnerabilities faced by organizations, and an examination of legal issues that may confront an organization.
The student will demonstrate an understanding of:
- Why Business Information Continuity plans are necessary
- How to identify the organization's assets, any vulnerabilities that might impact them, and controls that can be used to protect them.
- Procedures used when conducting a Business Impact Analysis, Purpose and scope of a typical cyber-security training program
- The disaster recovery process; typical members of an incident response team
- The process for making changes to the business information continuity plan; advantages and disadvantages of outsourcing.
- Why and how security measures must be applied to personal computers and workstations: common network based security threats
- Common security concerns associated with the use of wireless networks; common precautions that must be taken when attaching a network to the Internet, common access control models, the need for verification and validation processes.
- Dangers to business information continuity posed by non-compliance with existing laws; the portions of HIPAA that impact business information continuity; important details of the Sarbanes-Oxley act and purpose of the Federal Information Security Management Act (FISMA); U.S. government laws relevant to business information continuity and their important details.
- Goals of a business information continuity plan; concepts that guide the implementation of a business information continuity; Procedures required to assure business information continuity
- Design and execution of tests for a business information continuity plan; how to detect and handle varying incidents.
- Appropriate responses to incidents that threaten business information continuity.
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.