Course

Cyber Resilience Review (CRR) / External Dependency Management (EDM) Training

Format
Document
Delivery
Live
Location type
Virtual/Online
Related topics:
Cybersecurity Best Practices, Industrial Control Systems, Critical Infrastructure Security and Resilience

Description

Assessment

Cyber Resilience Review (CRR)

Purpose

Conduct an interview-based assessment to evaluate an organization’s operational resilience and cybersecurity practices

 

Objectives
  • Part of a U.S. Department of Homeland Security (DHS) initiative intended to help the nation’s critical infrastructure providers understand their operational resilience and ability to manage cyber risk
  • Assesses enterprise programs and practices across a range of ten domains including risk management, incident management, service continuity, and others
  • Designed to measure existing organizational resilience as well as provide a gap analysis for improvement based on recognized best practices
  • Consists of 299 questions, typically delivered in a six-hour workshop
  • All CRR questions have three possible responses: “Yes,” “No,” and “Incomplete”

 

Role

Assessment Lead

Course Length

5 Days

Course Mode

Instructor Led, Virtual OnDemand (coming soon)

Course Agenda
  • Day 1: Background, resilience management, critical service, CRR and EDM methodology
  • Day 2: Assessment process and assessment domains
  • Day 3: Assessment domains
  • Day 4: Final report preparation and debrief
  • Day 5: Conclusion and Capstone exam

 

 

Assessment

External Dependency Management (EDM)

Purpose

Conduct an interview-based assessment to evaluate an organization’s management of external dependencies

 

Objectives
  • Part of a U.S. Department of Homeland Security (DHS) initiative intended to help the nation’s critical infrastructure providers evaluate the external dependency management (supply chain) cybersecurity practices of critical infrastructure
  • Assesses enterprise programs and practices across three domains, including relationship formation, relationship management and governance, and service protection and sustainment
  • Consists of 105 questions, typically delivered in a three-hour workshop
  • Has three possible responses for each EDM question: “Yes,” “No,” and “Incomplete”
  • Has a format similar to CRR

 

Role

Assessment Lead

Course Length

5 Days

Course Mode

Instructor Led, Virtual OnDemand (coming soon)

Course Agenda
  • Day 1: Background, resilience management, critical service, CRR and EDM methodology
  • Day 2: Assessment process and assessment domains
  • Day 3: Assessment domains
  • Day 4: Final report preparation and debrief
  • Day 5: Conclusion and Capstone exam

 

Contact

If you encounter any issues you may contact AESTraining@hq.dhs.gov for assistance.

 

Tags

Topics
Cybersecurity Best Practices, Industrial Control Systems, Critical Infrastructure Security and Resilience, Physical Security, Information and Communications Technology Supply Chain Security, Incident Detection, Response, and Prevention
Audience
Educational Institutions, Federal Government, Industry, Small and Medium Businesses, State, Local, Tribal, and Territorial Government

Related Training

Course | Virtual/Online

Manage your Online Presence

In addition to being aware of information you share online, manage the settings on your social media accounts to better increase your privacy and security.