Events

Performing a CRR against the NIST CSF is an ideal way to get started with establishing or improving enterprise-wide cyber security governance and best practices based on the NIST Cybersecurity Framework. Certified Information Security's Cyber qualified security assessors have been trained by official DHS Security assessors to facilitate private (not involving the DHS) CRR question-based assessments for organizations otherwise not eligible for DHS facilitation. Small teams often choose to attend regularly-scheduled public group assessment workshops, while larger teams typically opt to reserve discounted private on-site/virtual assessments.

The Cyber Resilience Review is a lightweight assessment method that was created by the U.S. Department of Homeland Security (DHS) for the purpose of evaluating the cybersecurity and service continuity practices of critical infrastructure owners and operators. However, private sector organizations and foreign government bodies leverage the same CRR to evaluate enterprise programs and practices across a range of ten domains including risk management, incident management, service continuity, and others.  

The CRR assessment strives to identify how an organization aligns its cybersecurity management activities to the performance or production of its critical services. The assessment consists of 299 questions, and is typically delivered in a 12 - 16 hour workshop led by a qualified facilitator over a period of two consecutive days. Our specially-trained facilitator elicits answers from your organization’s personnel in cybersecurity, operations, physical security, and business continuity. Throughout the assessment workshop, your organization's team members will work together to record answers to the assessment kit (available at no charge), which will then be used to generate a complete 176-page analysis and report. Learn more about assessment topics and structure in "Assessment approach" here. 

Performing a CRR against the NIST CSF is an ideal way to get started with establishing or improving enterprise-wide cyber security governance and best practices based on the NIST Cybersecurity Framework. Certified Information Security's Cyber qualified security assessors have been trained by official DHS Security assessors to facilitate private (not involving the DHS) CRR question-based assessments for organizations otherwise not eligible for DHS facilitation. Small teams often choose to attend regularly-scheduled public group assessment workshops, while larger teams typically opt to reserve discounted private on-site/virtual assessments.

The Cyber Resilience Review is a lightweight assessment method that was created by the U.S. Department of Homeland Security (DHS) for the purpose of evaluating the cybersecurity and service continuity practices of critical infrastructure owners and operators. However, private sector organizations and foreign government bodies leverage the same CRR to evaluate enterprise programs and practices across a range of ten domains including risk management, incident management, service continuity, and others.  

The CRR assessment strives to identify how an organization aligns its cybersecurity management activities to the performance or production of its critical services. The assessment consists of 299 questions, and is typically delivered in a 12 - 16 hour workshop led by a qualified facilitator over a period of two consecutive days. Our specially-trained facilitator elicits answers from your organization’s personnel in cybersecurity, operations, physical security, and business continuity. Throughout the assessment workshop, your organization's team members will work together to record answers to the assessment kit (available at no charge), which will then be used to generate a complete 176-page analysis and report. Learn more about assessment topics and structure in "Assessment approach" here. 

Performing a CRR against the NIST CSF is an ideal way to get started with establishing or improving enterprise-wide cyber security governance and best practices based on the NIST Cybersecurity Framework. Certified Information Security's Cyber qualified security assessors have been trained by official DHS Security assessors to facilitate private (not involving the DHS) CRR question-based assessments for organizations otherwise not eligible for DHS facilitation. Small teams often choose to attend regularly-scheduled public group assessment workshops, while larger teams typically opt to reserve discounted private on-site/virtual assessments.

The Cyber Resilience Review is a lightweight assessment method that was created by the U.S. Department of Homeland Security (DHS) for the purpose of evaluating the cybersecurity and service continuity practices of critical infrastructure owners and operators. However, private sector organizations and foreign government bodies leverage the same CRR to evaluate enterprise programs and practices across a range of ten domains including risk management, incident management, service continuity, and others.  

The CRR assessment strives to identify how an organization aligns its cybersecurity management activities to the performance or production of its critical services. The assessment consists of 299 questions, and is typically delivered in a 12 - 16 hour workshop led by a qualified facilitator over a period of two consecutive days. Our specially-trained facilitator elicits answers from your organization’s personnel in cybersecurity, operations, physical security, and business continuity. Throughout the assessment workshop, your organization's team members will work together to record answers to the assessment kit (available at no charge), which will then be used to generate a complete 176-page analysis and report. Learn more about assessment topics and structure in "Assessment approach" here. 

Get a thorough understanding of ISO 31000/27001/2/3/5 standards for enterprise risk management and information security governance, and how to leverage the ISO 31000 and 27000 standards to establish and maintain enterprise risk and information security management system (ISMS) programs. Then build-out the initial ISO-conforming risk management and information security program policy documents right in class!

Pass your exams and be qualified as a Certified ISO 31000 Internal Controls Risk Analyst and a Certified ISO 27001 Lead Implementer.

Get a thorough understanding of ISO 31000/27001/2/3/5 standards for enterprise risk management and information security governance, and how to leverage the ISO 31000 and 27000 standards to establish and maintain enterprise risk and information security management system (ISMS) programs. Then build-out the initial ISO-conforming risk management and information security program policy documents right in class!

Pass your exams and be qualified as a Certified ISO 31000 Internal Controls Risk Analyst and a Certified ISO 27001 Lead Implementer.

Get a thorough understanding of ISO 31000/27001/2/3/5 standards for enterprise risk management and information security governance, and how to leverage the ISO 31000 and 27000 standards to establish and maintain enterprise risk and information security management system (ISMS) programs. Then build-out the initial ISO-conforming risk management and information security program policy documents right in class!

Pass your exams and be qualified as a Certified ISO 31000 Internal Controls Risk Analyst and a Certified ISO 27001 Lead Implementer.