Implementing the NIST Cybersecurity Framework Using COBIT® 5
(CSF Implementation Enhanced Qualification Exam Prep)
Certificate: Yes
Duration: 2-days
Course Delivery: (virtual) Classroom
Accreditor: APMG
Language: English
Credits: None
Download a PDF of this course here.
Course Description:
In this course, you will understand the context and nature of cybersecurity risks and how to manage these risks using the NIST Cybersecurity Framework together with COBIT 5. ISO/IEC 27000 is also covered in this course. So if you are already using that standard or interested in applying it as an overall IT Security Management System, this course will be relevant as well.
This course and exam is aimed at individuals who have a basic understanding of both COBIT 5 and security concepts, and who are involved in improving the cybersecurity program for outside organizations or their own.
Learning Objectives:
At the end of this course, participants will be able to:
- Understand the course objectives and content, exam requirements and learning approach.
- Understand the context of cybersecurity: the risks, the challenges in managing these risks, and the benefits of aligning the NIST Framework, ISO/IEC 27000 and COBIT 5.
- Understand an overview of the NIST Cybersecurity Framework, COBIT 5, and ISO/IEC 27000.
- Understand the objectives and scope of the ISACA Guide and how to use it to implement Step 1 – Prioritize and Scope.
- Understand how to use the ISACA Guide and to implement Step 2 – Orient and Step 3 – Create a Current Profile.
- Understand how to use the ISACA Guide and to implement Step 4 – Conduct a Risk Assessment and Step 5 – Create a Target Profile.
- Understand how to use the ISACA Guide and to implement Step 6 – Determine, Analyze and Prioritize Gaps.
- Understand how to use the ISACA Guide and to implement Step 7 – Implementation Plan.
- Understand how to use the ISACA Guide and to implement an Action Plan Review and Manage the Lifecycle.
Benefits of Taking This Course:
The course will enable you to understand the complex topic of cybersecurity, and plan effective implementation programs. It will also enable preparation for the exam to obtain the CSF Implementation Enhanced Qualification.
Prerequisites:
The recommended prerequisites for this course are:
- Completed COBIT 5 Foundation Course (for obtaining the CSF Implementation Enhanced Qualification)
- Basic Knowledge of COBIT 5
- Basic knowledge of cybersecurity concepts
Follow-on Courses:
The following follow-on courses are recommended:
- Governance of Information Security
- ISO/IEC 27000 Foundation
- COBIT 5 Implementation
- CyberSecurity Foundation
- RESILIA Cyber Resilience Best Practice Foundation
Course Materials:
You will receive the following as part of this course:
- Coursebook (eBook) with reference materials and all the exercises, mock exam and syllabus
Examination:
- Exam Format: Closed-book
- Delivery: Live or Web Based
- Questions: 75 with 1 mark each. All will be multiple choice questions with some scenario-based questions. 5 of the 75 are trial questions that do not count towards the overall score (not marked as trial questions)
- Passing Score: 50% (35 or more correct to pass)
- Exam Duration: 80 minutes. 15 minutes extra time for non-native English speakers
- Proctoring: (Web) Proctored
Technical Requirements:
For eBooks:
- Internet for downloading the eBook
- Laptop, tablet, SmartPhone, eReader
- PDF Reader, recommended Adobe Reader
Agenda:
Day 1 | Day 2 |
1. Course Introduction | 6. Step 4 and Step 5: Conduct a Risk Assessment and Create a Target Profile |
2. Cybersecurity Challenges | 7. Step 6: Determine, Analyze, and Prioritize Gaps |
3. Introducing the Frameworks | 8. Step 7: Implement Action Plan |
4. Step 1: Prioritize and Scope | 9. CSF Action Plan Review and CSF Life Cycle Management |
5.Steps 2 and 3: Orient and Create a Current Profile |
Download a PDF of this course here.
Course Outline:
Course Introduction
- Introductions
- Course Objectives
- Agenda
- Learning Approach
Cybersecurity Challenges
- What is cybersecurity?
- What are the risks?
- What are the challenges?
- What are the benefits:
- NIST Framework
- COBIT 5
- ISO27000
Introducing the Frameworks
- NIST Core, Tier and Profiles Facts and Concepts
- How to apply these concepts to a scenario
Step 1: Prioritize and Scope
- The CSF Goals and implementation steps
- How the CSF relates to the NIST Framework
- What are the drivers?
- Implementation Considerations
- Relevant COBIT 5 Practices
Steps 2 and 3: Orient and Create a Current Profile
- Where are we now?
- Implementation Considerations
- Relevant COBIT 5 Practices
Step 4 and Step 5: Conduct a Risk Assessment and Create a Target Profile
- Where do we want to be?
- Implementation Considerations
- Relevant COBIT 5 Practices
Step 6: Determine, Analyze, and Prioritize Gaps
- What needs to be done?
- Implementation Considerations
- Relevant COBIT 5 Practice
Step 7: Implement Action Plan
- How do we get there?
- Implementation Considerations
- Relevant COBIT 5 Practice
CSF Action Plan Review and CSF Life Cycle Management
- Did we Get There
- Implementation Considerations
- Relevant COBIT 5 Practices
- How do we Keep the Momentum Going
- Implementation Considerations
- Relevant COBIT 5 Practices
Download a PDF of this course here.
The COBIT 5 logo is a Registered Trade Mark of ISACA. The ACCREDITED BY APMG-International and Swirl Device logo is a trade mark of the APMG Group Ltd. COBIT® is a Registered Trade Mark of ISACA.