GIPMC
  • Contact Us
img

ISO/IEC 27031:2011 - Lead Implementer

Course Description:

ISO/IEC 27031 provides guidance on the concepts and principles behind the role of information and communications technology (ICT) in ensuring business continuity. The standard incorporates the cyclical PDCA approach, extending the conventional business continuity planning process to take greater account of ICT. It incorporates ‘failure scenario assessment methods’ such as FMEA (Failure Modes and Effects Analysis), with a focus on identifying ‘triggering events’ that could precipitate more or less serious incidents.

$ 500.00 $ 369.00
Add to Cart
Buy Now

Browse Certifications Info

Certification Overview

ISO/IEC 27031 provides guidance on the concepts and principles behind the role of information and communications technology (ICT) in ensuring business continuity. The standard incorporates the cyclical PDCA approach, extending the conventional business continuity planning process to take greater account of ICT. It incorporates ‘failure scenario assessment methods’ such as FMEA (Failure Modes and Effects Analysis), with a focus on identifying ‘triggering events’ that could precipitate more or less serious incidents. Scope and purpose The standard encompasses all events and incidents (not just information security related) that could have an impact on ICT infrastructure and systems. It therefore extends the practices of information security incident handling and management, ICT readiness planning and services. ICT Readiness for Business Continuity (IRBC) [a general term for the processes described in the standard] supports Business Continuity Management (BCM) “by ensuring that the ICT services are as resilient as appropriate and can be recovered to pre-determined levels within timescales required and agreed by the organization.” The SC 27 team responsible for ISO/IEC 27031 liaised with ISO Technical Committee 233 on business continuity, to ensure alignment and avoid overlap or conflict. The FCD advised: “If an organization is using ISO/IEC 27001 to establish Information Security Management System (ISMS), and/or using ISO 2239PAS or ISO 23301 to establish Business Continuity Management System (BCMS), the establishment of IRBC should preferably take into consideration existing or intended processes linked to these standards. This linkage may support the establishment of IRBC and also avoid any dual processes for the organization.”

E-Course Duration: 30 to 35 Hours

Download Sample Exam

Exam Information

  • The exam comprises of 100 Multiple Choice Questions out of which the candidate needs to score 60% (60 out of 100 correct) to pass the exam.

  • Exams are online and proctored based, using a webcam and a reliable internet connection exams can be taken anywhere and anytime.

  • The total duration of the exam is 2 hours (120 Minutes).

  • No external sources of information may be accessed during the exam held via ProctorU. Further details of the materials permitted are provided:
  • Identification Proof

  • If a Candidate does not pass the exam in the second (2nd) attempt, the candidate must wait for a period of at least fourteen (14) calendar days from the date of their attempt to retake the exam for third (3rd) time or any subsequent time.
  • The exam can be taken any number of times

  • The ISO/IEC 27031 - Lead Implementer Certificate is valid for four (4) years.
  • Displaying your certificate
  • Remember, when labelling a product or system as certified to an ISO standard:
  • Don't say: "ISO certified" or "ISO certification"
  • DO say: "ISO 9001:2008 certified" or "ISO 9001:2008 certification" (for example).

  • N/A

  • N/A

  • The ISO/IEC 27031 Lead Implementer Certification has no pre-requisites (Completion of an E-Course is not mandatory from GIPMCBok portal), but we highly recommend doing the E-Course as maximum number of questions are drawn from the E-Course in the actual exam.
Download Brochure

Course Outline

Module 1 - Business Continuity and Disaster Recovery Overview

    • Business Continuity and Disaster Recovery Defined
    • The Cost of Planning versus the Cost of Failure
    • Types of Disasters to Consider
    • Risk Assessment
    • Business Impact Analysis
    • Mitigation Strategy Development

Module 2 - Legal and Regulatory Obligations Regarding Data

    • Content Regulatory Environment
    • Information Security Management
    • Impact Analysis 

Module 3 - Project Initiation

    • Elements of Project Success
    • Project Plan Components
    • Project Organization
    • Project Planning
    • Project Tracking
    • Project Closeout

Module 4 - Business Continuity and Disaster Recovery

    • Integrating BC/DR Requirements
    • Improving BC/DR Recovery and Risk Mitigation Strategies.
    • Improving BC/DR Testing

Module 5 - Risk Assessment

    • Risk Management Basics
    • People, Process, Technology and Infrastructure
    • IT-Specific risk management
    • Risk Assessment Components
    • Threat Assessment Methodology
    • Vulnerability Assessment

Module 6 - Business Impact Analysis

    • Overview
    • Understanding Impact Criticality
    • Business functions
    • Gathering Data for the Business Impact Analysis
    • Determining the Impact
    • Business Impact Analysis Data Points
    • Preparing the Business Impact Analysis Report

Module 7 - Business Continuity and Disaster Recovery in Healthcare

    • Introduction to Healthcare IT
    • Regulatory Environment
    • Healthcare IT Risk Management
    • Technical Needs
    • Healthcare Operational Needs
    • Interoperability 
    • Current Environment and New Technology
    • Healthcare IT BC/DR Best Practices

Module 8 -Emergency Response and Recovery

    • Emergency Management Overview
    • Emergency Response Plans
    • Emergency Response Teams
    • Crisis Management Team
    • Disaster Recovery
    • Business continuity

Modules 9 - Training, Testing, and Auditing

    • Training for Disaster Recovery and Business
    • Continuity
    • Emergency Response 
    • Performing Training needs Assessment 
    • Scheduling and Delivering Training
    • Monitoring and Measuring Training
    • Disaster Recovery Plan
    • Testing the BC/DR Plan
    • Performing IT Systems and Security Audits
    • IT Systems and Security Audits

Module 10 - BC/DR Plan Maintenance

    • Plan Change Management
    • Plan Audit
    • Plan Maintenance Activities
    • Project Close Out

Target Audience

  • Information and communication technology managers
  • Information technology managers
  • Personnel involved with risk assessment and risk analysis
  • Software engineers
  • Network engineers and managers
Subscribe

Join Our Newsletter Now

Subscribe to GIPMC mailing list to receive update on new Certifications, Special Offers and Discount Information.