Disaster Response and Recovery Manager

DRRM Self-Study Cyber Security Course

Business Continuity and Disaster Response and Recovery is the development of processes, policies, and procedures that prepare for and react to significant and unplanned operational disruptions. The Disaster Response and Recovery Manager self-study course prepares students for industry expertise in Business Continuity Planning and Disaster Recovery missions.

Facing daily risks to long-term success from a wide range of threats—cyber-attacks, human error, technical failures, and natural disasters—businesses must create practical plans to sustain their vital operations, security posture, industry reputation, and brand. Students will cover critical topics such as BCP Design and Development Strategies, Selection of Risk Management Frameworks, Qualitative and Quantitative Analysis Strategies, Creating Asset Inventories and Resource Profiles, Recovery Site Management and Workflows, Reviewing Cloud Computing Service Agreements, Cloud Data Security Strategies, and the Impact of Legal Requirements on Cloud Storage Solutions.

Hard Copy Course Materials

DRRM Self-Study Textbook 01
DRRM Self-Study Textbook 02
DRRM Self-Study Workbook
DRRM Self-Study Prep Guide

Online Course Materials

All Phase2 self-study courses offer the following online resources and/or support:

  • Domain Knowledge Assessment Quizzes
  • Course Workbook and Lab Exercises
  • Exam Prep Guide
  • Lab Images and Files (Applicable Courses)
  • Instructor Support During Enrollment (by Email)

Course Outline and Learning Objectives

  • The BCP and DRP Convergence
  • Key BCP and DRP Definitions
  • BCP Key Components
  • DRP Key Components
  • Desired State of Security Challenges
  • Evolution of Sustainable Policies
  • Roles of a Business Impact Analysis
  • Benefits of a Business Impact Analysis
  • Managing a BIA Project
  • Selecting a BIA Project Manager
  • BIA Data Collection
  • Presenting Results to Management
  • The Key Attributes of Risk
  • Risk Management Program Development
  • Asset Inventories and Resource Profiles
  • Risk Management Frameworks
  • Vulnerability Assessment ≠ Risk Assessment
  • Third-Party Service Providers
  • Qualitative and Quantitative Analysis
  • Defining Severity
  • Estimating Severity and Likelihood
  • Asset Value Considerations
  • Calculating SLE, ARO, and ALE
  • Sources of Respected Statistics
  • Developing Testing Goals
  • Benefits of BCP Testing
  • BCP Test Progressions
  • Potential Testing Scenarios
  • Training and Awareness
  • Benefits of Certifying the BCP
  • The EOC in Limited Emergencies
  • EOC Scope and Purpose
  • EOC Material Requirements
  • EOC Command Functions
  • EOC Control Functions
  • Mobile EOC Characteristics
  • Assembly Point Considerations
  • The Recovery Site Manager
  • Recovery Gantt Chart Function
  • Work Area Considerations
  • Digital Communication Considerations
  • SMS Notification Methodology
  • Seasonal Flu vs. Pandemic Flu
  • Flu Epidemics: Facts and Statistics
  • Impacts of Flu on Business
  • The Epidemic / Pandemic BCP Team
  • Epidemic / Pandemic Risk Assessment
  • Post-Epidemic / Pandemic Considerations
  • Definition of Cloud Computing
  • Cloud Computing Characteristics
  • Defining the Existing Operational State
  • Benefits of Cloud Computing
  • Cloud Computing Service Models
  • Cloud Computing Deployment Models
  • Cloud Data Life Cycle (CDLC)
  • Cloud Architecture: Volume Storage
  • Cloud Architecture: Object-Based Storage
  • The Content Delivery Network (CDN)
  • Security Information and Event Management
  • Data Loss Prevention: Egress Monitoring
  • Cloud Platform Risks
  • Private and Public Cloud Risks and Threats
  • Vendor Lock-Out / Lock-In
  • IaaS / PaaS / SaaS Risks and Threats
  • Virtualization Risks and Threats
  • Cloud-Specific BIA Risks
  • Foundations of Managed Services
  • Responsibilities by Service Type
  • Shared Responsibilities by Service Type
  • Lack of Physical Access
  • Lack of Auditing Ability
  • Shared Responsibility: Monitoring and Testing
  • Criminal and Civil Law
  • Administrative and International Law
  • Doctrine of Proper Law
  • EU Data Protection Directive
  • Personal and Data Privacy Issues
  • Forensic Requirements
  • Diverse Geographical Legal Jurisdictions
  • Organizational Cloud Policies
  • The Cloud in Enterprise Risk Management
  • Risk Management Frameworks
  • Risk Management Metrics
  • Contracts and Service-Level Agreements
  • General Contract Structures
  • Prime Clauses
  • General Clauses
  • Boilerplate Clauses
  • SLA and Contract Review Process
  • General Contract Review Checklist
  • Provisions of an Enforceable Contract
  • Myths and Misunderstandings in Contracts
  • Contract Negotiation Strategies
  • Including a Matching Right
  • Attempting a Contingent Agreement
  • Searching for Post-Settlement Settlements

Certificate of Course Completion

A Certificate of Course Completion (shown below) will be available for download in PDF format immediately upon successful completion of the 16 domain knowledge assessment quizzes.  Replacement certificates can be requested by email at any time after the successful completion of the self-study course at no cost.

DRRM Certificate of Course Completion

Course Cost


Phase2 Advantage offers discounts to non-profit organizations, federal agencies, law enforcement personnel, and the military affiliate community. We also offer group discounts. Email training@phase2advantage.com to see if your organization qualifies for one or more of our discount programs.