Organisational Capabilities
Organisation
There are several resilience management frameworks widely in use today based on ISO, NIST and industry specific standards.
One example that focuses on financial critical infrastructure is based on the CPMI-IOSCO guidance and developed by the European Central bank for Financial Market Infrastructures.
ECB - Cyber Resilience Oversight Expectations
The Cyber Resilience Oversight Expectations published by the European Central Bank is an organisaton wide resilience assessment targeted for financial market infrastructures and can be used as a good practice in other critical infrastructures.
More information about the CROE can be found here.
Capabilities
Resilience assessments can be performed that focus on specific resilience capabilities. Examples include: Incident and Service Continuity Management. SOC Capabilities Assessment, Red team testing, outsourcing and third Party Risk Management.
Contact us for more information about specific capability assessments.