DVMS Cyber Resilience Professional – Foundation

This foundation-level course provides IT service management, governance, risk, compliance, and cybersecurity professionals with an in-depth understanding of the NIST Cybersecurity Framework (NIST-CSF) and its integration within a Digital Value Management System (DVMS). Participants explore how NIST-CSF supports the creation of an adaptive, integrated, and culture-driven governance and assurance system capable of delivering resilient, compliant, and trusted digital outcomes. The course prepares learners for the DVMS Cyber Resilience Professional – Foundation certification exam, which is taken after course completion.

By the end of this course, learners will be able to:

• Explain the principles, structure, and objectives of the NIST Cybersecurity Framework (NIST-CSF).
• Describe how NIST-CSF supports organisational risk management and digital value creation.
• Understand the relationship between NIST-CSF and other frameworks, including COSO Enterprise Risk Management and the NIST Privacy Framework.
• Identify how NIST-CSF Profiles and Tiers are used to evaluate cybersecurity maturity.
• Apply NIST-CSF concepts to enhance organisational resilience and governance.
• Recognise how NIST-CSF integrates within a Digital Value Management System to achieve adaptive and culture-driven assurance.
• Prepare for the DVMS Cyber Resilience Professional – Foundation certification exam.

There are no formal prerequisites for this course. It is suitable for professionals involved in designing, implementing, operating, or improving digital governance and assurance systems that deliver secure and compliant outcomes.

Recommended participants include ITSM, GRC, cybersecurity, and business professionals seeking to align risk management and value creation through the NIST Cybersecurity Framework.

Target audience

This course is designed for:

• IT service management professionals responsible for digital governance and compliance.
• Cybersecurity and risk management professionals aiming to integrate NIST-CSF into organisational practices.
• Business leaders, consultants, and assurance specialists responsible for achieving resilient and trusted digital outcomes.
• Teams or departments implementing adaptive governance and assurance models within a DVMS.

Understanding the NIST Cybersecurity Framework (NIST-CSF)

This introductory module explores the nature of digital threats, vulnerabilities, and risks organisations face, highlighting the need for effective value creation and protection strategies. It examines the origins, evolution, and benefits of adopting the NIST Cybersecurity Framework as a guide for managing digital risk.

Learning outcomes:

• Explain the concept of risk.
• Understand the difference between a threat and vulnerability.
• Understand cybersecurity risk.
• Understand the NIST-CSF timeline.
• Explain the benefits of adopting the NIST-CSF.

NIST-CSF profiles

This module introduces the structure of the NIST-CSF Core, examining how profiles and tiers are used to assess risk and cybersecurity maturity. Learners explore how to leverage the NIST-CSF online reference to support framework implementation.

Learning outcomes:

• Explain the structure of the NIST-CSF Core.
• Understand the concepts of profiles and tiers.
• Understand the relationship between NIST-CSF Profiles and NIST-CSF Tiers.
• Understand the use of the NIST-CSF online reference.

NIST-CSF core functions

This module examines the five core functions of the NIST-CSF—Identify, Protect, Detect, Respond, and Recover—and their underlying categories and subcategories. Learners gain an understanding of how these functions define key cybersecurity outcomes and objectives.

Learning outcomes:

• Understand the structure of the NIST-CSF Core.
• Describe the high-level outcomes of the NIST-CSF Core.
• Understand the high-level objectives of the NIST-CSF Core categories.

NIST-CSF profiles and tiers in detail

This module explores the detailed application of NIST-CSF Profiles and Tiers, helping participants understand how they can assess and improve their organisation’s cybersecurity posture.

Learning outcomes:

• Understand and describe the use of NIST-CSF Profiles.
• Understand and explain NIST-CSF Tiers and their use.

COSO enterprise risk management

This module introduces the COSO Enterprise Risk Management (ERM) framework and its relevance in supporting NIST-CSF adoption. It explores how COSO’s 20 principles contribute to risk-informed decision-making and how organisational culture influences risk management effectiveness.

Learning outcomes:

• Understand the COSO 20 principles in the context of adapting a NIST-CSF.
• Understand how culture impacts organisational risk.

Integrating NIST-CSF and the NIST Privacy Framework

This module examines how the NIST Privacy Framework can be applied alongside the NIST Cybersecurity Framework to address both privacy and security concerns. Learners understand how these frameworks can be integrated to strengthen overall digital governance.

Learning outcomes:

• Describe the role of a privacy framework.
• Understand how an organisational privacy framework integrates with the NIST-CSF.

Building organisational resilience with NIST-CSF

This module focuses on the importance of resilience and how NIST-CSF principles can be applied to build adaptive and sustainable cybersecurity capabilities.

Learning outcome:

• Understand the importance of organisational resiliency in the context of the NIST-CSF.

Adopting and adapting the NIST-CSF

Learners explore the process of adopting the NIST Cybersecurity Framework within an organisation, including leadership commitment and cultural alignment. The module highlights the strategic importance of framework adoption for long-term governance success.

Learning outcomes:

• Describe the strategic importance of adopting the NIST-CSF.
• Describe senior leadership’s role in adopting the NIST-CSF, including commitment and culture creation.
• Describe what it means to adopt a framework.
• Explain organisational commitment when adopting the NIST-CSF.

Adapting the NIST-CSF using informative references

This module explains how organisations can adapt NIST-CSF using Informative References (IRs) to align with specific business and regulatory requirements.

Learning outcomes:

• Explain what a NIST-CSF Informative Reference is.
• Describe how an organisation adapts IR controls to suit its needs.
• Describe how adapting and implementing IR controls improves organisational resiliency.

Beyond the NIST-CSF: Digital Value Management Systems (DVMS)

The final module examines how the NIST Cybersecurity Framework operates within the broader context of Digital Value Management Systems. Learners explore the DVMS overlay concepts, the Z-X Model’s seven capabilities, and how the DVMS FastTrack™ approach supports performance improvement.

Learning outcomes:

• Understand DVMS overlay concepts.
• Explain the DVMS Z-X Model’s seven capabilities.
• Explain how the DVMS overlay identifies performance gaps.
• Understand the application of the DVMS FastTrack™.

Exams and assessments

The course includes an exam voucher for the DVMS Cyber Resilience Professional – Foundation certification. Learners complete the exam after finishing the training. Knowledge checks and discussions are included during the course to reinforce understanding and prepare for certification.

Hands-on learning

The course provides guided discussions, case studies, and scenario-based exercises that allow participants to apply NIST-CSF principles in real-world governance and risk management contexts. Learners engage in collaborative analysis to identify improvement opportunities and develop adaptive cybersecurity strategies.