Continuity Management, Preparedness, and Risk Management (5 cr)

Evaluation scale

H-5

Content scheduling

TOPICS
• Fundamentals of Preparedness and Business Continuity
• Identification, Assessment, and Analysis of Risks
• Preparedness, Recovery, and Resilience
• Business Impact Analysis
• Business Continuity Planning
• Information Security and Preparedness of Information Systems
• Training and Testing
• Business Continuity Standards and Frameworks
• Reporting

OUTCOMES
By the end of the course, the student will be able to:
• Explain the concepts of preparedness and business continuity.
• Recognize the importance of preparedness in various types of organizations and industries.
• Differentiate between preparedness, recovery, and resilience.
• Identify potential risks and threats within an organization.
• Understand the fundamentals of risk analysis and various risk assessment methods.
• Create a business impact analysis process.
• Develop business continuity, recovery, and resilience plans.
• Comprehend the significance of prioritization in maintaining operational capability during crisis situations.
• Plan business-oriented continuity strategies to minimize disruptions during incidents.
• Describe crisis management protocols and the creation of crisis management plans.
• Guide effective communication and decision-making during crisis situations.
• Analyze information security threats and their relevance to preparedness.
• Be capable of planning and executing preparedness and business continuity exercises and tests for organizations.
• Evaluate and test plan effectiveness under various scenarios.
• Understand the influence of stakeholders and partners on the organization's operational continuity.
• Recognize the importance of reporting in business continuity planning as part of information and cyber security management.

SUMMARY
This course provides a comprehensive overview of concepts, methods, and practical exercises in information and cyber security's business continuity, preparedness, and risk management. Students will learn how to strategize operations during disruptive situations, plan and document recovery and resilience measures, and understand the importance of internal and external crisis communication in maintaining operational continuity. The course equips students to identify factors jeopardizing organizational

Objective

By the end of the course, the student will be able to:
• Explain the concepts of preparedness and business continuity.
• Recognize the importance of preparedness in various types of organizations and industries.
• Differentiate between preparedness, recovery, and resilience.
• Identify potential risks and threats within an organization.
• Understand the fundamentals of risk analysis and various risk assessment methods.
• Create a business impact analysis process.
• Develop business continuity, recovery, and resilience plans.
• Comprehend the significance of prioritization in maintaining operational capability during crisis situations.
• Plan business-oriented continuity strategies to minimize disruptions during incidents.
• Describe crisis management protocols and the creation of crisis management plans.
• Guide effective communication and decision-making during crisis situations.
• Analyze information security threats and their relevance to preparedness.
• Be capable of planning and executing preparedness and business continuity exercises and tests for organizations.
• Evaluate and test plan effectiveness under various scenarios.
• Understand the influence of stakeholders and partners on the organization's operational continuity.
• Recognize the importance of reporting in business continuity planning as part of information and cyber security management.

SUMMARY
This course provides a comprehensive overview of concepts, methods, and practical exercises in information and cyber security's business continuity, preparedness, and risk management. Students will learn how to strategize operations during disruptive situations, plan and document recovery and resilience measures, and understand the importance of internal and external crisis communication in maintaining operational continuity. The course equips students to identify factors jeopardizing organizational operations and their potential consequences and teaches them to evaluate measures reducing the impact and duration of adverse events. Moreover, the course offers insights into necessary resources for recovery and resilience situations.

Content

• Fundamentals of Preparedness and Business Continuity
• Identification, Assessment, and Analysis of Risks
• Preparedness, Recovery, and Resilience
• Business Impact Analysis
• Business Continuity Planning
• Information Security and Preparedness of Information Systems
• Training and Testing
• Business Continuity Standards and Frameworks
• Reporting

Materials

The learning environment used is the It’s Learning platform provided by Turku University of Applied Sciences. All course materials and remote assignments are distributed through the platform. Any peer assessments will also be conducted within the system.

Teaching methods

The course consists of on-site lectures, group work, case analyses, exercises, and remote tasks, where students have the opportunity to apply what they have learned in practice. At the end of the course, students will be able to design, implement, and maintain effective business continuity and preparedness practices within their organization.

International connections

The teaching consists of in-person sessions and remote periods during which students complete either individual or group tasks. The pedagogical framework is based on problem-based and work-life-oriented teaching

Completion alternatives

-

Student workload

The course is 5 ECTS course (135h)

Further information

The It’s Learning platform used by Turku University of Applied Sciences serves as the communication channel for the course.