EPI-AP Logo


 

Certified Data Centre Risk Professional (CDRP®)


CDRP Training for cdrp engineer, cdrp job with cdrp resume, cdrp professional engineers board, cdrp schedule, cdrp value, cdrp, cdrpexin, cdrpicor
 

CDRP® Overview

The CDRP® is a 2-day course is designed to expose attendants to the overall risk management process. Focus is on both the data centre infrastructure and the physical data centre facility and equipment; the attendant will learn how to identify and quantify risk in their organization, creating the ability to reduce the risk to a level acceptable for the organization. The course is based on international standards (ISO/IEC27001:2005) and guidelines (ISO/IEC27005:2011, NIST800-30, ISO/IEC31000) and will additionally prepare the candidate being able to take part and assist in corporate certification processes that may apply.

Need further assistance? Contact us for further information.

Audience

The primary audience for this course is an IT, Facilities or Data Centre Operations professional working in and around the data centre (representing both end-customers and/or service provider/facilitators) and having responsibility to achieve and improve hi-availability and manageability of the data centre, such as: Data centre managers, Operations / Floor / Facility managers, IT managers, Information security managers, Security professionals, Auditors / Risk Managers / Professionals responsible for IT/corporate governance.
 

Prerequisites

There is no specific prerequisite for the CDRP® course. However, participants who have at least three years' experience in a data centre and/or IT infrastructures will be best suited. This experience may come from a business or IT background where the participant has knowledge of both environments, and understands the mission of their organisation. Attendance of CDCP® is beneficial but not a requirement.
 

Course Benefits

After completion of the course, the participant will be able to:

  • Understand the different standards and methodologies for risk management and assessment
  • Establish the required project team for risk management
  • Perform the risk assessment, identifying current threats, vulnerabilities and the potential impact based on customised threat catalogues
  • Report on the current risk level of the data centre both quantitative and qualitative
  • Anticipate and minimise potential financial impacts
  • Understand the options for handling risk
  • Continuously monitor and review the status of risk present in the data centre
  • Reduce the frequency and magnitude of incidents
  • Detect and respond to events when they occur
  • Meet regulatory and compliance requirements
  • Support certification processes such as ISO/IEC 27001
  • Support overall corporate and IT governance
     

Course Syllabus

Introduction to Risk Management

  • Risk management concepts
  • Senior management and risk
  • Enterprise Risk Management (ERM)
  • Benefits of risk management

Data Centre Risk and Impact

  • Risk in facility, power, cooling, fire suppression, infrastructure and IT services
  • Impact of data centre downtime
  • Main causes of downtime
  • Cost factors in downtime

Standards, Guidelines and Methodologies

  • ISO/IEC 27001:2013, ISO/IEC 27005:2011, ISO/IEC 27002:2013
  • NIST SP 800-30
  • ISO/IEC 31000:2009
  • SS507:2008
  • ANSI/TIA-942
  • Other methodologies (CRAMM, EBIOS, OCTAVE, etc.)

Risk Management Definitions

  • Asset
  • Availability/Confidentiality/Integrity
  • Control
  • Information processing facility
  • Information security
  • Policy
  • Risk
  • Risk analysis/Risk assessment/Risk evaluation/
  • Risk treatment
  • Threat/Vulnerability
  • Types of risk

Risk Assessment Software

  • The need for software
  • Automation
  • Considerations

Risk Management Process

  • The risk management process
  • Establishing the context
  • Identification
  • Analysis
  • Evaluation
  • Treatment
  • Communication and consultation
  • Monitoring and review

Project Approach

  • Project management principles
  • Project management methods
  • Scope
  • Time
  • Cost
  • Cost estimate methods

Context Establishment

  • General considerations
  • Risk evaluation, impact and acceptance criteria
  • Severity rating of impact
  • Occurrence rating of probability
  • Scope and boundaries
  • Scope constraints
  • Roles & responsibilities
  • Training, awareness and competence

Risk Assessment - Identification

  • The risk assessment process
  • Identification of assets
  • Identification of threats
  • Identification of existing controls
  • Identification of vulnerabilities
  • Identification of consequences
  • Hands-on exercise: Identification of assets, threats, existing controls, vulnerabilities and consequences

Risk Assessment - Analysis and Evaluation

  • Risk estimation
  • Risk estimation methodologies
  • Assessment of consequences
  • Assessment of incident likelihood
  • Level of risk estimation
  • Risk evaluation
  • Hands-on exercise: Assessment of consequences,
  • probability and estimating level of risk

Risk Treatment

  • The risk treatment process steps
  • Risk Treatment Plan (RTP)
  • Risk modification
  • Risk retention
  • Risk avoidance
  • Risk sharing
  • Constraints in risk modification
  • Control categories
  • Control examples
  • Cost-benefit analysis
  • Control implementation
  • Residual risk

Communication

  • Effective communication of risk management activities
  • Benefits and concerns of communication

Risk Monitoring and Review

  • Ongoing monitoring and review
  • Criteria for review

Risk scenarios

  • Risk assessment approach
  • Data centre site selection
  • Data centre facility
  • Cloud computing
  • UPS scenarios
  • Force majeure
  • Organisational shortcomings
  • Human failure
  • Technical failure
  • Deliberate acts

Delivery Structure and Methods

The CDRP® course is lectured by an EPI Certified Instructor using a combination of lectures and question-and-answer sessions to discuss participants’ specific needs and issues experienced in their own environment.  Participants are able to tap into the trainer’s extensive experience to enable them to solve practical problems in their current environment, thus adding tremendous value.

CDRP® course available in the following delivery methods:

Exam

Exam: Certified Data Centre Risk Professional (CDRP®)

Attendees will take a 1 hour CDRP® exam. The exam is 40 questions, closed book and multiple choice based. The passing mark is 27 out of 40. 

Certification and Accreditation

Attendees passing the exam will be awarded the internationally accredited and recognized 'Certified Data Centre Risk Professional' certificate (CDRP®).

CDRP® is globally accredited by EXIN, a fully independent exam and certification institute.

The CDRP® certificate is valid for 3 years, after which recertification is required.  Please see the EPI Recertification Program for available options.

Download Brochure

For more info, click for brochure:
English | Spanish

CDRP Resources 

Coming Soon. 

Find a Training Schedule

Find a training schedule that suits you, click here.  Or register for the TOD and learn anytime, anywhere.

Need further assistance? Contact us for further information.

 

Available now as TOD

EPI TOD (Training On Demand)

 


 
Training
• Foundation
Risk

Find a Training Schedule

EPI Data Center Framework

EPI Data Centre Operations Standard (DCOS)

EPI Data Centre Conpetence Framework

EPI Data Center Training Framework

IT Training Framework

Make an enquiry
Send me updates
Home
About Us
Services

Audit Certification 
Training Solutions
Data Centre Training
IT Training
Short Courses

Standards

DCOS®
CRUR®

News
Promotions & Events
Articles
Webinars
Frameworks

EPI IT & Data Centre Framework©
EPI Data Centre Competence Framework (DCCF©)

Contact Us

Contact EPI
Training Partners - DC
Training Partners - IT
Audit Partners
Become a Partner

 

Career Planning Tools

Data Centre Training Quick Guide
Data Centre Career Planning Tool (DCPT)
IT Career Planning Tool (ITCPT)

 

Copyright EPI Singapore 2024      | Privacy Policy | Terms & Conditions

Message Us