DVMS Cyber Resilience Professional - Practitioner

Participants should have:

• A foundational understanding of cybersecurity, IT service management (ITSM), governance, or risk management principles.
• Experience working in cross-functional teams that manage or support technology-enabled business services.
• Completion, and exam pass of the DVMS Cyber Resilience Professional Foundation certification

Target audience

This course is designed for:

• ITSM, GRC, cybersecurity, and business professionals responsible for designing, implementing, or operating integrated governance and resilience systems.
• Practitioners seeking to develop strategic, adaptive, and culture-driven approaches to managing cyber risk.
• Professionals involved in compliance, operational resilience, or enterprise assurance programmes aligned with government or regulatory standards.

By the end of this course, participants will be able to:

• Apply systems thinking and practitioner-level decision-making to manage digital value and risk.
• Build and operate an integrated DVMS Governance, Resilience, and Assurance System® that aligns strategy, risk, and culture.
• Map frameworks such as NIST CSF, ISO, and ITSM into a unified model of continual improvement.
• Design and validate Minimum Viable Capabilities (MVCs) that enhance organisational resilience and agility.
• Use Goal–Question–Metric (GQM) and QO–QM frameworks to align governance metrics with strategic outcomes.
• Assess cultural maturity and innovation readiness using the Digital Value Capability Maturity Model (DVCMM).
• Synthesize course concepts into a measurable, improvement-driven practitioner plan through a capstone project.

Practitioner foundations

• Transitioning from compliance-driven to practitioner mindsets.
• Developing adaptive and proactive decision-making in cybersecurity operations.
• Understanding and applying the 3D Knowledge Model (X, Y, and Z axes) for mapping dependencies and cultural impact.
• Using inquiry and diagnostic questions to reveal risks, assumptions, and dependencies.
• Unifying strategy and risk thinking to eliminate organisational silos and strengthen alignment.

Systems thinking and operational integration

• Understanding system structure, behaviour, and culture in cybersecurity environments.
• Applying systems tools such as causal loops, iceberg models, and behaviour-over-time graphs.
• Integrating strategy-risk concepts into daily operational practices.
• Using the Create–Protect–Deliver (CPD) model to analyse workflows and assurance loops.
• Aligning NIST CSF core functions with CPD and MVC for consistent execution.
• Employing adversarial modelling to anticipate and mitigate threats through use and misuse cases.

Governance, capabilities, and measurement

• Positioning DVMS as a governance overlay linking strategic intent with operational execution.
• Applying and adapting the seven Minimum Viable Capabilities (MVCs) across digital workflows.
• Using the Z-axis of the 3D Knowledge Model to identify cultural barriers to governance.
• Implementing Goal–Question–Metric (GQM) and QO–QM frameworks to define meaningful metrics.
• Applying the FastTrack™ approach to deploy capabilities based on maturity and cultural readiness.
• Structuring cross-functional risk teams for continuous governance integration and collaboration.

Innovation, maturity, and adaptation

• Differentiating between incremental, sustaining, adaptive, and disruptive innovation.
• Mapping feedback loops to drive cultural learning and nonlinear adoption.
• Applying the Digital Value Capability Maturity Model (DVCMM) to benchmark capability levels (0–3).
• Linking Govern and Assure functions to maturity and capability development.
• Synthesising systems thinking, governance, measurement, and culture into an improvement framework.

Integration, improvement, and mastery

• Designing feedback mechanisms for single- and double-loop learning.
• Embedding continual improvement and innovation into the governance cycle.
• Integrating DVMS, GQM/QO–QM, and cultural diagnostics into unified operational systems.
• Applying all models in a capstone project to address a real-world cyber resilience challenge.
• Developing actionable plans for improving cultural maturity, resilience, and assurance.

Exams and assessments

• Format: Online, proctored, open-book examination.
• Duration: 150 minutes (2.5 hours).
• Structure: 65 multiple-choice questions (one correct answer each).
• Scoring: 65 total points; passing score 39 (60%).
• Focus: Application, analysis, and evaluation at Bloom’s Levels 3–5.
• Permitted resources: Course book, slides, and case study materials (unaltered).
• Outcome: Pass/Fail; successful candidates earn the DVMS Cyber Resilience Professional Practitioner certification.

Hands-on learning

This course integrates applied learning through:

• Real-world case studies and use/misuse exercises.
• Systems mapping and workflow analysis using CPD and MVC models.
• Collaborative group discussions on governance integration and cultural adaptation.
• A capstone synthesis project linking all frameworks to measurable business outcomes.