Description

A focused course, tailored for you

Building the Independent Business Continuity and Resilience Consulting Practice (ISO 22301 + BIA + DORA + Operational Resilience + AI Risk + Engagement Economics)

Build the independent business continuity and resilience consulting practice in 10 weeks. ISO 22301 + BIA + DORA + operational resilience + AI risk + engagement economics.

Independent business continuity consultants compete with Big4 resilience practices on regulated-sector engagements. Clients ask for modern BIA methodology, ISO 22301 alignment, DORA integration for FS, operational resilience under multi-regulator frameworks, AI-risk integration, and engagement economics that work. Consultants who build the modern practice take the senior work. Here is the 10-week build.

$199 one-time

Tailored to your situation. Access within 24 hours. 30-day money-back.

Includes a hand-built implementation playbook delivered alongside course access, generated for your specific situation.

Why this course

Independent business continuity and resilience consultants (boutique resilience practices, solo BCP practitioners, mid-tier resilience firms, fractional Chief Resilience Officers) compete with Big4 resilience practices (the firm Resilience, the firm Resilience, the firm Resilience, the firm Resilience) and specialist firms on regulated-sector engagements.

Clients (FS firms under EU DORA, banks under Fed SR 17-7 and OCC heightened standards and BoE Operational Resilience and APRA CPS 230, insurers under NAIC and EIOPA, telcos under NIS2, energy firms under CER and NIS2, healthcare under HIPAA and EU MDR/IVDR, public sector under FedRAMP and CISA expectations) ask for modern BIA methodology (impact-tolerance setting, severe-but-plausible scenario testing, third-party-criticality assessment), ISO 22301:2019 alignment (with attestation pathway), DORA integration for FS (ICT-risk management, ICT incident management and reporting, digital operational resilience testing including TIBER-EU, ICT third-party risk management, information-sharing arrangements), operational resilience under multi-regulator frameworks, AI-risk integration (AI-system continuity, AI vendor concentration, AI failure-mode scenarios), and engagement economics that work for independent practice.

Consultants who build the modern practice take the senior work. Consultants who stay on classic 'tabletop-exercise + BIA spreadsheet' patterns watch the senior work shift to peers.

This course teaches the 10-week build of the independent business continuity and resilience consulting practice: BIA methodology, ISO 22301 alignment, DORA integration, operational resilience framework, AI-risk integration, engagement economics, and the client engagement model. Twelve modules with deliverables. Plus a hand-built implementation playbook for your specific practice and client mix.

What you walk away with

A documented BIA methodology.
An ISO 22301 alignment framework.
A DORA integration framework.
An operational resilience framework.
An AI-risk integration framework.
An engagement economics framework.
A client engagement model.
A 10-week build plan.

The 12 modules

Module 1. Business continuity and resilience landscape 2026

Detailed walkthrough of the BC and resilience landscape in 2026: EU DORA (effective January 2025), BoE Operational Resilience (effective March 2025), APRA CPS 230 (effective July 2025), Fed SR 17-7 ICT third-party risk, OCC heightened standards, EU NIS2 (effective October 2024), EU CER, ISO 22301:2019 BCMS, ISO 22317 BIA, ISO 22398 exercises, ISO 31000 risk management overlap, NIST SP 800-34 contingency planning, and the strategic-level decisions facing independent consultants.

Module 2. BIA methodology

Build the BIA methodology: critical-function identification framework, impact-tolerance setting (RTO + RPO + MTPD + financial impact tolerance), dependency-mapping framework (people + facilities + IT + third-parties + data + intellectual property), upstream and downstream dependency mapping, severity-rating framework, BIA-validation framework, BIA-update cadence, and the integration with broader risk management. Three BIA patterns at peer engagements.

Module 3. ISO 22301 alignment framework

Build the ISO 22301:2019 alignment framework: control mapping, BCMS scope-statement framework, internal-audit programme, management-review pattern, documented information framework, training and competency programme, operational-planning-and-control framework, business-continuity strategy framework, business-continuity plans framework, exercising and testing framework, evaluation framework, and the integration with broader management systems.

Module 4. DORA integration framework

Build the DORA integration framework: ICT-risk management framework (ICT-risk management framework, ICT business-continuity policy, ICT response and recovery plans), ICT-related incident management and reporting (incident classification, reporting thresholds, root-cause analysis), digital operational resilience testing (testing programme, threat-led penetration testing under TIBER-EU framework), ICT third-party risk management (vendor concentration, sub-contractor disclosure, exit), information-sharing arrangements, and the integration with broader risk management.

Module 5. Operational resilience framework

Build the operational resilience framework: critical-function identification, impact-tolerance setting per function, severe-but-plausible scenario testing (cloud-region failure, cyber attack, key-vendor failure, climate, regulatory shock, geopolitical shock), self-attestation framework (OCC + Fed + BoE + ESAs + APRA alignment), third-party-program management, and the integration with broader risk management.

Module 6. AI-risk integration framework

Build the AI-risk integration framework: AI-system continuity-of-operations framework, AI-vendor concentration risk, AI-supply-chain risk (model vendor, infrastructure vendor, data vendor), AI failure-mode scenarios (model drift, prompt-injection cascade, training-data poisoning, hallucination at scale, vendor-outage), AI human-in-the-loop continuity, AI fall-back manual procedure framework, and the integration with broader resilience.

Module 7. Crisis management framework

Build the crisis management framework: crisis-team composition, crisis-team activation framework, crisis-communication framework (internal, customer, regulator, media), crisis-decision framework, crisis-coordination framework, post-crisis-review framework, and the integration with broader executive cadence.

Module 8. Exercise programme

Build the exercise programme: tabletop-exercise framework, simulation-exercise framework, full-scale-exercise framework, red-team-exercise framework, third-party-coordinated exercise framework, exercise-evaluation framework, and the integration with broader continuous improvement. Three exercise patterns at peer engagements.

Module 9. Third-party resilience framework

Build the third-party resilience framework: third-party-criticality assessment, third-party-continuity-clause framework, third-party-testing requirement, third-party-incident-notification framework, third-party-exit framework, sub-contractor disclosure requirement, and the integration with broader vendor management.

Module 10. Engagement economics

Build the engagement economics framework: assessment-engagement structure, design-engagement structure, implementation-oversight engagement structure, exercise-engagement structure, retainer engagement structure, fractional-CRO engagement structure, sub-contractor model, AI-augmented productivity, and the practice-economics framework.

Module 11. Client engagement model

Build the client engagement model: client-CRO engagement framework, client-CIO engagement, client-CISO engagement, client-CFO engagement, client-CCO engagement, executive-business-review framework, BIA-presentation framework, and the integration with broader account management.

Module 12. Your 10-week build plan

Week-by-week plan with weekly deliverables. Weeks 1-2: business continuity and resilience landscape + BIA methodology. Weeks 3-4: ISO 22301 alignment framework + DORA integration framework. Weeks 5-6: operational resilience framework + AI-risk integration framework. Weeks 7-8: crisis management framework + exercise programme. Weeks 9-10: third-party resilience framework + engagement economics + client engagement. Deliverable: independent business continuity and resilience consulting practice.

How this addresses your situation

Specific modules that map to what you said you are dealing with.

Module 1 covers the landscape.

Module 2 produces BIA methodology.

Module 3 covers ISO 22301 alignment.

Module 4 covers DORA integration.

Module 5 covers operational resilience.

Module 6 covers AI-risk integration.

Module 7 covers crisis management.

Module 8 covers exercise programme.

Module 9 covers third-party resilience.

Module 10 covers engagement economics.

Module 11 covers client engagement.

Module 12 covers the 10-week build plan.

What you get with this course

The 12-module course delivered as text plus downloadable templates.
Templates and worked examples for BIA methodology, ISO 22301 alignment framework, DORA integration framework, operational resilience framework, AI-risk integration framework, crisis management framework, exercise programme, third-party resilience framework, engagement economics, client engagement model.
A hand-built implementation playbook generated for your specific practice and client mix.
Three worked examples of independent business continuity and resilience consulting practices at peer firms.
Scripted talking points for the client CRO and CIO engagement.

What you will have in hand by Day 1, Week 1, Month 1

Day 1: BIA methodology scaffold drafted.

Week 4: ISO 22301 + DORA designed.

Week 8: Operational resilience + AI-risk + crisis + exercise operational.

Week 10: Practice in operation.

Before and after

Before

Your independent practice loses BC engagements to Big4 resilience practices. BIA methodology is reactive. DORA integration is patchy. AI-risk integration is talked about but not deployed. Senior client work goes to peers.

After

An independent business continuity and resilience consulting practice is in operation. BIA methodology, ISO 22301 alignment framework, DORA integration framework, operational resilience framework, AI-risk integration framework, crisis management framework, exercise programme, third-party resilience framework, engagement economics, client engagement model are all designed.

What happens if you do not address this

Consultants without the modern practice lose engagements to Big4 resilience. DORA effective January 2025; BoE OR effective March 2025; APRA CPS 230 effective July 2025; NIS2 effective October 2024.

Who it is for

For independent BC consultants, principals at boutique resilience practices, senior BC professionals at mid-tier firms, fractional Chief Resilience Officers, and senior compliance leaders.

Who this is NOT for. Pure operational SOC analysts without BC scope. Consultants at firms with no resilience-advisory business. Pure tabletop-exercise vendors without methodology scope.

How it arrives

Text-based course via LMS, plus downloadable templates and worked examples and the hand-built implementation playbook.

Time investment. Roughly 18 hours of reading and 60 to 120 hours of consultant effort across the 10-week build.

Why $199 is the right number

External BC consultants (Big4 resilience practices, specialist firms like Avalution, MHA Consulting, RecoveryPlanner, Continuity Logic, Castellan, AlertMedia, Everbridge consulting, Riskonnect) charge $200K-$1M for resilience programmes. $199 buys the focused playbook plus the implementation document for your specific practice.

FAQ

Will this replace hiring a BC specialist?

Partially. It teaches the modern practice. You may still want specialist input for complex multi-jurisdictional DORA integration.

What if my clients are primarily mid-market (not enterprise)?

Modules 2 and 10 cover mid-market-anchored patterns.

Does this cover APRA CPS 230 specifically?

Modules 5 and 9 cover APRA-anchored patterns.

What about EU AI Act resilience overlay?

Module 6 covers EU AI Act resilience overlay.

What is in the implementation playbook for me specifically?

BIA methodology tailored to your specific client mix; DORA integration framework matched to your typical FS clients; a 10-week build plan.

30-day money-back guarantee. If after a week of working through the materials this is not what you needed, reply to the receipt email and a full refund is processed. No questions, no forms.

Within 24 hours your account in the learning environment is provisioned and the tailored implementation playbook is delivered alongside it.