Overview of the Global Resilience Federation, Operational Resiliency Framework and CMM.

Guidelines that ensure the continuity and recovery of critical data, systems, and processes.

FREE Training Course

With continued support from industry, government, and regulatory bodies, and with contributions from the members of GRF’s Business Resilience Council, the Operational Resilience Framework rules will be reviewed annually and updated as required. The implementation aids in the section above will be developed, reviewed, published, and updated periodically. Products and supporting documents will be developed to simplify adoption and support implementation by organizations of any size. We are looking for support for all these efforts. Please reach out to [email protected] to volunteer for our working groups.

The measurements in the training are examples. We can tailor the measures to fit an organization's specific context and goals. They serve as indicators to assess the maturity level within each capability area. Regular assessments and evaluations against these measurements can help track progress, identify gaps, and prioritize efforts to ensure regular review of goals and objectives for updating as required to address disruption or impairment.

A capability maturity model for implementing industry-recognized risk management, information technology, and cybersecurity control frameworks can help assess the organization's maturity in these areas.

The following instructional videos go through each G.R.F. control, looking at each maturity level for each control. The controls are in the files included in the training. As a reminder, this is not a G.R.F. endorsed training but takes directly from G.R.F. content creating a maturity model shared with the G.R.F.. Some of the control levels may have duplicative Level measurements and duplicative implementation strategies to some degree. Be sure to download the artifacts for the maturity model.


Your Instructor


Treadstone 71
Treadstone 71

Treadstone 71 is a woman and veteran-owned small business exclusively focused on cyber and threat intelligence consulting, services, and training. We are a pure-play intelligence shop.

Training dates and locations here

Since 2002, Treadstone 71 delivers intelligence training, strategic, operational, and tactical intelligence consulting, and research. We provide a seamless extension of your organization efficiently and effectively moving your organization to cyber intelligence program maturity. Our training, established in 2008, follows intelligence community standards as applied to the ever-changing threat environment delivering forecasts and estimates as intelligence intends. From baseline research to adversary targeted advisories and dossiers, Treadstone 71 products align with your intelligence requirements. We do not follow the create once and deliver many model. We contextually tie our products to your needs. Intelligence is our only business.

  • We use intuition, structured techniques, and years of experience.
  • We supply intelligence based on clearly defined requirements.
  • We do not assign five people to do a job only one with experience.
  • We do not bid base bones only to change order you to overspending.
We do not promise what we cannot deliver. We have walked in your shoes. We understand your pressures.

We are known for our ability to:

  • Anticipate key target or threat activities that are likely to prompt a leadership decision.
  • Aid in coordinating, validating, and managing collection requirements, plans, and activities.
  • Monitor and report changes in threat dispositions, activities, tactics, capabilities, objectives as related to designated cyber operations warning problem sets.
  • Produce timely, fused, all-source cyber operations intelligence and indications and warnings intelligence products (e.g., threat assessments, briefings, intelligence studies, country studies).
  • Provide intelligence analysis and support to designated exercises, planning activities, and time-sensitive operations.
  • Develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or no precedent exists.
  • Recognize and mitigate deception in reporting and analysis.
    Assess intelligence, recommend targets to support operational objectives.
  • Assess target vulnerabilities and capabilities to determine a course of action.
  • Assist in the development of priority information requirements.
  • Enable synchronization of intelligence support plans across the supply chain.
  • ...and Review and understand organizational leadership objectives and planning guidance non-inclusively.

Course Curriculum


  Operational Resiliency Framework Overview
Available in days
days after you enroll
  Summary & Quiz
Available in days
days after you enroll

Frequently Asked Questions


When does the course start and finish?
The course starts when you enroll. Timeframe to complete the course depends on the number of lectures, assignments, and student availability. Meaning, we are flexible.

Get started now!