The CRISC Certification for Controlling Information System Risk
CRISC Risk Mitigation ConsultingThe Certified in Risk and Information Systems Control (CRISC) program was established by ISACA in 2010 to verify an IT professional's ability to design, deploy, and maintain information system controls to reduce network risk. Progent can provide the services of a CRISC-certified consultant to help you create and implement a business continuity or disaster recovery plan based on leading practices promoted by CRISC and geared to align with your company's risk tolerance, business objectives, and IT budget. These risk management services are complementary to the services available from Progent's CISA-certified consultants for objectively auditing your IS control design and operational effectiveness and with the services of Progent's CISM-certified experts for assessing your network security profile or implementing company-wide security.

Progent's Support for CRISC Focus Areas
The CRISC (pronounced "see-risk") certification program verifies a candidate's hands-on work experience and exhaustively tests skills in specific areas of risk mitigation:

  • Risk identification, assessment, and evaluation
  • Risk response
  • Risk monitoring
  • IS control design and implementation
  • IS control monitoring and maintenance.
Progent offers a comprehensive selection of consulting services for each of the risk mitigation defined by CRISC.

Risk Identification, Assessment, and Evaluation
This area of risk mitigation covers gathering the information needed to create a risk management strategy that is relevant to your business. Consulting services offered by Progent in this area include:

  • Collect information and review documentation to make sure you identify and evaluate significant risk scenarios.
  • Identify legal, regulatory, and contractual requirements and organizational policies and standards related to your information system to determine their potential impact on your business goals.
  • Identify potential threats and vulnerabilities for your business processes, associated data, and supporting capabilities to assist in evaluating your enterprise risk.
  • Create and maintain a risk register to make sure all identified risk factors are considered.
  • Compile risk scenarios to estimate the likelihood and impact of significant events that could disrupt your business.
  • Analyze risk scenarios to determine their impact on your business goals.
  • Develop a risk awareness program and conduct training to make sure your stakeholders understand information system risk so they can contribute to your risk management process.
  • Match identified risk scenarios to your associated business processes to help determine risk ownership.
  • Validate risk appetite and risk tolerance with your senior leadership and key stakeholders to make sure they are in agreement.
Risk Response
This area of risk mitigation involves developing and implementing risk responses to ensure that risk factors and events are handled cost-effectively and in line with your business goal. Consulting services offered by Progent in this area include:
  • Identify and evaluate risk response options and provide your management with information needed to make sensible decisions about responding to risk.
  • Review risk responses with your relevant stakeholders to validate efficiency, effectiveness, and economy.
  • Apply risk criteria to help you develop the risk profile for approval by your management.
  • Help you develop risk response action plans to address risk factors identified in your organizational risk profile.
  • Help you develop business cases supporting your investment plan to make sure risk responses are aligned with your business goals.
Risk Monitoring
This area of risk mitigation addresses monitoring risk and communicating information to your relevant stakeholders to ensure the continued effectiveness of your company's risk management strategy. Support services available from Progent in this area include:
  • Collect and validate data that measure key risk indicators (KRIs) to monitor and communicate their status to your relevant stakeholders.
  • Monitor and communicate key risk indicators (KRIs) and management activities to assist your relevant stakeholders in their decision-making process.
  • Facilitate independent risk assessments and risk management process reviews to ensure they are performed efficiently and effectively.
  • Identify and report on risk, including compliance, to initiate corrective action and meet business and regulatory requirements.
Information Systems Control Design and Implementation
This area of risk mitigation deals with designing and implementing information systems controls that align with your organizationís risk appetite and tolerance levels to support business objectives. Related consulting services offered by Progent include:
  • Interview process owners and review process design documentation to gain an understanding of your business process objectives.
  • Analyze and document your business process objectives and design to identify required IS controls.
  • Design information systems controls in consultation with process owners to make sure they meet your business goals.
  • Help identify the people, infrastructure, information, and other resources needed to implement and manage IS controls at an optimal level.
  • Monitor your information systems control design and implementation process to make sure it is implemented effectively and within time, budget, and scope.
  • Provide progress reports on the implementation of your information systems controls to inform your stakeholders and to make sure deviations are addressed quickly.
  • Test your information systems controls to verify their effectiveness and efficiency before they are implemented.
  • Implement information systems controls to mitigate risk.
  • Help define metrics and key performance indicators (KPIs) so you can measure your information systems control performance in meeting business goals.
  • Evaluate and recommend tools to automate your information systems control processes.
  • Provide documentation and training to make sure your IS controls are performed effectively.
  • Make sure all your controls are assigned to owners who take responsibility for them.
  • Establish control criteria to allow you to perform control life cycle management
IS Control Monitoring and Maintenance
This area of risk mitigation focuses on monitoring and maintaining your IS controls to make sure they function effectively and efficiently. Progent's consulting services in this area include:
  • Plan, supervise, and conduct testing to confirm continuous efficiency and effectiveness of your IS controls.
  • Collect information and review documentation to identify IS control deficiencies.
  • Review your IS policies, standards, and procedures to make sure they address your company's internal and external requirements.
  • Assess and recommend tools and techniques to automate your IS control verification processes.
  • Evaluate the current state of your IS processes using a maturity model to identify the gaps between current and targeted process maturity.
  • Determine how to correct IS control deficiencies and maturity gaps to ensure that deficiencies are appropriately considered and fixed.
  • Maintain adequate evidence to support conclusions on the completeness and operating effectiveness of your IS controls.
  • Provide IS control status reporting to your relevant stakeholders to help them make informed decisions.
Additional Zero-Downtime Solutions Provided by Progent
Progent's Microsoft and Cisco engineers can help you to create a cost-effective, fault-tolerant system that addresses major issues encompassing a wide array of networking solutions and operations such as:

Disaster Recovery Planning
Progent's disaster recovery engineers can show you how to create a disaster recovery strategy that will allow you to restore IT operations in the event of an information system catastrophe. Progent can assist you to create a complete disaster recovery strategy that includes scheduled disaster recovery evaluations and testing. Progent's Microsoft and Cisco-authorized engineers can also help you create an affordable, zero-downtime network solution that takes into account reliability issues involving a wide range of infrastructure technologies and processes. To read more, visit Workplace Recovery Expertise.

Fault Tolerant Internet Connectivity
Progent's Cisco-authorized network experts can show you how to create an affordable, high availability Internet configuration solution that can achieve 24x7 Internet connectivity via a broad range of fault tolerant Internet network technologies including fault tolerant BGP, transparent fail-over, and multiple ISPs. Progent can provide CCIE consultants to show you how to apply the latest technology for high availability Internet access to implement an economical, fully redundant Internet interface with automatic failover and other features to deliver non-stop Internet availability. For details, see 24x7 Internet Access Solutions.

Windows Server 2016 Disaster Recovery and Business Continuity
Progent's Windows Server 2016 disaster recovery/business continuity experts can assist you to design a disaster recovery system based on Microsoft's most advanced Failover Clustering tools including Cluster Operating System Rolling Upgrade for non-disruptive migration to Windows Server 2016, Storage Replica for zero-data-loss Recovery Point Objective (RPO), Storage Spaces Direct for high-performance network-attached storage using industry-standard hardware, VM Load Balancing for improving the performance and fault-tolerance of Failover Clusters while reducing TCO and operational expenses, and Cloud Witness for fast, economical creation of a stretch cluster quorum arbitration point. For details, visit Windows Server 2016 Disaster Recovery Help.

Microsoft Windows Server 2012 Failover Clustering
Windows Server 2008 R2 brought enterprise-class fault tolerance and recoverability to Microsoft's clustering platform. Microsoft Windows Server 2012 R2 adds to this foundation and delivers important improvements that offer more expandability, non-stop storage uptime for server applications, easier management, quicker failover, and more options for architecting clusters. For details, go to Windows Server 2012 Clustering Migration and Support.

VMware Site Recovery Manager (SRM) Disaster Recovery Solutions
VMware's Site Recovery Manager is a component of VMware vCenter that allows you to define, automate and verify a repeatable runbook for recovering applications and services rapidly after a breakdown. Site Recovery Manager provides centrally managed and automated recovery, application mobility, plus transparent site migration, failback and re-protect. Site Recovery Manager also allows non-intrusive testing for site recovery, updates and fixes and can generate audit reports to verify full service recovery, validate Service Level Agreements and prove compliance. Progent can provide the support of a VCDX certified VMware SRM consultant to assist you to design, configure, test and administer a DR solution based on VMware SRM.

NetApp MetroCluster High Availability and Disaster Recovery Platform
NetApp MetroCluster is a high-availability and disaster recovery software suite that uses failover storage clustering along with continual replication to deliver fast, zero RPO disaster recovery between datacenters located up to 185 miles apart from each other. Progent can provide the skills of a certified NetApp MetroCluster consultant who can assist you to design, configure, administer, update, test and repair a disaster recovery solution built around NetApp MetroCluster. Progent can assist you to select an architecture for your MetroCluster deployment that aligns with your technical needs and IT budget. Progent can ensure you follow leading practices for installing your MetroCluster environment by providing help with tasks such as assigning disk pools and shelf IDs, arranging plexes layout, setting up volumes, setting up Data ONTAP configuration replication service, provisioning Cisco and Brocade switches, designing a tiebreaker, setting up a TCP/IP configuration replication network between your peered clusters, and verifying your MetroCluster DR solution to verify compliance with information assurance standards and government mandates.

High Availability Load Balancing
Progent provides fault tolerant load balancing support that addresses network load balancing, load balanced programs, LAN/WAN infrastructure routing, and content dispatching products such as F5 Networks 3DNS. High availability load balancing products for which Progent offers consulting expertise include Microsoft Windows Server 2003 and 2008 Network Load Balancing Manager, Citrix Metaframe and Access Gateway, Cisco CSS, Cisco Content Distribution Manager and ACNS, and F5 Networks BIG-IP. For more information, go to High Availability Load Balancing.

High-Availability Colocation
Progent's Data Center engineers can help you find fault-tolerant data centers that meet the specific requirements of your business. High availability Internet Data Centers are particularly appealing to small and mid-size businesses due to of their low cost and simplified logistics compared to pursuing a do-it-yourself strategy. Attempting to create an in-house data center that offers even a minimum level of fault tolerance is financially prohibitive for the majority of small companies. Progent is ready to help you get all the advantages of non-stop Internet data centers by offering a full range of engineering and maintenance services. To find out more, go to Fault Tolerant Internet Data Centers Consulting.

24x7 Branch Office Networking
Progentís interoffice connection consultants can help organizations create fault tolerant multi-site connectivity by means of redundant system architectures with transparent failover. Progentís Cisco-certified CCIE network engineers can design and implement ultra-reliable Inter-office connections supported by fault tolerant EIGRP routers or non-stop OSPF configurations of Cisco routers. Progent can demonstrate how multi-path connectivity and transparent fail-over offers economical non-stop interoffice connectivity. For details, see High-Availability Inter-office Connectivity.

System Center Data Protection Manager (SCDPM) Data Recovery Consulting Services
Progent's expert System Center Data Protection Manager engineers can help your company to create a practical disaster recovery strategy, design a cost-effective zero-downtime IT architecture, install a SCDPM-powered backup and restore solution, comprehensively test your system, educate your IT personnel or local service providers how to manage SCDPM, or provide extensive information technology outsourcing such as off-site housing of Microsoft SCDPM machines in Progent's data center facility. For more information, visit System Center Data Protection Manager Consulting and Support Services.

Managed Offsite DPM-based Backup Service
Progentís affordably priced Offsite Data Protection Manager Backup Service combines the power of Microsoft Data Protection Manager with the state-of-the-art security and availability features of the QTS Internet Data Center in Sacramento, California to deliver continual, transparent backup for as much as 2.5 Terabytes of data from one or several of your Windows-powered servers. Progent's service package includes all setup, management, and monitoring needed for a complete offsite data backup system. To learn more, see Fully Managed Offsite Data Protection Manager Backup Service.

Backup and Recovery Technology Consulting
Progent can provide economical online access to IT engineers with expertise in a wide array of products and technologies that deliver solutions for protecting Microsoft Windows, Apple Mac, and Linux/UNIX physical and virtual servers and workstations as well as laptops and handhelds. Progent offers consulting support for all major backup platforms such as Acronis, Symantec Backup Exec, BackupAssist, CrashPlan, Double-Take Backup, MozyPro, Retrospect, Apple Time Machine, VMware vSphere Data Protection (VDP), and Solaris FLARs. Progent can assist you to design, upgrade, or troubleshoot backup/restore systems for a range of architectures including on-premises, remote, cloud-based, or hybrid. For details, visit Backup and Restore Solutions Consulting Services.

Consulting Services Double-Take Software for Data Backup and Recovery
Double-Take offers a family of tools designed to deliver small and midsize companies a range of cost-effective solutions for backing up and recovering business-critical applications such as Exchange, Microsoft SQL Server, RIM Blackberry, and Microsoft Office SharePoint. Progentís disaster recovery planning consultants have in-depth experience integrating Double-Take Software technology into small business information networks to achieve an advanced state of fault tolerance and disaster recovery capability at a budget-friendly cost. To read more, see Consulting Services Double-Take Solutions for Backup.

Why Choose Progent for Disaster Recovery/Business Continuity Planning Solutions?
Since Progent is a Microsoft Gold Partner and provides high-level application expertise for a broad range of business software programs, Progent can assist clients to arrive at comprehensive IT solutions that maximize the business value of your IT network. As a Registered Partner for Cisco, Progent offers the support of certified engineers and specialists with expertise in designing, implementing and managing infrastructure environments based on Cisco products. The broad scope of Progent's IT know-how and Progent's familiarity with the needs of small companies make Progent the perfect resource for creating and running a cost-effective, high-availability information system.

How to Contact Progent's Experts for Disaster Recovery Solutions Help
If you wish to get in touch with Progent about technical assistance for workplace recovery solutions, phone 1-800-993-9400 or refer to Contact Progent.

© 2002- 2017 Progent Corporation. All rights reserved.

More topics of interest: