The CRISC Certification for Controlling Information System Risk
CRISC Risk Mitigation ConsultingThe Certified in Risk and Information Systems Control (CRISC) program was established by ISACA in 2010 to verify an IT professional's ability to design, deploy, and maintain information system controls to reduce network risk. Progent can provide the services of a CRISC-certified consultant to help you create and implement a business continuity or disaster recovery plan based on leading practices promoted by CRISC and geared to align with your company's risk tolerance, business objectives, and IT budget. These risk management services are complementary to the services available from Progent's CISA-certified consultants for objectively auditing your IS control design and operational effectiveness and with the services of Progent's CISM-certified experts for assessing your network security profile or implementing company-wide security.

Progent's Support for CRISC Focus Areas
The CRISC (pronounced "see-risk") certification program verifies a candidate's hands-on work experience and exhaustively tests skills in specific areas of risk mitigation:

  • Risk identification, assessment, and evaluation
  • Risk response
  • Risk monitoring
  • IS control design and implementation
  • IS control monitoring and maintenance.
Progent offers a comprehensive selection of consulting services for each of the risk mitigation defined by CRISC.

Risk Identification, Assessment, and Evaluation
This area of risk mitigation covers gathering the information needed to create a risk management strategy that is relevant to your business. Consulting services offered by Progent in this area include:

  • Collect information and review documentation to make sure you identify and evaluate significant risk scenarios.
  • Identify legal, regulatory, and contractual requirements and organizational policies and standards related to your information system to determine their potential impact on your business goals.
  • Identify potential threats and vulnerabilities for your business processes, associated data, and supporting capabilities to assist in evaluating your enterprise risk.
  • Create and maintain a risk register to make sure all identified risk factors are considered.
  • Compile risk scenarios to estimate the likelihood and impact of significant events that could disrupt your business.
  • Analyze risk scenarios to determine their impact on your business goals.
  • Develop a risk awareness program and conduct training to make sure your stakeholders understand information system risk so they can contribute to your risk management process.
  • Match identified risk scenarios to your associated business processes to help determine risk ownership.
  • Validate risk appetite and risk tolerance with your senior leadership and key stakeholders to make sure they are in agreement.
Risk Response
This area of risk mitigation involves developing and implementing risk responses to ensure that risk factors and events are handled cost-effectively and in line with your business goal. Consulting services offered by Progent in this area include:
  • Identify and evaluate risk response options and provide your management with information needed to make sensible decisions about responding to risk.
  • Review risk responses with your relevant stakeholders to validate efficiency, effectiveness, and economy.
  • Apply risk criteria to help you develop the risk profile for approval by your management.
  • Help you develop risk response action plans to address risk factors identified in your organizational risk profile.
  • Help you develop business cases supporting your investment plan to make sure risk responses are aligned with your business goals.
Risk Monitoring
This area of risk mitigation addresses monitoring risk and communicating information to your relevant stakeholders to ensure the continued effectiveness of your company's risk management strategy. Support services available from Progent in this area include:
  • Collect and validate data that measure key risk indicators (KRIs) to monitor and communicate their status to your relevant stakeholders.
  • Monitor and communicate key risk indicators (KRIs) and management activities to assist your relevant stakeholders in their decision-making process.
  • Facilitate independent risk assessments and risk management process reviews to ensure they are performed efficiently and effectively.
  • Identify and report on risk, including compliance, to initiate corrective action and meet business and regulatory requirements.
Information Systems Control Design and Implementation
This area of risk mitigation deals with designing and implementing information systems controls that align with your organizationís risk appetite and tolerance levels to support business objectives. Related consulting services offered by Progent include:
  • Interview process owners and review process design documentation to gain an understanding of your business process objectives.
  • Analyze and document your business process objectives and design to identify required IS controls.
  • Design information systems controls in consultation with process owners to make sure they meet your business goals.
  • Help identify the people, infrastructure, information, and other resources needed to implement and manage IS controls at an optimal level.
  • Monitor your information systems control design and implementation process to make sure it is implemented effectively and within time, budget, and scope.
  • Provide progress reports on the implementation of your information systems controls to inform your stakeholders and to make sure deviations are addressed quickly.
  • Test your information systems controls to verify their effectiveness and efficiency before they are implemented.
  • Implement information systems controls to mitigate risk.
  • Help define metrics and key performance indicators (KPIs) so you can measure your information systems control performance in meeting business goals.
  • Evaluate and recommend tools to automate your information systems control processes.
  • Provide documentation and training to make sure your IS controls are performed effectively.
  • Make sure all your controls are assigned to owners who take responsibility for them.
  • Establish control criteria to allow you to perform control life cycle management
IS Control Monitoring and Maintenance
This area of risk mitigation focuses on monitoring and maintaining your IS controls to make sure they function effectively and efficiently. Progent's consulting services in this area include:
  • Plan, supervise, and conduct testing to confirm continuous efficiency and effectiveness of your IS controls.
  • Collect information and review documentation to identify IS control deficiencies.
  • Review your IS policies, standards, and procedures to make sure they address your company's internal and external requirements.
  • Assess and recommend tools and techniques to automate your IS control verification processes.
  • Evaluate the current state of your IS processes using a maturity model to identify the gaps between current and targeted process maturity.
  • Determine how to correct IS control deficiencies and maturity gaps to ensure that deficiencies are appropriately considered and fixed.
  • Maintain adequate evidence to support conclusions on the completeness and operating effectiveness of your IS controls.
  • Provide IS control status reporting to your relevant stakeholders to help them make informed decisions.
Other Zero-Downtime Solutions Offered by Progent's Experts
Progent's certified support professionals can assist you to design an affordable, high-availability system that addresses key problems encompassing a wide array of networking technologies and processes including:

Business Continuity Planning
Progent's disaster recovery planning engineers can show you how to create a workplace recovery plan that will allow you to resume network operations in case of an information network catastrophe. Progent can help you to create a complete disaster recovery strategy that includes scheduled disaster recovery assessments and drills. Progent's Microsoft and Cisco-certified engineers can also help you build an affordable, fault-tolerant network solution that takes into account availability issues involving a wide range of infrastructure technologies and procedures. To read more, go to Workplace Recovery Consulting and Support Services.

Fully Managed Cloud Backup: ProSight Data Protection Services
ProSight Data Protection Services from Progent offer small and mid-sized organizations an affordable and fully managed solution for reliable backup/disaster recovery. For a low monthly price, ProSight Data Protection Services automates your backup processes and allows rapid restoration of critical data, applications and virtual machines that have become lost or corrupted due to component failures, software glitches, disasters, human mistakes, or malware attacks such as ransomware. ProSight DPS can help you protect, retrieve and restore files, folders, applications, system images, as well as Hyper-V and VMware virtual machine images. Critical data can be backed up on the cloud, to an on-promises device, or to both. Progent's BDR specialists can provide advanced expertise to set up ProSight Data Protection Services to to comply with government and industry regulatory requirements such as HIPPA, FINRA, PCI and Safe Harbor and, when necessary, can help you to recover your critical data. Read more about ProSight DPS Managed Cloud Backup.

Microsoft Windows Server 2016 Disaster Recovery and Business Continuity
Progent's Windows Server 2016 disaster recovery/business continuity experts can help you to design a DR system based on Microsoft's cloud-tested Failover Clustering technologies such as Cluster OS Rolling Upgrade for non-disruptive migration to Windows Server 2016, Storage Replica for crash-consistent recovery, Storage Spaces Direct for enterprise-class network-attached storage using commodity hardware, Virtual Machine Load Balancing for improving the performance and fault-tolerance of Failover Clusters while minimizing TCO and operational expenses, and Cloud Witness for easy, economical creation of a stretch cluster quorum arbitration point. To learn more, go to Microsoft Windows Server 2016 Disaster Recovery and Business Continuity Expertise.

Microsoft Windows Server 2012 Failover Clustering
Microsoft Windows Server 2008 R2 introduced enterprise-class availability and recoverability to Microsoft's clustering solution. Microsoft Windows Server 2012 R2 builds on this foundation and delivers important new and enhanced features that offer more scalability, better storage availability for server applications, easier management, quicker failover, and additional flexibility for designing clusters. To find out more, visit Windows Server 2012 R2 Failover Clustering Consulting and Support.

VMware Site Recovery Manager (SRM) Disaster Recovery Solutions
VMware's Site Recovery Manager (SRM) is a component of VMware vCenter that lets you orchestrate, automate and verify a repeatable process for restoring applications and services quickly following a breakdown. Site Recovery Manager supports centrally controlled and automated recovery, application mobility, and non-disruptive site migration, failback and re-protect. Site Recovery Manager also allows transparent testing for site recovery, upgrades and fixes and can produce reports to verify full service restoration, validate SLAs and demonstrate compliance. Progent can provide the support of a VCDX certified VMware Site Recovery Manager consultant to assist your organization to plan, deploy, test and maintain a disaster recovery solution powered by VMware Site Recovery Manager.

NetApp MetroCluster High Availability and Disaster Recovery Technology
NetApp MetroCluster is a disaster recovery platform that uses array-based storage clustering with replication to deliver rapid, zero RPO disaster recovery (DR) between sites located as far as 185 miles away from one another. Progent offers the skills of a NetApp MetroCluster expert who can assist you to plan, configure, administer, update, test and troubleshoot a disaster recovery solution based on NetApp MetroCluster. Progent can assist you to choose a topology for your MetroCluster deployment that aligns with your technical needs and budget. Progent can ensure you adhere to best practices for installing your MetroCluster solution by providing guidance with procedures like assigning shelf IDs, determining aggregate and plexes layout, setting up NetApp FlexVol volumes, setting up NetApp Snapshot, installing Cisco and Brocade switches, designing a tiebreaker mechanism, setting up a TCP/IP configuration replication network between your peered clusters, and testing your DR system to show adherence with information assurance standards and regulatory mandates.

High Availability Load Balancing
Progent offers fault tolerant load balancing support covering network load balancing, load balanced applications, network backbone routing, and content dispatching technology including Cisco Content Engine. High availability load balancing products for which Progent can provide consulting expertise include Microsoft Windows 2003 and 2008 Server Network Load Balancing Manager, Citrix Metaframe and Access Gateway, Cisco Content Services Switch, Cisco Content Engine and Cisco CDN Software, and F5 Networks 3-DNS. For details, visit Fault Tolerant Load Balancing.

Zero Downtime Internet Data Centers
Progent's Data Center engineers can help you select fault-tolerant data centers that match the specific requirements of your company. High availability Internet Data Centers are especially attractive to small and mid-size organizations due to of their affordability and simplified logistics compared to taking a do-it-yourself strategy. Trying to design an in-house data center that offers even a minimum degree of fault tolerance is financially prohibitive for typical small organizations. Progent can show you how to reap all the benefits of 24x7 data centers by providing a complete array of engineering and maintenance services. To read more, visit Non-stop Data Centers Expertise.

High-Availability Interoffice Connectivity
Progentís branch office network infrastructure consultants can help organizations create zero-downtime inter-site connections via redundant system architectures with transparent failover. Progentís Cisco-certified CCIE network engineers can design and implement fault-tolerant Inter-office connections based on non-stop EIGRP network routers or non-stop OSPF deployment of Cisco routers. Progent can show you how multi-path connections and transparent fail-over can provide affordable non-stop interoffice networking. To read more, see Failsafe Inter-office Networking.

Non-stop Internet Access
Progent's Cisco-certified IT engineers can show you how to create an affordable, high availability Internet configuration solution that can deliver 24x7 Internet connectivity through a wide range of high availability Internet network solutions including fault tolerant BGP, automatic fail-over, and redundant ISPs. Progent can provide Cisco Certified Internetwork Expert professionals to help you utilize the latest techniques for 24x7 Internet connections to create a cost-effective, fully redundant Internet network with automatic failover and other features to deliver zero-downtime Internet connections. For more information, see High Availability Internet Access Solutions.

Backup and Restore Technology Consulting and Support Services
Progent can provide affordable remote support from engineers with expertise in a broad array of products and services that deliver solutions for backing up Microsoft Windows, Apple Mac, and Linux/UNIX servers and desktops as well as laptops and smartphones. Progent offers help for all major data protection platforms such as Acronis Backup and Recovery, Symantec Backup Exec, BackupAssist, CrashPlan, Double-Take Backup, Mozy, Retrospect for Macintosh, Apple Time Machine, VMware vSphere Data Protection (VDP), and Solaris FLARs. Progent can help your company to implement, enhance, or troubleshoot data backup solutions for a range of environments including on-premises, remote, cloud-based, or hybrid. To read more, see Backup and Recovery Technology Consulting and Support Services.

Microsoft System Center Data Protection Manager (SCDPM) Backup and Recovery Consulting
Progent's certified System Center Data Protection Manager consultants can assist your company to develop an effective workplace recovery plan, design a cost-effective high-availability network infrastructure, deploy a SCDPM-based backup and restore solution, comprehensively test your system, educate your IT personnel or regular consultants how to manage Microsoft System Center Data Protection Manager, or provide complete IT support outsourcing such as off-site hosting of virtual or physical SCDPM servers in Progent's secure data center. To read more, see System Center Data Protection Manager (SCDPM) Expertise.

Consulting for Double-Take Solutions for Data Backup
Double-Take publishes a family of products intended to deliver small companies a variety of affordable solutions for replicating and restoring vital workloads such as Microsoft Exchange, Microsoft SQL, Blackberry, and Microsoft SharePoint. Progentís disaster recovery planning experts have in-depth backgrounds integrating Double-Take Software products into small business information networks to achieve a high level of fault tolerance and business continuity capability at an affordable cost. To read more, go to Consulting Services Double-Take Software for Data Backup.

Why Choose Progent for Disaster Recovery/Business Continuity Planning?
Because Progent is a Microsoft Gold Partner and offers professional application consulting for a broad range of small business applications, Progent can assist customers to find comprehensive IT solutions that maximize the business value of your IT network. As a Registered Partner for Cisco, Progent offers the services of certified consultants and specialists with experience in architecting, implementing and maintaining infrastructure environments built on Cisco products. The depth and breadth of Progent's IT know-how and Progent's appreciation for the requirements of small and midsize companies make Progent a great resource for creating and running an affordable, fault-tolerant information system.

How You Can Contact Progent's Consultants for Disaster Recovery Planning Support
In order to ask Progent about engineering support for business continuity solutions, phone 1-800-993-9400 or go to Contact Progent.

© 2002- 2018 Progent Corporation. All rights reserved.

More topics of interest: