The CRISC Certification for Controlling Information System Risk
CRISC Risk Mitigation ConsultingThe Certified in Risk and Information Systems Control (CRISC) program was established by ISACA in 2010 to verify an IT professional's ability to design, deploy, and maintain information system controls to reduce network risk. Progent can provide the services of a CRISC-certified consultant to help you create and implement a business continuity or disaster recovery plan based on leading practices promoted by CRISC and geared to align with your company's risk tolerance, business objectives, and IT budget. These risk management services are complementary to the services available from Progent's CISA-certified consultants for objectively auditing your IS control design and operational effectiveness and with the services of Progent's CISM-certified experts for assessing your network security profile or implementing company-wide security.

Progent's Support for CRISC Focus Areas
The CRISC (pronounced "see-risk") certification program verifies a candidate's hands-on work experience and exhaustively tests skills in specific areas of risk mitigation:

  • Risk identification, assessment, and evaluation
  • Risk response
  • Risk monitoring
  • IS control design and implementation
  • IS control monitoring and maintenance.
Progent offers a comprehensive selection of consulting services for each of the risk mitigation defined by CRISC.

Risk Identification, Assessment, and Evaluation
This area of risk mitigation covers gathering the information needed to create a risk management strategy that is relevant to your business. Consulting services offered by Progent in this area include:

  • Collect information and review documentation to make sure you identify and evaluate significant risk scenarios.
  • Identify legal, regulatory, and contractual requirements and organizational policies and standards related to your information system to determine their potential impact on your business goals.
  • Identify potential threats and vulnerabilities for your business processes, associated data, and supporting capabilities to assist in evaluating your enterprise risk.
  • Create and maintain a risk register to make sure all identified risk factors are considered.
  • Compile risk scenarios to estimate the likelihood and impact of significant events that could disrupt your business.
  • Analyze risk scenarios to determine their impact on your business goals.
  • Develop a risk awareness program and conduct training to make sure your stakeholders understand information system risk so they can contribute to your risk management process.
  • Match identified risk scenarios to your associated business processes to help determine risk ownership.
  • Validate risk appetite and risk tolerance with your senior leadership and key stakeholders to make sure they are in agreement.
Risk Response
This area of risk mitigation involves developing and implementing risk responses to ensure that risk factors and events are handled cost-effectively and in line with your business goal. Consulting services offered by Progent in this area include:
  • Identify and evaluate risk response options and provide your management with information needed to make sensible decisions about responding to risk.
  • Review risk responses with your relevant stakeholders to validate efficiency, effectiveness, and economy.
  • Apply risk criteria to help you develop the risk profile for approval by your management.
  • Help you develop risk response action plans to address risk factors identified in your organizational risk profile.
  • Help you develop business cases supporting your investment plan to make sure risk responses are aligned with your business goals.
Risk Monitoring
This area of risk mitigation addresses monitoring risk and communicating information to your relevant stakeholders to ensure the continued effectiveness of your company's risk management strategy. Support services available from Progent in this area include:
  • Collect and validate data that measure key risk indicators (KRIs) to monitor and communicate their status to your relevant stakeholders.
  • Monitor and communicate key risk indicators (KRIs) and management activities to assist your relevant stakeholders in their decision-making process.
  • Facilitate independent risk assessments and risk management process reviews to ensure they are performed efficiently and effectively.
  • Identify and report on risk, including compliance, to initiate corrective action and meet business and regulatory requirements.
Information Systems Control Design and Implementation
This area of risk mitigation deals with designing and implementing information systems controls that align with your organizationís risk appetite and tolerance levels to support business objectives. Related consulting services offered by Progent include:
  • Interview process owners and review process design documentation to gain an understanding of your business process objectives.
  • Analyze and document your business process objectives and design to identify required IS controls.
  • Design information systems controls in consultation with process owners to make sure they meet your business goals.
  • Help identify the people, infrastructure, information, and other resources needed to implement and manage IS controls at an optimal level.
  • Monitor your information systems control design and implementation process to make sure it is implemented effectively and within time, budget, and scope.
  • Provide progress reports on the implementation of your information systems controls to inform your stakeholders and to make sure deviations are addressed quickly.
  • Test your information systems controls to verify their effectiveness and efficiency before they are implemented.
  • Implement information systems controls to mitigate risk.
  • Help define metrics and key performance indicators (KPIs) so you can measure your information systems control performance in meeting business goals.
  • Evaluate and recommend tools to automate your information systems control processes.
  • Provide documentation and training to make sure your IS controls are performed effectively.
  • Make sure all your controls are assigned to owners who take responsibility for them.
  • Establish control criteria to allow you to perform control life cycle management
IS Control Monitoring and Maintenance
This area of risk mitigation focuses on monitoring and maintaining your IS controls to make sure they function effectively and efficiently. Progent's consulting services in this area include:
  • Plan, supervise, and conduct testing to confirm continuous efficiency and effectiveness of your IS controls.
  • Collect information and review documentation to identify IS control deficiencies.
  • Review your IS policies, standards, and procedures to make sure they address your company's internal and external requirements.
  • Assess and recommend tools and techniques to automate your IS control verification processes.
  • Evaluate the current state of your IS processes using a maturity model to identify the gaps between current and targeted process maturity.
  • Determine how to correct IS control deficiencies and maturity gaps to ensure that deficiencies are appropriately considered and fixed.
  • Maintain adequate evidence to support conclusions on the completeness and operating effectiveness of your IS controls.
  • Provide IS control status reporting to your relevant stakeholders to help them make informed decisions.
Other Zero-Downtime Technologies Offered by Progent's Experts
Progent's Microsoft and Cisco-certified engineers can assist your business to design a cost-effective, fault-tolerant environment that resolves major issues encompassing a broad range of infrastructure solutions and operations such as:

Disaster Recovery Planning
Progent's business continuity engineers can help you design a workplace recovery strategy in order to restore network functionality in case of an information system catastrophe. Progent can assist you to create a complete disaster recovery plan that includes scheduled disaster recovery assessments and drills. Progent's Microsoft and Cisco-certified consultants can also show you how to build an affordable, high-availability system solution that addresses reliability issues covering a broad range of infrastructure technologies and processes. To find out more, go to Business Continuity Expertise.

High Availability Internet Access
Progent's Cisco-authorized IT experts can show you how to build an affordable, fault tolerant Internet configuration architecture that can deliver non-stop Internet access via a broad array of high availability Internet access technologies including fault tolerant BGP, transparent fail-over, and multiple ISPs. Progent offers CCIE professionals to show you how to utilize the most advanced techniques for fault tolerant Internet access to implement an affordable, completely redundant Internet interface with automatic failover and other features to deliver fault tolerant Internet access. To read more, go to High Availability Internet Connectivity Architecture.

Microsoft Server 2016 Disaster Recovery and Business Continuity
Progent's Windows Server 2016 disaster recovery/business continuity experts can help your organization to design a DR system built around Microsoft's cloud-tested Failover Clustering technologies including Cluster OS Rolling Upgrade for non-intrusive migration to Windows Server 2016, Storage Replica for zero-data-loss Recovery Point Objective (RPO), Storage Spaces Direct for enterprise-class network-attached storage using commodity equipment, Virtual Machine Load Balancing for enhancing the speed and resilience of Failover Clusters while reducing capital investment and management overhead, and Cloud Witness for easy, affordable deployment of a stretch cluster quorum witness. For details, go to Microsoft Server 2016 Disaster Recovery and Business Continuity Help.

Microsoft Server 2012 Failover Clusters
Windows Server 2008 R2 brought world-class fault tolerance and recoverability to Microsoft's clustering solution. Windows Server 2012 R2 adds to this technology and delivers significant enhancements offering increased scalability, better storage availability for server applications, simpler management, faster automatic failover, and more options for architecting clusters. For more information, visit Windows Server 2012 R2 Failover Clustering Consulting Services.

VMware Site Recovery Manager (SRM) Disaster Recovery Solutions
VMware's Site Recovery Manager is a component of VMware vCenter that allows you to specify, automate and test a consistent runbook for recovering applications and services quickly following a breakdown. Site Recovery Manager provides centrally managed and automated disaster recovery, application mobility, plus non-intrusive site relocation, failback and re-protect. SRM also enables non-disruptive testing for site recovery, updates and patches and can generate reports to confirm full service restoration, validate Service Level Agreements and prove compliance. Progent offers the support of a VCDX certified VMware SRM consulting expert to help your organization to plan, deploy, test and manage a disaster recovery system powered by VMware SRM.

NetApp MetroCluster Disaster Recovery Technology
NetApp MetroCluster is a disaster recovery software suite that uses array-based storage clustering along with continual replication to provide rapid, zero RPO disaster recovery (DR) between datacenters that are as far as 185 miles away from one another. Progent can provide the skills of a NetApp MetroCluster consultant who can help you to design, deploy, administer, update, test and troubleshoot a disaster recovery system built around NetApp MetroCluster. Progent can assist you to select a topology for your MetroCluster environment that aligns with your functional needs and IT budget. Progent can ensure you follow best practices for installing your MetroCluster environment by providing help with tasks like assigning disk pools and shelf IDs, determining plexes layout, setting up volumes, setting up NetApp Snapshot, installing Cisco and Brocade switches, designing a tiebreaker, setting up a configuration replication network, and testing your disaster recovery solution to prove adherence with industry standards and regulatory mandates.

High Availability Load Balancing
Progent offers fault tolerant load balancing consulting covering network load balancing, load balanced applications, network backbone routing, and content delivery technology such as Cisco Content Engine. Fault tolerant load balancing solutions for which Progent offers consulting services include Windows 2003 and 2008 Server Network Load Balancing Manager, Citrix Metaframe and Presentation Server, Cisco Content Services Switch, Cisco Distributed Director and Cisco CDN Software, and F5 Networks BIG-IP. To find out more, see Non-stop Load Balancing.

Non-stop Data Centers
Progent's Data Center engineers can help you select fault-tolerant data centers that meet the particular requirements of your business. Fault tolerant off-site data centers are particularly attractive to small and mid-size companies because of their low cost and convenience in comparison to pursuing a do-it-yourself approach. Trying to create an on-site data center that offers even a minimum degree of fault tolerance is too costly for most small companies. Progent is ready to help you reap all the benefits of 24x7 data centers by providing a complete array of consulting and maintenance services. For details, visit High-Availability Colocation Consulting.

24x7 Inter-office Networking
Progentís branch office network infrastructure professionals can help companies achieve zero-downtime interoffice connections by means of fully redundant networks with automatic failover. Progentís Cisco-qualified CCIE engineers can design and implement ultra-reliable Inter-office connections supported by fault tolerant EIGRP routers or non-stop OSPF configurations of Cisco routers. Progent can demonstrate how multi-path connectivity and transparent fail-over offers affordable 24x7 interoffice networking. For more information, see High-Availability Inter-office Networking.

Microsoft System Center Data Protection Manager (SCDPM) Backup and Recovery Consulting Experts
Progent's certified System Center Data Protection Manager engineers can help your company to develop a practical business continuity plan, implement a cost-effective fault-tolerante IT infrastructure, configure a Microsoft System Center Data Protection Manager-based backup and recovery system, thoroughly validate your DPM system, educate your administrative staff or local consultants how to maintain System Center Data Protection Manager, or provide extensive information technology outsourcing including off-site hosting of SCDPM servers in Progent's data center facility. To find out more, visit System Center Data Protection Manager Consulting.

Fully Managed Cloud Backup: ProSight Data Protection Services
ProSight Data Protection Services from Progent provide small and mid-sized businesses a low cost and fully managed solution for reliable backup/disaster recovery. For a fixed monthly cost, ProSight Data Protection Services automates your backup activities and allows rapid recovery of vital data, applications and VMs that have become lost or damaged due to component failures, software bugs, disasters, human error, or malware attacks like ransomware. ProSight DPS can help you protect, retrieve and restore files, folders, apps, system images, plus Hyper-V and VMware images. Critical data can be protected on the cloud, to a local device, or mirrored to both. Progent's BDR consultants can provide advanced expertise to configure ProSight Data Protection Services to to comply with regulatory requirements like IPPA, FIRPA, PCI and Safe Harbor and, when needed, can assist you to recover your business-critical information. Learn more about ProSight DPS Managed Cloud Backup.

Backup and Restore Solutions Consulting and Support Services
Progent offers economical remote support from engineers skilled in a broad range of products and services that provide solutions for backing up Windows, Apple Mac, and Linux/UNIX physical and virtual servers and desktops plus notebooks and handhelds. Progent can provide help for all major data protection products such as Acronis, Backup Exec, BackupAssist Software, CrashPlan, Double-Take Backup, MozyPro, Retrospect, Apple Time Machine, VMware vSphere Data Protection (VDP), and Oracle Solaris FLARs. Progent can help your company to design, enhance, or maintain data backup systems for a variety of topologies including local, edge to datacenter, cloud, or hybrid. To learn more, go to Backup and Restore Technology Consulting Services.

Consulting Services Double-Take Solutions for Backup and Recovery
Double-Take offers a family of tools intended to deliver small companies a range of affordable alternatives for replicating and recovering business-critical applications such as Exchange, SQL, RIM Blackberry, and Microsoft Office SharePoint. Progentís disaster recovery planning experts have in-depth experience incorporating Double-Take products into small business information systems to create a high level of availability and disaster recovery readiness at an affordable cost. To learn more, go to Consulting Services Double-Take Solutions for Data Backup.

Why Pick Progent for Disaster Recovery/Business Continuity Planning Solutions?
Because Progent is a Microsoft Gold Certified Partner and offers specialized application expertise for a wide range of business applications, Progent can assist customers to find complete IT solutions that optimize the business value of your information system. As a Registered Partner with Cisco, Progent offers the support of certified engineers and specialists with experience in architecting, implementing and maintaining infrastructure environments built on Cisco technology. The depth and breadth of Progent's technical experience and Progent's sensitivity to the requirements of small and midsize businesses make Progent the perfect resource for building and maintaining a cost-effective, high-availability network.

How to Access Progent's Consultants for Business Continuity Planning Support
In order to get in touch with Progent about technical assistance for workplace recovery planning, call 1-800-993-9400 or visit Contact Progent.

© 2002- 2017 Progent Corporation. All rights reserved.

More topics of interest: