The CRISC Certification for Controlling Information System Risk
CRISC Risk Mitigation ConsultingThe Certified in Risk and Information Systems Control (CRISC) program was established by ISACA in 2010 to verify an IT professional's ability to design, deploy, and maintain information system controls to reduce network risk. Progent can provide the services of a CRISC-certified consultant to help you create and implement a business continuity or disaster recovery plan based on leading practices promoted by CRISC and geared to align with your company's risk tolerance, business objectives, and IT budget. These risk management services are complementary to the services available from Progent's CISA-certified consultants for objectively auditing your IS control design and operational effectiveness and with the services of Progent's CISM-certified experts for assessing your network security profile or implementing company-wide security.

Progent's Support for CRISC Focus Areas
The CRISC (pronounced "see-risk") certification program verifies a candidate's hands-on work experience and exhaustively tests skills in specific areas of risk mitigation:

  • Risk identification, assessment, and evaluation
  • Risk response
  • Risk monitoring
  • IS control design and implementation
  • IS control monitoring and maintenance.
Progent offers a comprehensive selection of consulting services for each of the risk mitigation defined by CRISC.

Risk Identification, Assessment, and Evaluation
This area of risk mitigation covers gathering the information needed to create a risk management strategy that is relevant to your business. Consulting services offered by Progent in this area include:

  • Collect information and review documentation to make sure you identify and evaluate significant risk scenarios.
  • Identify legal, regulatory, and contractual requirements and organizational policies and standards related to your information system to determine their potential impact on your business goals.
  • Identify potential threats and vulnerabilities for your business processes, associated data, and supporting capabilities to assist in evaluating your enterprise risk.
  • Create and maintain a risk register to make sure all identified risk factors are considered.
  • Compile risk scenarios to estimate the likelihood and impact of significant events that could disrupt your business.
  • Analyze risk scenarios to determine their impact on your business goals.
  • Develop a risk awareness program and conduct training to make sure your stakeholders understand information system risk so they can contribute to your risk management process.
  • Match identified risk scenarios to your associated business processes to help determine risk ownership.
  • Validate risk appetite and risk tolerance with your senior leadership and key stakeholders to make sure they are in agreement.
Risk Response
This area of risk mitigation involves developing and implementing risk responses to ensure that risk factors and events are handled cost-effectively and in line with your business goal. Consulting services offered by Progent in this area include:
  • Identify and evaluate risk response options and provide your management with information needed to make sensible decisions about responding to risk.
  • Review risk responses with your relevant stakeholders to validate efficiency, effectiveness, and economy.
  • Apply risk criteria to help you develop the risk profile for approval by your management.
  • Help you develop risk response action plans to address risk factors identified in your organizational risk profile.
  • Help you develop business cases supporting your investment plan to make sure risk responses are aligned with your business goals.
Risk Monitoring
This area of risk mitigation addresses monitoring risk and communicating information to your relevant stakeholders to ensure the continued effectiveness of your company's risk management strategy. Support services available from Progent in this area include:
  • Collect and validate data that measure key risk indicators (KRIs) to monitor and communicate their status to your relevant stakeholders.
  • Monitor and communicate key risk indicators (KRIs) and management activities to assist your relevant stakeholders in their decision-making process.
  • Facilitate independent risk assessments and risk management process reviews to ensure they are performed efficiently and effectively.
  • Identify and report on risk, including compliance, to initiate corrective action and meet business and regulatory requirements.
Information Systems Control Design and Implementation
This area of risk mitigation deals with designing and implementing information systems controls that align with your organizationís risk appetite and tolerance levels to support business objectives. Related consulting services offered by Progent include:
  • Interview process owners and review process design documentation to gain an understanding of your business process objectives.
  • Analyze and document your business process objectives and design to identify required IS controls.
  • Design information systems controls in consultation with process owners to make sure they meet your business goals.
  • Help identify the people, infrastructure, information, and other resources needed to implement and manage IS controls at an optimal level.
  • Monitor your information systems control design and implementation process to make sure it is implemented effectively and within time, budget, and scope.
  • Provide progress reports on the implementation of your information systems controls to inform your stakeholders and to make sure deviations are addressed quickly.
  • Test your information systems controls to verify their effectiveness and efficiency before they are implemented.
  • Implement information systems controls to mitigate risk.
  • Help define metrics and key performance indicators (KPIs) so you can measure your information systems control performance in meeting business goals.
  • Evaluate and recommend tools to automate your information systems control processes.
  • Provide documentation and training to make sure your IS controls are performed effectively.
  • Make sure all your controls are assigned to owners who take responsibility for them.
  • Establish control criteria to allow you to perform control life cycle management
IS Control Monitoring and Maintenance
This area of risk mitigation focuses on monitoring and maintaining your IS controls to make sure they function effectively and efficiently. Progent's consulting services in this area include:
  • Plan, supervise, and conduct testing to confirm continuous efficiency and effectiveness of your IS controls.
  • Collect information and review documentation to identify IS control deficiencies.
  • Review your IS policies, standards, and procedures to make sure they address your company's internal and external requirements.
  • Assess and recommend tools and techniques to automate your IS control verification processes.
  • Evaluate the current state of your IS processes using a maturity model to identify the gaps between current and targeted process maturity.
  • Determine how to correct IS control deficiencies and maturity gaps to ensure that deficiencies are appropriately considered and fixed.
  • Maintain adequate evidence to support conclusions on the completeness and operating effectiveness of your IS controls.
  • Provide IS control status reporting to your relevant stakeholders to help them make informed decisions.
Additional Zero-Downtime Technologies Offered by Progent's Consultants
Progent's Microsoft and Cisco engineers can help you to implement a cost-effective, high-availability IT architecture that resolves key problems encompassing a wide array of infrastructure solutions and operations such as:

Disaster Recovery Planning
Progent's disaster recovery planning consultants can show you how to create a disaster recovery strategy so you can restore network operations in the event of an information network disaster. Progent can help you to define a comprehensive disaster recovery strategy that incorporates scheduled disaster recovery evaluations and testing. Progent's Microsoft and Cisco-authorized professionals can also show you how to create an affordable, fault-tolerant system solution that addresses reliability issues involving a broad range of network technologies and procedures. For more information, see Workplace Recovery Consulting Services.

Managed Cloud Backup: ProSight Data Protection Services
ProSight Data Protection Services offer small and mid-sized organizations a low cost and fully managed service for reliable backup/disaster recovery. For a low monthly price, ProSight Data Protection Services automates and monitors your backup processes and allows rapid recovery of critical data, applications and virtual machines that have become lost or corrupted as a result of hardware failures, software glitches, disasters, human mistakes, or malicious attacks like ransomware. ProSight Data Protection Services can help you protect, retrieve and restore files, folders, apps, system images, plus Microsoft Hyper-V and VMware virtual machine images. Critical data can be protected on the cloud, to a local device, or to both. Progent's cloud backup specialists can deliver world-class expertise to configure ProSight Data Protection Services to to comply with government and industry regulatory requirements such as HIPPA, FIRPA, and PCI and, when necessary, can help you to restore your critical data. Read more about ProSight DPS Managed Cloud Backup and Recovery.

Microsoft Windows Server 2016 Disaster Recovery and Business Continuity
Progent's Windows Server 2016 disaster recovery/business continuity experts can help you to plan and deploy a DR solution built around Microsoft's cloud-tested Failover Clustering technologies including Cluster OS Rolling Upgrade for non-disruptive migration to Windows Server 2016, Storage Replica for crash-consistent Recovery Point Objective (RPO), Storage Spaces Direct for high-performance storage clusters using industry-standard equipment, Virtual Machine Load Balancing for improving the speed and resilience of Failover Clusters while reducing TCO and management overhead, and Cloud Witness for fast, economical creation of a failover cluster quorum arbitration point. To read more, visit Microsoft Server 2016 Disaster Recovery and Business Continuity Consulting.

Microsoft Windows Server 2012 Failover Clustering
Microsoft Windows Server 2008 R2 brought world-class fault tolerance and recoverability to Microsoft's failover clustering platform. Windows Server 2012 R2 builds on this foundation and delivers significant enhancements offering increased scalability, better disk storage uptime for server applications, simpler administration, faster automatic failover, and more options for designing failover clusters. For more information, go to Windows Server 2012 R2 Failover Clustering Migration and Support.

VMware Site Recovery Manager (SRM) Disaster Recovery Solutions
VMware's Site Recovery Manager is an extension to VMware vCenter that allows you to orchestrate, automate and verify a repeatable process for restoring applications and services quickly after a breakdown. SRM provides centrally managed and automated recovery, application mobility, and transparent site relocation, failback and site re-protect. SRM also supports non-disruptive testing for disaster recovery, upgrades and fixes and can produce audit reports to verify complete service recovery, validate Service Level Agreements and demonstrate compliance. Progent can provide the skills of a VCDX certified VMware SRM consultant to help your organization to design, configure, test and administer a disaster recovery solution powered by VMware Site Recovery Manager.

NetApp MetroCluster High Availability and Disaster Recovery Software
NetApp MetroCluster is a high-availability and disaster recovery platform that combines array-based storage clustering with synchronous replication to provide rapid, zero data loss disaster recovery (DR) between sites located up to 185 miles apart from each other. Progent can provide access to a NetApp MetroCluster expert who can assist you to plan, deploy, manage, update, test and troubleshoot a disaster recovery solution based on NetApp MetroCluster. Progent can help you to select a topology for your MetroCluster environment that meets your functional requirements and IT budget. Progent can make sure you adhere to leading practices for installing your MetroCluster environment by delivering guidance with tasks like assigning shelf IDs, determining aggregate layout, provisioning volumes, setting up Data ONTAP configuration replication service, installing switches, implementing a tiebreaker, setting up a TCP/IP configuration replication network between your storage clusters, and testing your disaster recovery solution to prove adherence with industry standards and government mandates.

Fault Tolerant Load Balancing
Progent offers high availability load balancing support that addresses network load balancing, load balanced applications, LAN/WAN backbone routing, and content dispatching technology including F5 Networks 3DNS. High availability load balancing products for which Progent can provide consulting services include Microsoft Windows 2003 and 2008 Server Network Load Balancing Manager, Citrix Access Suite and Presentation Server, Cisco Content Services Switch, Cisco Content Engine and ACNS, and F5 Networks BIG-IP. For more information, visit Fault Tolerant Load Balancing.

Non-stop Colocation
Progent's Data Center professionals can show you how to identify fault-tolerant data centers that meet the particular requirements of your company. Fault tolerant co-location sites are particularly attractive to small and mid-size companies because of their low cost and simplified logistics compared to taking a do-it-yourself strategy. Attempting to design an on-site data center with even a minimum degree of fault tolerance is too costly for typical small businesses. Progent can help you get all the benefits of high-availability colocation facilities by providing a full array of engineering and maintenance services. To learn more, visit High-Availability Colocation Consulting.

Non-stop Branch Office Connectivity
Progentís interoffice network infrastructure engineers can help organizations create zero-downtime inter-site connectivity by means of fully redundant system architectures featuring automatic failover. Progentís Cisco-qualified CCIE engineers can design and implement high-availability Inter-office connections based on fault tolerant EIGRP routers or non-stop OSPF configurations of Cisco routers. Progent can demonstrate how multi-path connections and automatic fail-over offers economical 24x7 interoffice connectivity. To read more, go to Failsafe Inter-office Networking.

Fault Tolerant Internet Connections
Progent's Cisco-certified IT professionals can show you how to build an affordable, high availability Internet connection solution that can deliver non-stop Internet access via a wide array of high availability Internet network solutions including non-stop BGP, automatic fail-over, and multiple Internet Service Providers. Progent can provide CCIE engineers to help you apply the most advanced technology for 24x7 Internet connectivity to create an economical, fully redundant Internet interface with automatic failover and other capabilities to create fault tolerant Internet availability. To read more, visit High Availability Internet Connectivity Solutions.

Backup and Restore Solutions Consulting Services
Progent offers affordable remote access to engineers skilled in a wide range of utilities and services that deliver solutions for protecting Windows, Mac, and Linux/UNIX servers and desktops plus laptops and handhelds. Progent can provide expertise for leading data protection platforms such as Acronis Backup and Recovery, Symantec Backup Exec, BackupAssist Software, CrashPlan PRO, Double-Take Software, Mozy, Retrospect for Macintosh, Time Machine, VMware vSphere Data Protection (VDP), and FLARs. Progent's consultants can assist your company to deploy, upgrade, or troubleshoot backup systems for a variety of topologies including on-premises, edge to datacenter, cloud, or hybrid. To read more, visit Backup and Restore Solutions Consulting Services.

Microsoft System Center Data Protection Manager (SCDPM) Backup and Recovery Consultants
Progent's expert System Center Data Protection Manager (SCDPM) support professionals can assist your company to create an effective business continuity plan, implement an affordable high-availability IT architecture, configure a Microsoft System Center Data Protection Manager-based backup and restore solution, thoroughly validate your DPM system, train your IT staff or regular service providers how to maintain SCDPM, or provide extensive IT support outsourcing including off-site housing of Microsoft System Center Data Protection Manager machines in Progent's world-class data center. For details, visit System Center Data Protection Manager Consulting and Support Services.

Altaro VM Backup Solutions for Data Protection and Disaster Recovery
Altaro VM Backup offers small organizations a reliable and budget-friendly solution for backing up and recovering Hyper-V and VMware-based virtual machines. Altaro VM Backup can be used for local, offsite, multi-site, and cloud environments and also supports low-cost backup to Microsoft Azure Block Blob storage. Headline features include state-of-the-art inline deduplication to reduce backup storage needs, Continuous Data Protection (CDP) with backup intervals as little as five minutes for reducing your Recovery Point Objective, military-grade encryption, item-level recovery capability for specific files and emails, support for Windows Server CSV and for vCenter for handling larger deployments, and support for Microsoft VSS technology to back up online virtual machines with zero downtime. Progent is a certified Altaro partner and offers a broad array of services to assist you to plan, install, manage and troubleshoot a backup/restore system powered by Altaro VM Backup. For more information, see Altaro VM Backup Consulting.

Consulting Services Double-Take Solutions for Data Backup/Restore
Double-Take Software offers a selection of products intended to provide small and midsize companies a range of cost-effective alternatives for replicating and restoring vital applications including Microsoft Exchange, Microsoft SQL Server, Blackberry, and Microsoft SharePoint. Progentís business continuity planning consultants have extensive experience incorporating Double-Take Software products into small company information networks to achieve a high state of fault tolerance and business continuity readiness at a budget-friendly price. For details, visit Consulting for Double-Take Software for Backup.

Why Choose Progent for Disaster Recovery/Business Continuity Planning Solutions?
Because Progent is a Microsoft Gold Partner and provides professional application expertise for a broad variety of business applications, Progent can assist clients to arrive at complete IT solutions that substantially enhance the business value of your information system. As a Registered Partner for Cisco, Progent offers the expertise of certified consultants and specialists with experience in architecting, deploying and managing infrastructure environments based on Cisco technology. The depth and breadth of Progent's technical know-how and Progent's appreciation for the requirements of small and midsize companies make Progent a great partner for building and running a cost-effective, high-availability information system.

How to Contact Progent's Consultants for Business Continuity Planning Support
To ask Progent about engineering help for workplace recovery planning, phone 1-800-993-9400 or visit Contact Progent.

© 2002- 2018 Progent Corporation. All rights reserved.

More topics of interest: