The CRISC Certification for Controlling Information System Risk
CRISC Risk Mitigation ConsultingThe Certified in Risk and Information Systems Control (CRISC) program was established by ISACA in 2010 to verify an IT professional's ability to design, deploy, and maintain information system controls to manage network risk. Progent can provide the services of a CRISC-certified consultant to help you identify, quantify, mitigate, and monitor risks throughout your information network, including both technology and business processes.

Progent can also help you create and implement a risk management strategy based on leading practices promoted by CRISC and geared to align with your company's risk tolerance, business objectives, and IT budget. Areas covered by Progent's risk management services include business continuity planning and disaster recovery preparedness. Progent's risk management services are complementary to the services available from Progent's CISA-certified cybersecurity audit consultants and Progent's CISM-certified cybersecurity management experts.

Progent's Support for CRISC Focus Areas
The CRISC (pronounced "see-risk") certification program verifies a candidate's hands-on work experience and exhaustively tests skills in specific areas of risk management:

  • Risk identification
  • Risk assessment
  • Risk response and mitigation
  • Risk and control monitoring and reporting
Progent offers a comprehensive selection of consulting services for each of the risk management domains defined by CRISC.

Risk Identification
This area of risk management covers gathering the information needed to create a risk management strategy that is relevant to your business. Consulting services offered by Progent in this area include:

  • Collect information and review documentation to make sure you identify and evaluate significant risk scenarios.
  • Identify legal, regulatory, and contractual requirements and organizational policies and standards related to your information system to determine their potential impact on your business goals.
  • Identify potential threats and vulnerabilities for your business processes, associated data, and supporting capabilities to assist in evaluating your enterprise risk.
  • Create and maintain a risk register to make sure all identified risk factors are considered.
  • Compile risk scenarios to estimate the likelihood and impact of significant events that could disrupt your business.
  • Develop a risk awareness program and conduct training to make sure your stakeholders understand information system risk so they can contribute to your risk management process.
  • Match identified risk scenarios to your associated business processes to help determine risk ownership.
  • Validate risk appetite and risk tolerance with your senior leadership and key stakeholders to make sure they are in agreement.
Risk Assessment
This area of risk management involves the analysis and evaluation of IT risk in order to drive strategic risk management decisions that provide optimal support for business objectives. Consulting services offered by Progent in this area include:
  • Frame the analysis of identified risk scenarios in the context of your company's structure, policies, and control mechanisms in order to assess each scenario's likelihood and consequences.
  • Review existing risk controls and assess their ability to reduce information system risk.
  • Study the findings of risk and control analysis to identify possible disconnects between the actual and intended readiness of your risk management environment.
  • Make sure that risk ownership is properly assigned to clarify the chain of accountability.
  • Review risk assessment findings to appropriate stakeholders to inform risk management strategy.
  • Incorporate the risk assessment findings in the risk register.
Risk Response and Mitigation
This area of risk management involves developing and implementing risk responses to ensure that risk factors and events are handled effectively and in line with your business goals and IT budget. Consulting services offered by Progent in this area include:
  • Identify and evaluate risk response options and provide your management with information needed to make sensible decisions about responding to risk.
  • Review risk responses with your relevant stakeholders to validate efficiency, effectiveness, and economy.
  • Apply risk criteria to help you develop the risk profile for approval by your management.
  • Help you develop risk response action plans to address risk factors identified in your organizational risk profile.
  • Help you develop business cases supporting your investment plan to make sure risk responses are aligned with your business goals.
Risk and Control Monitoring and Reporting
This area of risk management addresses monitoring risk and communicating information to your relevant stakeholders to ensure the continued effectiveness of your company's risk management strategy. Support services available from Progent in this area include:
  • Collect and validate data that measure key risk indicators (KRIs) to monitor and communicate their status to associated stakeholders.
  • Monitor and communicate key risk indicators (KRIs) and management activities to assist your relevant stakeholders in their decision-making process.
  • Facilitate independent risk assessments and risk management process reviews to ensure they are performed efficiently and effectively.
  • Identify and report on risk, including compliance, to initiate corrective action and meet business and regulatory requirements.
  • Interview process owners and review process design documentation to gain an understanding of your business process objectives.
  • Design information systems controls in consultation with process owners to make sure they meet your business goals.
  • Help identify the people, infrastructure, information, and other resources needed to implement and manage IS controls at an optimal level.
  • Implement information systems controls to mitigate risk.
  • Help define metrics and key performance indicators (KPIs) so you can measure your information systems control performance in meeting business goals.
  • Provide documentation and training to make sure your IS controls are performed effectively.
  • Assess and recommend tools and techniques to automate your information system control verification processes.
  • Make sure all your controls are assigned to owners who take responsibility for them.
  • Establish control criteria to allow you to perform control life cycle management.
Additional High Availability Technologies Supported by Progent's Consultants
Progent's Microsoft and Cisco support professionals can assist your business to build an affordable, non-stop network that addresses major problems encompassing a wide range of infrastructure solutions and processes including:

Business Continuity Planning
Progent's business continuity planning engineers can help you create a workplace recovery strategy so you can resume IT functionality in case of an IT network catastrophe. Progent can assist you to define a complete disaster recovery plan that incorporates scheduled disaster recovery evaluations and drills. Progent's Microsoft and Cisco-certified engineers can also help you build an affordable, fault-tolerant system solution that takes into account reliability issues covering a broad range of infrastructure technologies and processes. For details, see Disaster Recovery Consulting and Support Services.

Fully Managed Cloud Backup: ProSight Data Protection Services
ProSight Data Protection Services offer small and mid-sized organizations an affordable and fully managed service for reliable backup/disaster recovery. For a fixed monthly cost, ProSight Data Protection Services automates your backup activities and allows fast restoration of critical files, apps and VMs that have become lost or damaged as a result of component failures, software bugs, disasters, human mistakes, or malware attacks like ransomware. ProSight Data Protection Services can help you back up, retrieve and restore files, folders, applications, system images/, as well as Microsoft Hyper-V and VMware virtual machine images/. Important data can be protected on the cloud, to a local device, or to both. Progent's cloud backup consultants can deliver world-class support to configure ProSight DPS to to comply with regulatory requirements such as HIPPA, FINRA, PCI and Safe Harbor and, whenever necessary, can assist you to recover your critical information. Learn more about ProSight Data Protection Services Managed Cloud Backup.

Windows Server 2016 Disaster Recovery and Business Continuity
Progent's Windows Server 2016 disaster recovery/business continuity consultants can assist your organization to design a disaster recovery system based on Microsoft's most advanced Failover Clustering technologies such as Cluster Operating System Rolling Upgrade for non-disruptive migration to Windows Server 2016, Storage Replica for zero-data-loss Recovery Point Objective (RPO), Storage Spaces Direct for high-performance network-attached storage using commodity equipment, VM Load Balancing for improving the performance and fault-tolerance of Failover Clusters while reducing capital investment and management overhead, and Cloud Witness for fast, economical deployment of a stretch cluster quorum witness. For details, go to Microsoft Server 2016 Disaster Recovery Help.

Windows Server 2012 Failover Clusters
Windows Server 2008 R2 introduced world-class availability and recoverability to Microsoft's clustering platform. Microsoft Windows Server 2012 R2 adds to this foundation and delivers important improvements offering more extensibility, better storage uptime for server applications, easier administration, faster automatic failover, and more options for architecting failover clusters. For more information, visit Windows Server 2012 Clustering Migration and Support.

VMware Site Recovery Manager (SRM) Disaster Recovery Solutions
VMware's Site Recovery Manager is an extension to VMware vCenter that allows you to specify, automate and verify a repeatable runbook for recovering applications and services rapidly following a breakdown. Site Recovery Manager provides centrally controlled and automated recovery, application mobility, plus non-intrusive site relocation, failback and re-protect. SRM also supports transparent testing for site recovery, updates and fixes and can produce reports to verify complete service restoration, validate Service Level Agreements and demonstrate disaster recovery compliance. Progent can provide the support of a VCDX certified VMware SRM consultant to assist your organization to plan, deploy, test and manage a DR solution based on VMware Site Recovery Manager.

NetApp MetroCluster High Availability and Disaster Recovery Technology
NetApp MetroCluster is a high-availability and disaster recovery software suite that uses failover storage clustering along with synchronous replication to deliver fast, zero RPO disaster recovery between datacenters located as far as 185 miles apart. Progent can provide the skills of a certified NetApp MetroCluster expert who can assist you to plan, deploy, administer, upgrade, test and repair a disaster recovery solution based on NetApp MetroCluster. Progent can help you to select a topology for your MetroCluster environment that meets your functional requirements and IT budget. Progent can ensure you follow leading practices for installing your MetroCluster environment by delivering help with procedures such as assigning disk pools and shelf IDs, arranging aggregate and plexes layout, provisioning volumes, setting up Data ONTAP configuration replication service, installing Cisco and Brocade switches, implementing a tiebreaker, designing a TCP/IP configuration replication network between your peered clusters, and testing your MetroCluster DR solution to prove adherence with information assurance standards and regulatory requirements.

Fault Tolerant Load Balancing
Progent offers high availability load balancing consulting that addresses system load balancing, load balanced programs, LAN/WAN infrastructure routing, and content dispatching products such as F5 Networks 3DNS. Fault tolerant load balancing technologies for which Progent can provide consulting expertise include Microsoft Windows 2003 and 2008 Server Network Load Balancing Manager, Citrix Metaframe and Access Gateway, Cisco Content Services Switch, Cisco Content Engine and LocalDirector 400 series, and F5 Networks BIG-IP. For details, see Non-stop Load Balancing.

Non-stop Colocation
Progent's Data Center consultants can show you how to select high availability data centers that meet the particular needs of your company. High availability co-location sites are particularly appealing to small and mid-size companies due to of their low cost and convenience compared to taking a do-it-yourself approach. Trying to create an in-house data center with even a minimum level of fault tolerance is financially prohibitive for most small companies. Progent is ready to help you get all the advantages of 24x7 Internet data centers by offering a full range of engineering and maintenance services. To learn more, see Non-stop Internet Data Centers Consulting.

Fault Tolerant Branch Office Connectivity
Progentís branch office connectivity professionals can help organizations achieve fault tolerant multi-site connectivity through redundant networks with automatic failover. Progentís Cisco-premier CCIE network engineers can design and deploy fault-tolerant Inter-office connections based on fault tolerant EIGRP network routers or non-stop OSPF configurations of Cisco routers. Progent can demonstrate how redundant connectivity and transparent fail-over offers affordable non-stop interoffice networking. For details, visit High-Availability Inter-office Connectivity.

High Availability Internet Connections
Progent's Cisco-authorized network engineers can show you how to design an economical, high availability Internet configuration architecture that can achieve non-stop Internet access through a broad range of high availability Internet access solutions including fault tolerant BGP, automatic fail-over, and multiple Internet Service Providers. Progent offers CCIE consultants to show you how to utilize the most advanced techniques for fault tolerant Internet access to implement a cost-effective, completely redundant Internet interface with automatic failover and other features to create fault tolerant Internet availability. For more information, visit Non-stop Internet Access Architecture.

Backup and Restore Technology Consulting
Progent offers affordable online support from IT engineers skilled in a wide range of products and technologies that deliver solutions for backing up Microsoft Windows, Apple Mac, and Linux physical and virtual servers and desktops plus notebooks and handhelds. Progent offers help for all major data protection platforms including Acronis, Backup Exec, BackupAssist Software, HP Data Protector, Double-Take, MozyPro, Retrospect for Macintosh, Apple Time Machine, vSphere Data Protection, and FLARs. Progent can help you to implement, upgrade, or troubleshoot backup systems for a range of architectures including on-premises, remote, cloud, or a mix. To read more, go to Backup and Restore Solutions Expertise.

Microsoft System Center Data Protection Manager (SCDPM) Data Recovery Consulting Experts
Progent's expert Microsoft SCDPM engineers can help you to develop a practical business continuity strategy, implement a cost-effective high-availability IT infrastructure, deploy a SCDPM-powered recovery solution, thoroughly validate your system, educate your administrative staff or regular consultants how to maintain SCDPM, or provide complete IT support outsourcing such as off-site housing of Microsoft SCDPM machines in Progent's secure data center facility. To learn more, go to Microsoft System Center Data Protection Manager Consulting and Support Services.

Barracuda Backup Multi-site and Cloud Data Backup and Disaster Recovery
Barracuda Backup is a low-cost, subscription-based backup/restore service for small and mid-size businesses. A Barracuda Backup solution can include a custom-designed hardware appliance built by Barracuda or a software-based appliance with similar functionality but which uses your existing storage infrastructure. Barracuda Backup safeguards critical company data generated locally, at one or more remote locations, or in the cloud. For disaster preparedness, you can replicate data to the Barracuda Cloud, to Amazon AWS, or to any location with a physical or virtual Barracuda appliance. Progent is a Barracuda partner and Progent's Barracuda Backup consulting experts offer a broad array of consulting support services to assist you to design, configure, manage and repair a BDR solution built on Barracuda technology. For details, see Barracuda Backup and disaster recovery consulting.

Altaro VM Backup Solutions for Backup and Disaster Recovery
Altaro VM Backup software offers small organizations a reliable and budget-friendly solution for backing up and restoring Hyper-V and VMware-based virtual machines (VMs). Altaro VM Backup can be used for local, remote, multi-site, and cloud architectures and also supports low-cost cloud backup to Microsoft Azure Block Blob storage. Top capabilities include state-of-the-art inline deduplication to reduce backup storage requirements, Continuous Data Protection with backup spacing as low as five minutes for reducing your Recovery Point Objective (RPO), military-grade encryption, item-level restore capability for specific files and emails, extensive support for Windows Server Cluster Shared Volumes and vCenter for handling large-scale environments, and support for Volume Shadow Copy Service (VSS) to back up online virtual machines with zero downtime. Progent is a certified Altaro partner and offers a wide range of consulting services to help you to plan, deploy, manage and troubleshoot a backup and disaster recovery solution powered by Altaro VM Backup software. To learn more, see Altaro VM Backup Consulting Services.

Consulting for Double-Take Solutions for Backup/Restore
Double-Take publishes a selection of products intended to provide small and midsize businesses a variety of cost-effective solutions for replicating and recovering vital applications such as Exchange Server, SQL, Blackberry, and Microsoft Office SharePoint. Progentís business continuity planning consultants have in-depth backgrounds integrating Double-Take products into small company information systems to create a high state of availability and business continuity readiness at an affordable cost. For details, see Consulting Services Double-Take Solutions for Data Backup.

Why Choose Progent for Disaster Recovery/Business Continuity Planning Solutions?
Because Progent is a Microsoft Certified Partner and offers high-level application consulting for a broad range of business applications, Progent can assist customers to find efficient information technology solutions that substantially enhance the productivity of your network. As a Registered Partner with Cisco, Progent offers the expertise of premier consultants and specialists with experience in architecting, implementing and managing infrastructure solutions based on Cisco products. The broad scope of Progent's IT experience and Progent's familiarity with the needs of small businesses make Progent the perfect resource for building and running an affordable, high-availability information system.

Other Credentials Earned by Progent's Cybersecurity and Information Assurance Consultants
In addition to offering the expertise of information assurance professionals with CRISC certification, Progent can also provide your business with access to CISM-certified security management consultants, CISSP-certified cybersecurity experts, CISSP-ISSAP certified cybersecurity architecture consultants, CISA-certified cybersecurity audit professionals, and GIAC-certified information assurance specialists.

Contact Progent for help from a CRISC-certified Risk Management Consultant
To learn how to receive support from a CRISC-certified risk management expert, phone Progent at 800-993-9400 or visit Contact Progent.

More topics of interest: