The CRISC Certification for Controlling Information System Risk
CRISC Risk Mitigation ConsultingThe Certified in Risk and Information Systems Control (CRISC) program was established by ISACA in 2010 to verify an IT professional's ability to design, deploy, and maintain information system controls to manage network risk. Progent can provide the services of a CRISC-certified consultant to help you identify, quantify, mitigate, and monitor risks throughout your information network, including both technology and business processes.

Progent can also help you create and implement a risk management strategy based on leading practices promoted by CRISC and geared to align with your company's risk tolerance, business objectives, and IT budget. Areas covered by Progent's risk management services include business continuity planning and disaster recovery preparedness. Progent's risk management services are complementary to the services available from Progent's CISA-certified cybersecurity audit consultants and Progent's CISM-certified cybersecurity management experts.

Progent's Support for CRISC Focus Areas
The CRISC (pronounced "see-risk") certification program verifies a candidate's hands-on work experience and exhaustively tests skills in specific areas of risk management:

  • Risk identification
  • Risk assessment
  • Risk response and mitigation
  • Risk and control monitoring and reporting
Progent offers a comprehensive selection of consulting services for each of the risk management domains defined by CRISC.

Risk Identification
This area of risk management covers gathering the information needed to create a risk management strategy that is relevant to your business. Consulting services offered by Progent in this area include:

  • Collect information and review documentation to make sure you identify and evaluate significant risk scenarios.
  • Identify legal, regulatory, and contractual requirements and organizational policies and standards related to your information system to determine their potential impact on your business goals.
  • Identify potential threats and vulnerabilities for your business processes, associated data, and supporting capabilities to assist in evaluating your enterprise risk.
  • Create and maintain a risk register to make sure all identified risk factors are considered.
  • Compile risk scenarios to estimate the likelihood and impact of significant events that could disrupt your business.
  • Develop a risk awareness program and conduct training to make sure your stakeholders understand information system risk so they can contribute to your risk management process.
  • Match identified risk scenarios to your associated business processes to help determine risk ownership.
  • Validate risk appetite and risk tolerance with your senior leadership and key stakeholders to make sure they are in agreement.
Risk Assessment
This area of risk management involves the analysis and evaluation of IT risk in order to drive strategic risk management decisions that provide optimal support for business objectives. Consulting services offered by Progent in this area include:
  • Frame the analysis of identified risk scenarios in the context of your company's structure, policies, and control mechanisms in order to assess each scenario's likelihood and consequences.
  • Review existing risk controls and assess their ability to reduce information system risk.
  • Study the findings of risk and control analysis to identify possible disconnects between the actual and intended readiness of your risk management environment.
  • Make sure that risk ownership is properly assigned to clarify the chain of accountability.
  • Review risk assessment findings to appropriate stakeholders to inform risk management strategy.
  • Incorporate the risk assessment findings in the risk register.
Risk Response and Mitigation
This area of risk management involves developing and implementing risk responses to ensure that risk factors and events are handled effectively and in line with your business goals and IT budget. Consulting services offered by Progent in this area include:
  • Identify and evaluate risk response options and provide your management with information needed to make sensible decisions about responding to risk.
  • Review risk responses with your relevant stakeholders to validate efficiency, effectiveness, and economy.
  • Apply risk criteria to help you develop the risk profile for approval by your management.
  • Help you develop risk response action plans to address risk factors identified in your organizational risk profile.
  • Help you develop business cases supporting your investment plan to make sure risk responses are aligned with your business goals.
Risk and Control Monitoring and Reporting
This area of risk management addresses monitoring risk and communicating information to your relevant stakeholders to ensure the continued effectiveness of your company's risk management strategy. Support services available from Progent in this area include:
  • Collect and validate data that measure key risk indicators (KRIs) to monitor and communicate their status to associated stakeholders.
  • Monitor and communicate key risk indicators (KRIs) and management activities to assist your relevant stakeholders in their decision-making process.
  • Facilitate independent risk assessments and risk management process reviews to ensure they are performed efficiently and effectively.
  • Identify and report on risk, including compliance, to initiate corrective action and meet business and regulatory requirements.
  • Interview process owners and review process design documentation to gain an understanding of your business process objectives.
  • Design information systems controls in consultation with process owners to make sure they meet your business goals.
  • Help identify the people, infrastructure, information, and other resources needed to implement and manage IS controls at an optimal level.
  • Implement information systems controls to mitigate risk.
  • Help define metrics and key performance indicators (KPIs) so you can measure your information systems control performance in meeting business goals.
  • Provide documentation and training to make sure your IS controls are performed effectively.
  • Assess and recommend tools and techniques to automate your information system control verification processes.
  • Make sure all your controls are assigned to owners who take responsibility for them.
  • Establish control criteria to allow you to perform control life cycle management.
Other High Availability Solutions Provided by Progent's Experts
Progent's Microsoft and Cisco consulting experts can help your business to implement a sensible, fault-tolerant network that addresses key issues covering a wide array of infrastructure technologies and processes such as:

Workplace Recovery Planning
Progent's business continuity planning engineers can help you create a workplace recovery strategy in order to resume network operations in case of an IT system catastrophe. Progent can help you to create a comprehensive disaster recovery strategy that includes scheduled disaster recovery evaluations and testing. Progent's Microsoft and Cisco-authorized consultants can also help you create an affordable, non-stop system solution that addresses reliability issues covering a wide array of network technologies and procedures. For more information, see Workplace Recovery Consulting Services.

Fully Managed Cloud Backup: ProSight Data Protection Services
ProSight Data Protection Services provide small and mid-sized businesses a low cost and fully managed service for reliable backup/disaster recovery. For a fixed monthly cost, ProSight Data Protection Services automates your backup activities and allows rapid recovery of vital data, applications and VMs that have become unavailable or damaged as a result of hardware breakdowns, software bugs, natural disasters, human error, or malware attacks like ransomware. ProSight DPS can help you back up, recover and restore files, folders, apps, system images, as well as Microsoft Hyper-V and VMware images/. Important data can be backed up on the cloud, to an on-promises storage device, or mirrored to both. Progent's cloud backup specialists can provide advanced expertise to configure ProSight DPS to be compliant with regulatory requirements like HIPPA, FIRPA, and PCI and, whenever necessary, can assist you to recover your business-critical data. Learn more about ProSight DPS Managed Cloud Backup.

Windows Server 2016 Disaster Recovery and Business Continuity
Progent's Windows Server 2016 disaster recovery/business continuity experts can assist you to design a DR system built around Microsoft's latest Failover Clustering technologies such as Cluster Operating System Rolling Upgrade for non-disruptive migration to Windows Server 2016, Storage Replica for zero-data-loss Recovery Point Objective (RPO), Storage Spaces Direct for high-performance network-attached storage using low-cost hardware, Virtual Machine Load Balancing for enhancing the speed and resilience of Failover Clusters while minimizing TCO and management overhead, and Cloud Witness for easy, affordable creation of a failover cluster quorum witness. For details, visit Windows Server 2016 Disaster Recovery Consulting.

Microsoft Windows Server 2012 Failover Clusters
Windows Server 2008 R2 brought enterprise-class fault tolerance and system recovery to Microsoft's failover clustering platform. Microsoft Windows Server 2012 R2 adds to this foundation and delivers significant improvements that offer increased scalability, non-stop disk storage uptime for server applications, easier administration, quicker automatic failover, and more options for architecting clusters. For more information, see Windows Server 2012 Clustering Consulting and Support.

VMware Site Recovery Manager (SRM) Disaster Recovery Solutions
VMware's Site Recovery Manager (SRM) is an extension to VMware vCenter that lets you orchestrate, automate and test a repeatable workflow for restoring applications and services quickly following a breakdown. Site Recovery Manager supports centrally managed and automated recovery, application mobility, plus transparent site relocation, failback and re-protect. SRM also supports non-disruptive testing for site recovery, updates and fixes and can produce reports to verify full service recovery, validate Service Level Agreements and prove disaster recovery compliance. Progent offers the support of a VCDX certified VMware Site Recovery Manager consultant to assist your organization to design, deploy, test and maintain a disaster recovery system based on VMware Site Recovery Manager.

NetApp MetroCluster Disaster Recovery Software
NetApp MetroCluster is a disaster recovery software suite that uses failover storage clustering along with continual replication to deliver fast, zero data loss disaster recovery (DR) between sites located up to 300km away from one another. Progent offers online or on-premises access to a NetApp MetroCluster consultant who can help your business to design, configure, administer, upgrade, test and troubleshoot a disaster recovery solution built around NetApp MetroCluster. Progent can assist you to choose an architecture for your MetroCluster environment that aligns with your functional needs and budget. Progent can ensure you adhere to leading practices for installing your MetroCluster environment by providing guidance with procedures like assigning disk pools, arranging aggregate layout, setting up volumes, setting up Data ONTAP configuration replication service, installing switches, implementing a tiebreaker mechanism, setting up a TCP/IP configuration replication network between your peered clusters, and verifying your disaster recovery solution to prove compliance with information assurance standards and government mandates.

Fault Tolerant Load Balancing
Progent offers fault tolerant load balancing support that addresses system load balancing, load balanced applications, network backbone routing, and content dispatching technology including Cisco Content Engine. Non-stop load balancing products for which Progent can provide consulting services include Microsoft Windows Server 2003 and 2008 Network Load Balancing Manager, Citrix Metaframe and Access Gateway, Cisco CSS, Cisco Distributed Director and Cisco CDN Software, and F5 Networks 3-DNS. To read more, visit Fault Tolerant Load Balancing.

High-Availability Colocation
Progent's Data Center consultants can help you identify zero-downtime data centers that meet the specific requirements of your business. High availability colocation sites are especially attractive to small and mid-size companies because of their low cost and simplified logistics compared to taking a do-it-yourself strategy. Attempting to create an on-site data center with even a basic level of fault tolerance is financially prohibitive for typical small companies. Progent is ready to help you get all the benefits of 24x7 colo sites by offering a complete array of engineering and support services. To find out more, see Fault Tolerant Colocation Consulting.

Non-stop Branch Office Networking
Progentís multi-site network infrastructure consultants can help companies create fault tolerant interoffice connectivity via fully redundant networks featuring transparent failover. Progentís Cisco-certified CCIE engineers can design and deploy high-availability Inter-office networks supported by fault tolerant EIGRP routers or zero-downtime OSPF deployment of Cisco routers. Progent can show you how multi-path connectivity and automatic fail-over can provide economical non-stop interoffice networking. For details, visit Fault Tolerant Inter-office Networking.

24x7 Internet Connectivity
Progent's Cisco-authorized IT professionals can show you how to create an affordable, fault tolerant Internet connection architecture that can deliver 24x7 Internet access via a wide array of high availability Internet network technologies including non-stop BGP, automatic fail-over, and redundant Internet Service Providers. Progent can provide Cisco Certified Internetwork Expert engineers to help you apply the latest techniques for fault tolerant Internet connections to create an affordable, fully redundant Internet interface with automatic failover and other features to create non-stop Internet availability. To learn more, see 24x7 Internet Access Solutions.

Backup and Restore Solutions Consulting
Progent can provide affordable remote access to IT engineers skilled in a broad array of utilities and services that provide solutions for backing up Microsoft Windows, Mac, and Linux/UNIX servers and desktops plus notebooks and smartphones. Progent offers consulting support for all major data protection products including Acronis Backup and Recovery, Backup Exec, BackupAssist Software, HP Data Protector, Double-Take Backup, MozyPro, Retrospect for Macintosh, Time Machine, VMware Data Recovery, and Oracle Solaris FLARs. Progent can assist your company to implement, enhance, or maintain backup/restore systems for a variety of architectures including on-premises, edge to datacenter, cloud, or hybrid. For details, see Backup and Recovery Technology Expertise.

System Center Data Protection Manager (SCDPM) Backup and Recovery Consulting Services
Progent's certified System Center Data Protection Manager engineers can help your company to develop a practical business continuity strategy, implement a cost-effective fault-tolerante IT architecture, configure a Microsoft SCDPM-powered backup and restore system, comprehensively validate your system, train your administrative staff or local service providers how to maintain SCDPM, or provide complete IT outsourcing services such as off-site housing of Microsoft SCDPM machines in Progent's world-class data center facility. For more information, visit Microsoft System Center Data Protection Manager Consulting Services.

Barracuda Backup Multi-site and Cloud Data Backup and Disaster Recovery
Barracuda Backup is an affordable, subscription backup/restore service for small and mid-size businesses. A Barracuda Backup deployment can include a purpose-built physical storage device built by Barracuda or a virtual appliance with comparable features but which utilizes your existing storage infrastructure. Barracuda Backup protects critical company data generated locally, at one or more remote locations, or in the cloud. For disaster protection, you can replicate data to the Barracuda Cloud, to Amazon Web Services (AWS), or to any location with a Barracuda Backup appliance. Progent is a certified Barracuda partner and Progent's Barracuda Backup consultants offer a broad array of consulting services to assist you to design, integrate, operate and troubleshoot a BDR solution built on Barracuda technology. For details, visit Barracuda Backup and disaster recovery consulting and management.

Altaro VM Backup Solutions for Data Protection and Disaster Recovery
Altaro VM Backup software offers small businesses a reliable and budget-friendly platform for backing up and restoring Hyper-V and VMware-powered virtual machines. Altaro VM Backup can be deployed in local, offsite, multi-site, and cloud-hosted environments and also enables cost-effective backup to Azure storage. Top capabilities include state-of-the-art Augmented Inline Deduplication to reduce backup storage requirements, Continuous Data Protection (CDP) with backup intervals as low as five minutes for reducing your exposure to data loss, advanced encryption, granular restore capability for specific files and emails, extensive support for Windows Server Cluster Shared Volumes (CSV) and for VMware vCenter for handling large-scale environments, and support for Volume Shadow Copy Service (VSS) to back up live VMs without downtime. Progent is an Altaro partner and can provide a broad range of consulting services to help you to plan, install, optimize and troubleshoot a backup and disaster recovery system based on Altaro VM Backup software. For details, visit Altaro VM Backup Consulting.

Consulting for Double-Take Solutions for Data Backup
Double-Take Software offers a selection of tools intended to deliver small and midsize businesses a variety of cost-effective solutions for backing up and restoring business-critical workloads including Exchange, SQL Server, Blackberry, and Microsoft Office SharePoint. Progentís business continuity planning consultants have in-depth experience integrating Double-Take Software technology into small business IT networks to achieve a high state of availability and business continuity capability at a budget-friendly cost. To learn more, visit Consulting Services Double-Take Solutions for Backup.

Why Pick Progent for Disaster Recovery/Business Continuity Planning?
Since Progent is a Microsoft Partner and provides high-level application support for a broad range of business applications, Progent is able to help clients to find complete information technology solutions that substantially enhance the business value of your information system. As a Registered Partner for Cisco, Progent can provide the support of premier consultants and specialists with expertise in designing, implementing and troubleshooting networking solutions built on Cisco technology. The extent of Progent's IT know-how and Progent's sensitivity to the requirements of small companies make Progent the perfect resource for building and running an affordable, fault-tolerant information system.

Other Credentials Earned by Progent's Cybersecurity and Information Assurance Consultants
In addition to offering the expertise of information assurance professionals with CRISC certification, Progent can also provide your business with access to CISM-certified security management consultants, CISSP-certified cybersecurity experts, CISSP-ISSAP certified cybersecurity architecture consultants, CISA-certified cybersecurity audit professionals, and GIAC-certified information assurance specialists.

Contact Progent for help from a CRISC-certified Risk Management Consultant
To learn how to receive support from a CRISC-certified risk management expert, phone Progent at 800-993-9400 or visit Contact Progent.

More topics of interest: