Our approach focuses on providing our clients with the information and supporting capabilities required to prepare for, withstand, and respond to incidents that disrupt normal operations. By applying an intelligence-driven approach to risk management, we align the right resources with the right assets at the right time enable an organization to adapt to changes in the operating environment. Through capabilities such as Business Impact Analysis, Risk Assessments, Contingency Planning (including Business Continuity, Continuity of Operations, and Disaster Recovery), and Tests, Training, and Exercise Support, our approach focuses on preparing our client's people, processes, and technology to minimize the impact and adjust business processes to maintain essential operations following and event.
Continuity Program Planning, Outreach, and Governance
We evaluate and offer insight into how organizations can build the governance structures, specifically policies, procedures and plans, needed to support an effective and actionable continuity program.
Business Impact Analysis (BIA)
We help organizations identify their critical business functions; correlate their critical assets; and understand the impact of loss to their mission.
Critical IT Inventory and Vital Records
We support organizations research and develop a comprehensive critical IT asset list and vital records inventory inclusive of the storage and recovery of their critical inventories.
Continuity of Operations (COOP) and Information System Contingency Plans (ISCP)
We employ tailored, repeatable processes to provide audit defensible, Federal Continuity Directive (FCD) and National Institute of Standards and Technology (NIST) compliant plans that capture the information required to plan for; and restore a business functions and systems to normal levels of operation following an outage.
Our analysis capability engages stakeholders across multiple business functions and leverages the Critical Infrastructure Protection (CIP) Project Matrix Step 2 methodology to identify critical nodes, links, and potential single points of failure and integrate considerations for “outside the fence” interconnections.
Critical Facility Site Surveys and Risk Assessments
We leverage and develop tools such as site security survey templates, to identify potential physical security vulnerabilities including recommended mitigation options. Our approach is based upon existing standards such as the Interagency Security Committee, and tailorable based on client needs and the Facility Security Level (FSL).
Tests, Training, and Exercises
We develop and facilitate a full training suite to achieve resilience through
automation, human factors, and process efficiencies. We help clients implement a “sense and respond” philosophy throughout the enterprise and put technology in place to identify attacks and implement resilient strategies that have been planned and tested.