Cosgrove Consulting Group

Modern organizations are increasingly dependent on continuing operation of their computer-based systems, telecommunications and networking infrastructures. This reliance necessitates the need for effective business continuity or disaster recovery planning. Cosgrove Consulting Group is well-experienced in this area and offers the following services to meet planning requirements: Business impact and risk analysis Recovery plan development and plan maintenance support IT vulnerability assessment and mitigation strategy Software systems vulnerability assessment Facilitated risk analysis Information security assessment and policy Disaster recovery awareness and concept training Business Impact & Risk Analysis This analysis project identifies the functions or software applications that either control large assets or, if interrupted, create severe financial impact to the company. The project includes solutions recommendations for business recovery. Recovery Plan Development & Plan Maintenance Support During the recovery plan development process, specific actions that are to be taken at the time of disaster are identified and documented. A plan is written for each affected business function. The plan includes recovery team members, a high-level recovery approach, and detailed procedures that are required for recovering the business function. After the recovery plan is written, the continual refinement process begins. Testing and updating the plan are important phases in the plan development lifecycle. The support effort focuses on developing a plan maintenance and test procedure to ensure the plan’s overall effectiveness. The approach includes periodic plan reviews with business units and their participation in disaster recovery exercises. Reports are issued to management after every maintenance period and disaster recovery exercise. This ensures a state of readiness will continue to exist, and that the business function can be recovered in a timely manner. Software Systems Vulnerability Assessment In order for modern organizations to expect that their computer-based systems will continue to operate, they must invest time in the planning effort. Continuity planning must include an up-to-date assessment of the impact of failure or gradual obsolescence of these systems. Often, this must begin with evaluating the financial risk exposure faced by the organization for various parts of the critical business applications. A well-established software risk management methodology (decision tree analysis) is used to quantify these risks and select alternative solutions.
	Business Continuity Projects for Software Systems Current Value/Replacement-Cost Assessment: Establish a dollar value and replacement cost for the critical business systems. Risk Exposure/Cost Benefit Analysis: Determine risk exposures and develop solution cost options for each affected system. Business Continuity Solution Implementation: Design and validate selected solutions that include process and operating procedures. Software Maturity Review: Detail and review existing software and system development and maintenance processes and procedures (applicable to organizations which develop and maintain its own systems). Process/Operations Review: General review of current backup/recovery process and operations includes testing and validation.
Facilitated Risk Analysis During the Risk Analysis, sessions are facilitated with IT staff to assess current and future risks in projects, services and systems. These approaches take advantage of the collective knowledge of an organization’s staff to locate and address the risks associated with a project. These sessions provide several benefits, including establishing a basis for business resumption projects, validating the information security policies, and identifying the incident response needs of the enterprise. Disaster Recovery Awareness & Concept Training These training courses educate an enterprise’s various business and IT units about their role in the business continuity planning process. The focus of the awareness course is to determine the appropriate strategic and tactical recovery approaches for each business unit. The focus of the concept training course is to identify the Disaster Recovery (DR) methodology that will best meet the requirements of the business unit. This recovery methodology is important because it will be used in the recovery plan development process

Company Information | Consulting Specialties | Project Profiles