Our Services


01. IT Risk Management

IT Audit

With experience as both internal and external auditors, our professionals are equipped to assess risks and identify controls, as well as implement effective solutions for the most complex technology problems. Our COBIT-based IT audit services will assist, advise, or lead your organization through any challenge.

– Cyber Threat Assessment and Gap Analysis
– Cloud Technology Assessment
– IT Security and Control Assessment
– IT Audit Issue Reporting and Resolution

Enterprise Risk Management and IT Governance

Information technology continues to advance our world with innovations such as cloud-based solutions, smarter mobile devices, and disruptive fin tech services.  Unfortunately, inadequate enterprise risk management of these complex technologies can expose you to avoidable crises at rapid speed. Copper Squared can help you and your partners build effective security governance across your organization. We design and implement IT governance models to ensure your organization is prepared to meet strategic objectives, manage risk, and adhere to compliance requirements.

Our Insights on Risk Management

02. Resiliency Planning

Whether it’s a natural disaster or a man-made threat, disruptive incidents can be difficult to predict. Copper Squared prepares your organization for such an event. Developed over years of experience, our catalogue of business continuity templates, tools, and documents allows us to gather data quickly and consistently. We start with our designed templates and tailor them to your organization to ensure the Business Continuity Management System (BCMS) is aligned with your organization’s strategic objectives, culture, and requirements. The result is a BCMS designed specifically to your needs.


Business Continuity Policies

Phase one of the business continuity management (BCM) lifecycle is for your leadership to define business continuity goals and scope. This document is critical, and provides the framework for:

– How the BCM program is designed and built
– How the business continuity roles and responsibilities are defined
– Principles, guidelines, and minimum standards for compliance

Business Impact Analysis

The BIA is the foundation on which the business continuity management system (BCMS) is built. Some information captured in the BIA includes:

– Most urgent products and services
– Impact of disruption
– Recovery time scales

This information is critical to determining the appropriate continuity strategies, business continuity plans, and IT disaster recovery plans. The result is a custom solution designed specifically for your organization’s needs.

Business Continuity Plan

We use our Business Continuity Plan (BCP) to document the priorities, procedures, responsibilities, and resources that can be used to navigate your organization's response to and recovery from disruptive events. Our proven template will help ensure the BCP meets your organization's regulatory requirements, and we will work with your response teams to design concise, direct, and adaptable plans that they can update and administer as needed.

Threat Analysis

The threat analysis captures risk information that the BIA may miss. This process involves listing internal and external threats that can cause a disruption to your organization, assigning a scoring system to the impacts and probabilities of the threat occurring, and combining the scores to calculate the risk analysis for each threat. The results are then used to identify unacceptable pockets of risk and single points of failure. (This information can also be used to consider threat mitigation measures for the recovery strategy design phase.) We conduct this analysis on a location basis, interviewing facilities management and capturing risk scores in our threat analysis template.


Crisis Management Plan

One thing is certain, every organization will face a crisis. Ensuring your people are prepared to handle it when it occurs is the most effective way to reduce the impact and successfully manage your response. We design crisis management plans to respond to the threats that are most likely to occur, and would have the most adverse impact on your organization.

IT Disaster Recovery Plan

Our approach to developing the ITDRP begins by interviewing the IT staff identified in the analysis phase. Using these interviews, we document the IT assets, priorities, procedures, and resources required to ensure the resiliency of the critical technology your organization relies on to deliver its products and/or services when a significant event occurs.


Exercising and Training

The effectiveness of your organization’s incident response is highly dependent on the response teams training and awareness. We have found that one of the most powerful ways to engage team members is to demonstrate consequences of action (or inaction). For example, one of our approaches is to conduct business continuity tabletop exercises with the response teams. In the tabletop exercise, we present a potential disaster scenario. Throughout the presentation we ask the response team questions, like what they should be doing and then prompt them for actions and decisions. This method provides an interactive (and cost effective) way to ensure employees are familiar with the plan and understand their role in it. Following the exercise, we provide an evaluation of strengths and areas for improvement.

Our Insights on Resiliency Planning

03. Project Management


Whether it’s a late product launch potentially damaging your market reputation or the implementation of a financial reporting system that doesn’t meet regulatory requirements, mismanaged projects can negatively impact your organization. Our project managers have extensive experience delivering projects with varying complexity and multiple technologies across major industries, including oil and gas, power, and financial services. We have experience managing many types of projects, including RFP software selection and implementation, software enhancements/upgrades, new Custom development, business controls and process improvement. Copper Squared’s project management consultants are PMP® certified by the Project Management Institute (PMI)®. In addition to having the requisite experience and certification, our project managers also possess strong leadership and communication skills, characteristics that you want in your most visible projects.


Whether you require resources long term or short term, Copper Squared Consulting has the flexibility and talent to accommodate your resource needs. We specialize in:

- Managing strategic, mission-critical initiatives: Our clients utilize our experienced project managers when they are unable to allocate internal full-time project manager resources to manage and deliver key initiatives.

- Recovering troubled projects: Our project managers are skilled at conducting rapid diagnosis of problems, instituting course corrections, and bringing projects back on track.

- Interim leadership: We can take charge of PMOs and similar organizations, run them for you for short term and transition them back to you when you're ready, or for long term durations to completion.

Supplementing resources when demand exceeds capacity: We can help fill your project staffing shortages with skilled business and technical professionals as needed, for short or long term durations.


All of our project managers are Project Management Professional (PMP) certified and each one brings a minimum of 15 years of experience in delivering high quality projects on time and on budget. Our project managers have experience working with a variety of different methodologies, each with different work breakdown structures and sets of deliverables, all of which can be found in the Project Management Institute’s Project Management Book of Knowledge (PMBOK), our project management methodology of choice.