This text is replaced by the Flash movie.

ERE Information Security Auditors

ERE IT security auditors are information security compliance auditors and risk security auditors. As an IT security auditor in Canada, we serve large and medium organizations across Canada, US, and Europe since 2000. The ERE IT security auditor team has built client loyalty based upon the expertise of our certified security experts and upon our impartiality. Impartiality - ERE Security sells no hardware or software whatsoever. As IS security auditors, we provide information security auditing, computer security and compliance audit services and information systems continuous monitoring service (NIST).

We do cyber security auditing as one time snapshots of security health, 7 24 IT security auditing, 24x7 IT security monitoring and 7 24 security compliance audits. As an extension of 24 x 7 IT security monitoring we also provide managed security services.

As an adjunct to being information IT compliance auditors we provide privacy compliance audit services including, PIPEDA compliance audits, PIPEDA consulting, training on how to implement privacy policy, and auditing privacy compliance.

We Identify Vulnerabilities that Others Miss

Our single focus is our practice as IT security auditors. Our scope is the security triad of people, IT technology and systems. We can be your next:
Security auditor and web security auditor. IT security auditors and application security assessment provider. Application audit and database security specialist. IT compliance audit experts. NERC SCADA CIP - NERC CIP compliance audit and NERC audit checklist, NERC CIP compliant validation auditor. SOX compliant, SOX compliance Canada audit, and C-sox compliance checklist. GDSN compliance for GS1 data pools. IT security policy consulting and disaster recovery planning. 7/24 IT security monitoring service which identifies IT security vulnerabilities in real time, including NERC file integrity monitoring.

Front Burner Security Concerns

Web facing application auditing, web facing application pen test, web portal application auditing and related database security for web facing apps. Exploitable Software Vulnerabilities – We do penetration testing as part of an industry standard computer audit. PCI DSS readiness assessment , PCI DSS readiness assessment checklist, and PCI DSS vulnerability management. Insider security vulnerabilities and employee Internet abuse – As data loss prevention vendors, we identify dangerous traffic. File integrity monitoring comparison. Poorly trained users – We train users Data leaks and data leak prevention or DLP – As data leak prevention vendors, We find the leaks others miss Privacy audits and privacy audit checklist. Cloud security vulnerabilities, cloud security checklist, and managing cloud security. Cyber security auditing for managing risk with our IT compliance audit services and business cases for calculating IT security risk and the ROI on costs of IT security mitigation. Updating / authoring security policy and procedures and presenting to management a business case for security and compliance cost justification. Security Governance framework.

IT Security Compliance Audit Services

Security Compliance Auditors NERC CIP version 4 - certification opinion letter for NERC CIP version 4, CIP standards version 4, NERC CIP standards in Canada, audit plan for NERC CIP, NERC audit checklist, CIP regulations for SCADA, SCADA audit, and Department of Homeland Security CIP audits. Auditing NERC CIP compliance in both Canada and USA. SOX - SOX compliance Canada, C-SOX compliance audit, Bill 198 security audit. Privacy audit -RCMP / CSE TRA, privacy harmonized TRA, harmonized threat and risk assessment methodology, PIPEDA, PIPEDA PIA, GLBA, HIPAA, and Canada privacy audit checklist. Security standards and frameworks ISO 27000 compliance, COBIT compliance, ITIL compliance. IT audit checklist - including specific CSOX compliance audit ensuring SOX compliant 3rd party audit scorecard. Audit report template available for compliance. 7x24 Auditing / Compliance Verification. Security risk auditors and analysis – Cyber security auditing for managing risk. Correlate business and technical risks for every critical asset.

Techie Talk

As security compliance auditors we show in our audit reports technical evidence of all vulnerabilities. Our highly technical evaluation steps include: External vulnerability assessment. Employee Internet abuse assessment. Web facing application audit. Web application audit. Web security auditor. Network architecture audit and security architecture audit. Network security audit template. Information systems continuous monitoring. Server hardening audit. Wireless audit. Security and loss prevention audits checklist. Firewall and VPN rule audit. IDS / IPS rule configuration audit. Physical security audit and physical security auditor certification. Authentication / access controls audit. Compliance control points violations audit. End – user practices audit. IT Policy control points and procedures review. Separation of duties review. IT security policy and procedures review. 3rd party outsourcing separation of duties and due diligence review. Security audit computer systems.
Why Choose ERE Security

ERE Information Security are a widely trusted cyber security testing specialist in Canada. We are a widely trusted cyber security testing specialist in USA. IT security knowledge transfer – we provide a fully transparent post audit presentation and Q&A session. Transparency - We provide an information security audit checklist and a database security audit checklist. Transparency – Up front we provide a detailed statement of work with each fixed price information security audit price quote. Our IT compliance audit service identifies vulnerabilities and compliance violations that others miss. You can rely on a security auditor of the highest Caliber, with CISSP, CISM, and many other industry certifications. Expertise with 75+ IT security audit topics. Objective, impartial web security auditors and network security auditors. Boutique, highly tuned 24x7 IT security auditing and 7 24 IT security monitoring services. Transparency – we clearly articulate our computer security compliance audit procedures and provide a methodology on how to calculate ROI on information security risks. We quickly create user-updatable documentation: IT security procedures, IT security policy and procedures, DRP, security training. An excellent reputation and many satisfied clients. One stop for training and other information security services.
Quantifying Risk and Cost of IT Security

Information security ROI and ROI security breach calculating are difficult to calculate at best. We have IT security cost calculation perfected to a science and happy to provide knowledge transfer all about it. Up front proof of value ROI calculation including audit checklist template and audit report template. We are IT security audit experts. As part of our security audit services we educate our clients on:
How to calculate IT security risk. Calculating ROI on information security risk. How to calculate security vulnerability cost of risk.

Contact us right up front

Let us assist you to plan and budget for your next network security audit. May we send you an IT compliance audit template ? Contact us and we'll help you scope the right sized audit for you.