ERE Information Security Auditors
Home | Site Map | Contact Us |  Resource Center
list of IT security and compliance audit steps
ERE Differentiators from other vendors

Compliance Audit
ERE application audit

Zeal for Compliance Audits

Today’s zeal for corporate transparency, executive accountability, and the security and availability of key infrastructure utilities (power, water, fuel) also brings to the table new sources of liability and risk.  Executives are concerned, and realistically so, about potential exposures to:

  • Negative comments from their external auditors regarding compliance or security.
  • Serious compliance infractions with regard to SOX, Bill 198 or CSOX, PIPEDA, NERC CIP.
  • Risks related to email, instant messaging, and their employees’ misuse of the Internet.
  • Breaches to the confidentiality, availability, and integrity of confidential corporate information.
  • The ability to recover from a serious security incident, where time is of the essence.

Scope

The goal of ERE compliance audit report is to provide clear direction on how to come into compliance with any particular standard or regulation, and thereby reduce exposure to liability.  ERE compliance audits span the three most significant domains, which are:

The most topical compliance audit reports ERE is currently delivering relate to Sarbanes Oxley Act, Bill 198 or Canadian CSOX, NERC CIP, PIPEDA, and industry and Internet security standards such as ISO 27001 and CobiT.

Audit Report
The ERE audit report is clear, easy to understand, call to action oriented, and has directed content for both non technical executives and for the very technical operations team. 
See more
 
 
Knowledge Transfer
Extensive knowledge transfer before, during and post audit, assists the client to lever the maximum return on investment in the audit report.
See more
 
 
Audit Methodology
The ERE standardized audit methodology ensures the client’s expectations are clearly, accurately set before commencement of the audit, and that their expectations are then met by the work product of the audit report.
See more
 
 

Benefits
  • A clear audit report with specific recommendations to enhance compliance for Bill 198 or SOX with the ISACA compliance standard for SOX.
  • The ERE report always deliver clear, understandable, calls-to-action.
  • The audit report often suggests new processes that intrinsically include audit trails, which greatly pleases external financial auditors.
  • Leverage return on investment of the audit with extensive ERE knowledge transfer.
  • One stop SOX /  Bill 198 compliance and IT security audit services and training.
  • ERE impartiality and vendor neutrality provides confidence in the Board Room.

 
 
 

Contact Us

905 764 3246
 
 
  Budgetary Price Quote
  10 minute scope definition call
  ROI Calculation for your next Audit 
  Sanitized Statement of Work
  Sanitized Audit Report
  Product Literature  
  White Papers and Published Articles
   
  Please see Ron Lepofsky’s book,
The Manager’s Guide to Web Application Security,
published by Apress Media

https://www.apress.com/9781484201497

The Manager's Guide to Web Application Security is a concise, information-packed guide to application security risks every organization faces, written in plain language, with guidance on how to deal with those issues quickly and effectively.

 
ERE denial of service susceptibility audit
Home | Technology Audits | Compliance Audits | Process Audits | Doc Audit/Authorship| | 7x24 Monitoring | Knowledge Transfer
ERE Differentiators | About Us | Site map | Contact Us | |   | Resource Center
Copyrights © 2007-2008. All rights reserved.  

   AddThis Social Bookmark Button