Impartial and Vendor Neutral

• ERE Security Auditing only engages in auditing. ERE does not sell any technology or software whatsoever. ERE does not sell audits at a discount in order to lever sales of hardware and software.
• We offer a free tool to assist in the objective evaluation of potential auditors.
  

Confidentiality and Discretion
ERE Security Auditing provides complete discretion and confidentiality. We always offer upfront a bilateral non-disclosure agreement to each perspective client.

Core of Auditing and IT Risk Evaluation
Since ERE Security Auditing engages only in security and privacy compliance auditing and IT Risk evaluation, our team of security experts are 100% focused on our core.

Clear Expectations – Security Audit Checklist
Our proposals contains a fixed price quotation, a detailed statement of work, time and deliverables work flow, a security audit checklist, items out of scope, and a sample audit report.

Executive IT Risk Summary
Each audit report includes a:

• Non-technical executive summary and a correlation of IT risk with potential downside costs.
• Pro-forma business case to cost justify the recommendations of the audit report, including a correlation of risk to cost.

Clarity

• Each ERE Security Auditing report includes an audit checklist, with a correlation of compliance standard / threats / vulnerabilities / compliance violations, triaged risk level, and recommended mitigation steps.
• ERE Security Auditing provides a post audit conference for knowledge transfer and to answer all questions.
• We encourage our clients to watch over our auditors’ shoulders during on site audits and to ask our auditors questions.
• We disclose all our methodologies and audit tools with clients.

Wide Scope of Offerings

• IT Security Governance consulting.
• Privacy and security consulting and documentation services.
• Unique 7x24 Security and Privacy Compliance Monitoring.
• Periodic audits.
• Security and privacy compliance audits.