This text is replaced by the Flash movie.

ERE Information Security Auditors

ERE IT security auditors are information security compliance auditors and risk security auditors that serve large and medium organizations across Canada, US, and Europe since 2000. The ERE IT security auditor team has built client loyalty based upon the expertise of our certified security experts and upon our impartiality. ERE Security sells no hardware or software whatsoever. As IS security auditors, we strictly provide information security auditing, IT security compliance audit and information systems continuous monitoring service (NIST).

We do cyber security auditing, 7 24 IT security auditing, 24x7 IT security monitoring and 7 24 security compliance audits to augment managing risk.

As an adjunct to being information IT compliance auditors we provide privacy compliance audit services including, PIPEDA compliance audits, and PIPEDA consulting.

We Identify Vulnerabilities that Others Miss

Our single focus is our practice as IT security auditors. Our scope is the security triad of people, IT technology and systems. We can be your next:
Security auditor and web security auditor. IT security auditors and application security assessment provider. Application audit and database security specialist. IT compliance audit experts. NERC SCADA CIP - NERC CIP compliance and NERC audit checklist, NERC CIP compliant validation auditor. Application penetration testing and network penetration testing expert. Penetration testing specialist. SOX compliant and C-sox compliance checklist. IT security policy consulting and disaster recovery planning. 7/24 IT security monitoring service which identifies IT security vulnerabilities in real time, including NERC file integrity monitoring.

Front Burner Security Concerns

Web facing application auditing, web portal application auditing and related database security for web facing apps. Exploitable Software Vulnerabilities – We do penetration testing as part of an industry standard computer audit. Insider security vulnerabilities and employee Internet abuse – As data loss prevention vendors, we identify dangerous traffic. File integrity monitoring comparison. Poorly trained users – We train users Data leaks and data leak prevention – As data leak prevention vendors, We find the leaks others miss Privacy audits and privacy audit checklist. Cyber security auditing for managing risk with our IT compliance audit services and business cases for calculating IT security risk and the ROI on costs of IT security mitigation. Updating / authoring security policy and procedures and presenting to management a business case for security and compliance cost justification.

IT Security Compliance Audit Services

Security Compliance Auditors NERC CIP version 4 - certification opinion letter for NERC CIP version 4, CIP standards version 4, audit plan for NERC CIP 02 – 09, NERC audit checklist. SOX - SOX compliance Canada, C-SOX compliance audit, Bill 198 security audit. Privacy audit -RCMP / CSE TRA, privacy harmonized TRA, PIPEDA, GLBA, HIPAA and HIPAA Canada. Security standards and frameworks ISO 27000 compliance, COBIT compliance, ITIL compliance. IT audit checklist - including specific CSOX compliance audit ensuring SOX compliant 3rd party audit scorecard. Audit report template available for compliance. IT Security GRC consulting . 7x24 Auditing / Compliance Verification. Security risk auditors and analysis – Cyber security auditing for managing risk. Correlate business and technical risks for every critical asset.

Techie Talk

As security compliance auditors we show in our audit reports technical evidence of all vulnerabilities. Our highly technical evaluation steps include: External vulnerability assessment. Employee Internet abuse assessment. Web facing application audit. Web application audit. Network architecture audit. Information systems continuous monitoring. Server hardening audit. Wireless audit. Data leak prevention vendors. Firewall and VPN rule audit. IDS / IPS rule configuration audit. Physical security audit and physical network diagram analysis. Authentication / access controls audit. Compliance control points violations audit. End – user practices audit. IT Policy control points and procedures review. Separation of duties review. IT security policy and procedures review. 3rd party outsourcing separation of duties and due diligence review.
Why Choose ERE Security

We are a widely trusted cyber security testing specialist in Canada. We are a widely trusted cyber security testing specialist in USA. IT security knowledge transfer – we provide a fully transparent post audit presentation and Q&A session. Our IT compliance audit service identifies vulnerabilities and compliance violations that others miss. You can rely on a security auditor of the highest Caliber, with CISSP, CISM, and many other industry certifications. Expertise with 75+ IT security audit topics. Objective, impartial web security auditors and network security auditors. Boutique, highly tuned 24x7 IT security auditing and 7 24 IT security monitoring services. Transparency – we clearly articulate our computer security compliance audit procedures and our IT security audit methodology. We quickly create user-updatable documentation: IT security procedures, IT security policy and procedures, DRP, security training. Up front proof of value ROI calculation including audit checklist template and audit report template. An excellent reputation and many satisfied clients. One stop for training and other information security services.

Contact us right up front

Let us assist you to plan and budget for your next network security audit. May we send you an IT compliance audit template ? Contact us and we'll help you scope the right sized audit for you.