ERE Information Security Auditors
Home | Site Map | Contact Us |  Resource Center
list of IT security and compliance audit steps
ERE Differentiators from other vendors

IT Security Services: Documentation and Authorship

ERE remote access audit

Maintaining up-to-date IT security policies and procedures, with special emphasis on IT security procedures are crucial to managing risk.  A current IT security policy document is the basis for being able to enforce policy and to foster meaningful, actionable security procedures.

As part of our it security services offering, our CISSP certified IT security auditors write IT security policies and procedures, as well all other security related documents, tailored to each specific client's needs. Our documentation is what we call “living documents”; they are written simply and in a manner to encourage constant client updating. Typically we create the documents is spread sheet format and are well indexed, so they can be easily used, referenced, cross referenced with other client security documents, and again are easily kept up-to-date by the client. We set our clients expectations clearly by providing deliverable checklists and templates such as:

  • IT security policy checklist.
  • IT security audit template.
  • IT security policy including compliance template.
  • IT security policy Canada template.
  • IT security audit program template.

See more

Topics In Demand

  • Business Continuity Plan.
  • Disaster Recover Plan.
  • Gap Analysis.
  • Governance Model.
  • Internet Security Policy.
  • Privacy Policy.
  • Risk Analysis.
  • IT Security Plan as an adjunct to Governance and to the IT security document.
  • IT Security Policy document.
  • Training.
  • Installation, implementation information security services.

Information Security Consulting Experts who Listen to our Clients

As part of our methodology for writing security policies and procedures, our information security consulting experts interview various group members within an organization, including end users, IT operations and IT security staff, and members of the executive team. We also read all existing client documentation and the most recent information security audits.

ERE server hardening audit


  • Clear policy and planning documentation provides actionable direction.
  • Actionable direction paves the way for uniformly enforcing policy.
  • Uniformly enforcing policy minimizes liability and reduces the chance of problems ever occurring.
  • Peace of mind – our recovery and response plans minimize downtime.
  • The policy document suggests new processes that intrinsically include audit trails, which greatly pleases external financial auditors.
  • One stop for audit, authorship and training.
  • ERE impartiality and vendor neutrality provides confidence in the Board Room.

Contact Us Right Up Front

Let us assist you with security policies and procedures. May we send you an IT policy checklist and IT procedures checklist today?. Contact us and we'll help you get documentation off your to-do list.


Contact Us

905 764 3246

  Budgetary Price Quote
  10 minute scope definition call
  ROI Calculation for your next Audit 
  Sanitized Statement of Work
  Sanitized Audit Report
  Product Literature  
  White Papers and Published Articles
  Please see Ron Lepofsky’s book,
The Manager’s Guide to Web Application Security,
published by Apress Media

The Manager's Guide to Web Application Security is a concise, information-packed guide to application security risks every organization faces, written in plain language, with guidance on how to deal with those issues quickly and effectively.

ERE web site security audit
Home | Technology Audits | Compliance Audits | Process Audits | Doc Audit/Authorship| | 7x24 Monitoring | Knowledge Transfer
ERE Differentiators | About Us | Site map | Contact Us | |   | Resource Center
Copyrights © 2007-2008. All rights reserved.  

   AddThis Social Bookmark Button