ERS Consultancy is an ISO Management System Consultancy specialising in Cyber Security,

Security Testing, ISO Standards, ISO Training and Compliance.

We offer a diverse portfolio of services including training & certification, penetration testing,
ISO consultancy and risk management support.

Cyber Security
Security Threat Assessment - ERS Consultancy
Threat assessment is the process of understanding and identifying the critical information and
cyber security threats which could impact your organisation’s information assets. ERS can help
review and understand your organisation’s threat profile by closely working with your teams
and understanding your day-to-day operations.

Chief Information Security Officer Services (CISO)

The Outsourced Chief Information Security Officer (CISO) as a Service is designed to assist you
in developing and maintaining a long-term sustainable strategy for information assurance and
security within your organisation, in a cost-effective manner.

What benefits does this service provide?

 Senior management presence in the organisation with regards to Information Security

 Development of information security maturity model with a long-term plan of
embedding security best practices and performing continual improvement activities.
 Advice and counsel to management on budget and resourcing requirements for security
activities.
 Costing savings as there is no need to hire full-time employees.
Cyber Security Services UK
Turn to the experts at ERS to evaluate the maturity of your cyber security stance and discover
gaps that could pose a threat and identify opportunities for improvement that would
strengthen your Cyber Security Posture Contact us today for your needs.
Security Testing
An insecure developed or managed application could enable a malicious third party or an
attacker to gain unauthorised access, compromise application functionality or steal sensitive
user data. An authorised phishing exercise providing assurance around both the people and
technical measures. A proactive approach to understanding your infrastructure threats and
vulnerabilities

Cloud Security
Our Cloud security service consists of a set of policies, controls, procedures and technologies
that work together to protect cloud-based systems, data and infrastructure. These security
measures are used to protect data, support regulatory compliance and protect customers'
privacy as well as setting authentication rules for individual users and devices. Because these
rules can be configured and managed in one place, administration overheads are reduced and
IT teams empowered to focus on other areas of the business.

Penetration Testing
A penetration test, commonly known as pentest, is a test carried out on computer systems to
identify security weaknesses and potentially obtaining access to the computer’s information
and data. A penetration test is an information security assessment which simulates an attack
against an organization’s IT assets

When should you consider undertaking a pentest:

With an increasing number of cyber-attacks and constantly evolving threats, it’s recommended
that all organisations undertake regular penetration testing at least once a year.

The following are some example trigger points for arranging a pentest:

 Any significant changes to company infrastructure, network or systems

 Launching new IT products and services
 Undergoing a business merger or acquisition
 Preparing for compliance with data security standards
 Utilising and/or developing custom applications

ISO Standards and Academy Training

1. ISO 9001 Internal Auditor Training - ERS Consultancy provides a wide range of internal
auditor training and workshop sessions including ISO 14001. Our professional and experienced
trainer support you through your journey to become an effective internal auditor. Our internal
auditor courses can optimize the auditing skills and enhance audit capabilities of internal
auditors.

2. ISO Standards Certification - At ERS Consultancy, we assist businesses with

implementation, auditing and consultancy with various international standards including ISO
9001, 14001, 45001, 27001, 22301, 31000, BS 10008, etc. We offer a diverse portfolio of
services including security training & consultancy, penetration testing, ISO consultancy and risk
management.

3. Cyber Security Services UK - Turn to the experts at ERS to evaluate the maturity of your
cyber security. We offer cyber security services to discover the gaps that could pose a threat
and identify opportunities that can strengthen your Cyber Security Posture. Contact us today
for your needs.

4. ISO 9001 Consultants LONDON - Become ISO certified by working with the best ISO
9001 consultants in London. ERS offers a tailored approach to support FTSE Clients and SMEs.
We provide the best practices within quality and information security to help companies
manage their quality and information security issues.

5. ISO Training Services - ERS Consultancy offers a wide range of services including security
training & certification, ISO consultancy, risk management and penetration testing. We are
certified to the latest ISO 27001 standard. Our professional trainers will support you through
the journey to become ISO trained or UKAS certified.

Compliance
ERS Consultancy Ltd provide a variety of compliance services covering the following areas:

Cyber Essentials
Providing consultancy support to help your business achieve cyber essentials or cyber
essentials plus.
GDPR General Data Protection Regulation
ERS can help your organisation meet the GDPR requirements and protecting you from
prosecutions
NIS Directive
ERS can help with your Network and Information Systems providing the backbone in
supporting essential services.
SOC 2
We can audit against SOC 2 ensuring your service providers securely manage your data.
Supply Chain Audits
Who secure are you if your supply chain fails? ERS can Support by auditing your supply chain.
ISMS Audits
Providing an independent audit of your Information Security.
ERS Consultancy is an ISO management system consultancy specialising in Information Security
and Quality offering a diverse portfolio of services including training & certification,
penetration testing, ISO consultancy and risk management

ERS can provide foundation awareness training and help your internal auditor skills, managed
services, security assessments, test and protect your vulnerabilities and train you to be
digitally safe