Assurance Through Understanding the Security Lifestyle
A large part of assurance is knowing that the organization has taken all measures possible to protect its information. Internal audits only answer a part of the overall assurance that the security lifecycle is functioning properly and continuing to grow along with the extended enterprise. External audits often focus on revenue-generating applications, and don't focus on the overall security posture of the organization. And often, internal and external audits are developed and executed by vendors using own proprietary methodologies and processes. The results can be misinterpreted or irrelevant to the security lifecycle program that has been deployed.

Assurance Through Independent Objective Auditing
ETSec recognizes that objective, auditable, and repeatable evaluation processes are essential to assess the overall posture of the extended architecture. That is why in the beginning of the ETSec security lifecycle approach, ETSec works with clients to determine the ultimate auditing - and audited - goals of the extended enterprise. As part of the ETassure™ process, where advisable, ETSec will deploy independent auditors and agencies who are objective, and have strong certifications and affiliation with established standards bodies. If, however, previously-contracted auditing agencies have been retained by our clients, ETSec will work diligently to educate them on the specifics of the security lifecycle that has been deployed, so that common understanding of the lifecycle methodology is attained by both auditors and client management.