e-risc

Company

Our company name: e-risc stands for:

ERP Risk, Information Security and Compliance


What’s in a name?

We are a young and enthusiast organization with professional experience that goes back into the mid 80’s. Our team has worked for both small and midsize companies as well as fortune 500 enterprises. We have international experience, but our stronghold is in the BeNeLux.

We focus on ERP security.  Since ERP systems tie into the core of an organization’s primary processes, we think this is where the majority of an organization’s risk resides.  Luckily, we are backed up in our opinion by numerous incidents and surveys of renowned organizations.

We are a pragmatic bunch. You won’t find difficult high-level reports or pages of security measures that supersede an organizations risk appetite. We regard only what needs to be done in order to maintain your defined security posture and risk appetite level.

Our motto: 

security must be in service of the business, not vice-versa!

This is something not every security consultancy organization understands! Too often an organization ends up with a huge set of very heavy security measures that take up too much of your resources and results in only partly implemented security measures and a false sense of security without knowing where you stand. Just call us! We may surprise you!

How we work

Pragmatism!

If we had to explain our approach then that is the key word. Our focus is a pragmatic one instead of one where we strive for 100% security! Does this contradict what we try to establish? We don’t think so. A pragmatic approach leaves out all excess measures and focuses on what needs to be protected: the business!  We will assess the risk you run with your ERP system and make visible what these risks are. Next to that we will determine the level of risk you as a business owner are prepared to run and will suggest or, if you like our approach, help you to achieve and maintain this level. Does this mean we only look for a bunch of technical measures and then leave?

Of course not! But what we will do is make an inventory of what improvements can be made to lower your organization’s security posture from an ERP perspective. Both technical and organizational measures will be suggested to ensure that omissions from the past will not occur again. We help you to determine the level of risk your organization can take. Not just the loss of data or prying eyes but also important issues like compliancy against applicable regulations will be taken into account. But always with the business risk profile in the back of our minds. 

We will help you calculate the risk and will advise you on the measures that need to be taken to reach or maintain your risk appetite. Either by improving your ERP system or by improving the processes/procedures that tie into it.

And the best part: we work per project! You know when we come, when we leave and what it will cost you even before we have started working! We don’t offer consultants but solutions!