Welcome to your consulting company

Business Strategy Consulting

ES implements Strategy Management Systems in different sectors and organizations, with on site delivery experience and certified staff, mainly in Latin America and the Caribbean. Successful implementation of the Execution Premium Process Methodology in sectors such as energy, mining, finance, military, services among others. ES partners with ESM Software, to deliver succesful strategy projects, using the best of the breed in strategy software. The only strategy software built by the creators of the Balanced Scorecard, Drs. Robert S. Kaplan and David P. Norton.


ES delivers Cybersecurity services and solutions to organizations. If the organization is facing a security challenge, a compliance requirement or taking proactive measures ES can provide custom solutions and services to successfully achieve the goals. In today’s technology dependant world, executives and managers can’t afford to be held back by cyber threats. They need to make quick decisions and feel confident that their cyber strategy, defenses and recovery capabilities are up to their business operations needs.

Information Security

Using international standards and best practices ES helps organizations to comply with information security requirements. Information Security refers to the processes and methodologies which are designed and implemented to protect print, electronic, or any other form of confidential, private and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, modification, or disruption. Experience, background and certifications of ES Staff play a huge role in reducing compliance time to the minimum in organizations.

Products and Partners


SIEM and Threat Intelligence


Malware Response


HSM - Data Tokenization and Masking - Data Encryption - Digital Signature - PKI Key Management


Information Security Training - Ethical Hacking Certifications - Training Center


Vulnerability Management - Priviledged Access Management - Windows Auditing and Security


Balanced Scorecard Software - Business Strategy Software

ES Consulting Services

Security Testing PT/VA

Pentesting and Vulnerability Assessment for Network Infrastructure, Operative Systems, Web/Mobile Applications, ATM Infrastructure and WiFi Networks. Certified consultants and ethical hackers perform manual and automated tests, always using methodologies and standards such as OSSTMM, OWASP and NIST. Testing security controls from physical security to Social Engineering, providing visibility and mitigation tasks. Some tests may include Code Analysis.

PCI-DSS Consulting

Credit Card Payment Industry became one of the prime targets of hackers and cyber threats. ES provides consulting and solutions for PCI-DSS compliance requirements. The PCI Standard is mandated by the card brands and administered by the Payment Card Industry Security Standards Council. The standard was created to increase controls around cardholder data to reduce credit card fraud. Validation of compliance is performed annually.

Information Security Risk Evaluation

Information security risk assessment is an on-going process of discovering, correcting and preventing security problems. The risk assessment is an integral part of a risk management process designed to provide appropriate levels of security for information systems. Risk assessment will help each organization to determine the acceptable quantitative level of risk and the resulting security requirements for their processes and areas. Risk Analysis is done using ISO27005.

ISO/IEC 27001

ISO/IEC 27001 is an information security standard, part of the ISO/IEC 27000 family of standards. ISO/IEC 27001 specifies a management system that is intended to bring information security under management control and gives specific requirements. Organizations that meet the requirements may be certified by an accredited certification body following successful completion of an audit. Note that ISO27001 is designed to cover much more than just IT, it covers other areas of the organization such as Human Resources, Supply Management, Physical Security among others. ISO27001 gives an holistic approach to Information Security.

Business Continuity ISO/IEC 22301

Business continuity is the planning and preparation of a company to make sure it overcomes serious incidents or disasters and resumes its normal operations within a reasonably short period. This concept includes the following three key elements: Resilience, Recovery and Contingency. ISO 22301 is a management system standard that specifies requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise.

ISO/IEC 20000

ISO/IEC 20000 is the first international standard for IT service management. Formally: ISO/IEC 20000-1:2011 includes "the design, transition, delivery and improvement of services that fulfill service requirements and provide value for both the customer and the service provider. This part of ISO/IEC 20000 requires an integrated process approach when the service provider plans, establishes, implements, operates, monitors, reviews, maintains and improves a service management system. ISO/IEC 20000, like its BS 15000 predecessor, was originally developed to reflect best practice guidance contained within the ITIL framework, but includes another.

NIST CyberSecurity Framework

Risk management is the ongoing process of identifying, assessing, and responding to risk. To manage risk, organizations should understand the likelihood that an event will occur and the potential resulting impacts. With this information, organizations can determine the acceptable level of risk for achieving their organizational objectives and can express this as their risk tolerance. With an understanding of risk tolerance, organizations can prioritize cybersecurity activities, enabling organizations to make informed decisions about cybersecurity expenditures.

Staff Training and Security Awareness

Information Security and Cyber Security Certified Training:

  • ISO/IEC 27001 Certified Lead Auditor
  • Ethical Hacking
  • Digital Forensics
  • PCI-DSS Training
  • Secure Coding and Development
  • Risk Management and Assessment
  • Security Awareness Training
  • InfoSec360 Security Maturity Model

    Information and Cybersecurity requirements and needs change between organizations, depending on the sector and size. InfoSec360 is a model that allows organizations from all sizes and sectors to introduce and reinforce information and cybersecurity controls to their processes and areas. ES performs several activities depending on the information security maturity in the organization, in order to identify and protect information assets. Reducing cybersecurity risks by delivering information and visibility.

    Why Choose Us

    Certified team members with international experience:

    Members of the ISO/IEC JTC 1/SC 27/WG 1 the committee where ISO27001 is created.

    OWASP Guatemala Chapter President on the Team Lead

    ISOC Cybersecurity Sig Members

    Team Certifications: CISSP, CCNA, OPST, CISA, ISO27001 Lead Auditors, ISO20000, CISM, ISO27005, ISO22301, CCSA, CCSE, ITIL, Ethical Hacking, Forensics, PMP, among others.

    Countries with successful deliverd projects: Guatemala, El Salvador, Mexico, USA, Colombia, Panama, Nicaragua, Peru, Brasil, Argentina, Uruguay, Ecuador, Dominican Republic, Bolivia.

    Project Management in all projects and services.


    Happy clients


    Awards won


    Cups of Coffee


    Projects completed


    Certification Audit Hours


    Hosts Scanned


    Customers Standard Certified


    Team Certifications

    Get in touch


    +502 2375-7765


    Vía 4 1-00 Zona 4, Edificio Tec 2 Oficina 1001 Guatemala City, Guatemala. 01004