Hmm I have been browsing the webpages of ACN and EY to try to find out what the real difference is between ACN - Security solutions and EY - Risk&Business Advisory (the security relevant parts).
ACN seem to offer help on strategic, mgmt and technical aspects of information security.
EY seem to offer help on strategic and mgmt parts of information security.
So the technical part seems to differ, but is there any people here that can give examples of typical projects and tasks that a consultant at either of the companies would perform in the security area?
Will a ACN consultant be able to choose to focus on the mgmt-parts of security or will he be forced to also configure technical infrastructure?
Will an EY consultant only step in and produce a process chart and then leave?
Well I hope I was able to some of my thoughts into understandable words, and that a lot of people will have a lot of serious information to share.