Samples from portfolio

2019	Internal audit	Review of international logistics' company for compliance and efficiency, incl IT (and pen-testing), accounting, legal. Fieldwork in 6 countries. 50+ recommendations
2019	Training	IT audit training for local IIA chapter
2020	Consultation	Business strategy review and improvement for an institution in telecommunication sector.
2020	IT audit	Review of medical sector's institution's IT development compliance with EU regulations. Fieldwork in 4 different companies (pharmacies, wholesalers).
2020	Internal audit	Review of electrical utility's continuity plan compliance with regulations. 50+ recommendations.
2021	IT audit	Review of water utility's compliance with ISO 27001 requirements. 10+ recommendations
2021	Risk analysis	Creation of hospital IT risk registry in compliance with E-ITS (ISO 27001 derivate for Estonia). Mapping of ca 800 risks, 250+ recommendations.
2021	IT audit	Review of telecommunication company's state of play with Cyber Risks handling and SecDevOp process. 5+ recommendations.
2021	Internal audit	Assessment for financial sector's company on IT Risk Management and IT Operations Management for alignment with risk appetite, compliance with regulations and efficiency of IT activities. 10+ recommendations.
2022	Due Diligence	IT due diligence for a take-over candidate - big retail.
2022	Consultation	IT governance for a complex institution in academic sector: governance system (roles, structures), strategy and policies development from scratch, inclusion of ISO 27001 principles.
2022	Data analysis	Data analysis for EU sponsored cultural sector's survey (Estonian part).
2022	Consultation	IT strategy &governance (incl organogram) to support execution of Digital Strategy for a financial institution in Pakistan.*subcontracted
2022	Consultation	Business strategy facilitation for a major public company (methodology, workshops, writing).
2023	Data analysis	Structural Funds (CF, ESF) 2014-2020 investments' performance analysis for European Commission.
2023	Risk analysis	Facility's cybersecurity risk analysis for a major utility in frames of IEC 61511 certification (cyber HAZOP (IEC 62443-2-1) - interviews, analysis, workshops, risk registry).
2023	Consultation	FMI contingency plans & strategy for a major bank for ECB compliance.
2023	IT audit	Comprehensive cybersecurity maturity assessment for a major company.
2023	IT consulting	ISMS implementation for a public institution for E-ITS compliance (ISO 27001 derivate for Estonia) - risk assessments (workshops), writing.
2024	Due Diligence	IT due diligence for a take-over candidate - IT service company.
2024	Risk Management	ISO 27005 based risk management implementation for a major government institution - methodology, proof of concept, training, risk assessment workshops.
2024	IT audit	Post-acquisition IT maturity assessment audit of an Internet technology company for a foreign buyer.
2024	IT consulting	ISO 27001 implementation support for government owned internet technology company - documentation preparation & risk assessment support.
2024	IT consulting	E-ITS (ISO 27001 derivate) implementation support for ministry and its 3 subordinate establishments - governance, documentation preparation, risk assessments and related trainings.
2025	IT consulting	ISO 27001 implementation support for a major data-intensive government institution - documentation preparation and process development support.
2025	IT consulting	Holistic IT review project for a known regional post-startup company - general support incl enterprise architecture, solutions, priorities, roadmap.
2025	IT audit	E-ITS compliance lead auditor for a financial institution - 3y audit cycle.
2025	IT audit	DORA/EBA compliance audit regarding logging and monitoring activities for a major bank.
2025	IT audit	E-ITS compliance lead auditor for a network of 4 hospitals - 3y audit cycle.
2025	IT training	E-ITS auditing 2-day training for internal auditors of a ministry.
2025	IT audit	E-ITS compliance lead auditor for a ministry and its subordinate 3 agencies - 3y audit cycle.
2025	IT audit	E-ITS compliance lead auditor for a ministry and its subordinate 9 agencies - 3y audit cycle.
2025	IT audit	E-ITS compliance lead auditor for a ministry and its subordinate agency - 3y audit cycle.
2025	ISO 27001	Re-certification audit with Metrosert for a major infrastructure company.
2025	IT consulting	IT risk assessment for a major construction company.
2025	Internal audit	Audit partner services for an international audit service company's local office.
2026	ISO 27001	Certification audit with Metrosert for a local medical emergency service provider.
2026	IT audit	DORA "significant event" term logging compliance for selected AWS/on-prem applications for a major bank.

Samples from portfolio

Address

Contacts

Links