Services

Get expertise without full-time hire.

Fractional, project-based or retained. We lead ICT and security programmes, get you DORA-ready, and stay accountable for the outcome.

◈

Fractional CIO / CISO

Interim or ongoing executive leadership for technology and security — accountable for outcomes, not just advice.

→Board & executive reporting

→Security & ICT strategy

→Programme & vendor oversight

→Budget & governance

◉

DORA & Regulatory Compliance

A clear path to digital operational resilience — assessed, documented and regulator-ready.

→Gap assessment vs DORA pillars

→Register of Information

→ICT risk management framework

→Resilience testing & evidence

⛉

ICT Security

Pragmatic security that fits your size and risk — from strategy through to the technical controls.

→Security strategy & roadmap

→Controls & architecture review

→Vulnerability & threat management

→Identity, access & cloud security

◑

ICT Risk & Governance

The frameworks, policies and reporting that stand up to a board and a supervisor.

→Risk framework & appetite

→Policies & standards

→Control testing

→Board & committee reporting

▦

Third-Party & Supply Chain Risk

ICT third-party risk management aligned to DORA’s outsourcing and concentration requirements.

→TPRM aligned to Art. 28–30

→Critical-function mapping

→Contract & exit assessment

→Concentration risk

◆

Incident Response Readiness

Be ready before the incident — classification, playbooks and rehearsed response.

→Incident classification & reporting

→Playbooks & runbooks

→Tabletop exercises

→Post-incident review

▲

Training & Awareness

Build regulatory and security fluency across the people who carry the obligations.

→DORA & resilience training

→Security awareness

→Board & exec briefings

→Role-based upskilling

Not sure which engagement fits?

Most clients start with a short DORA or ICT-security gap assessment, then scope a fractional or project engagement from there.

Book a consultation