Define your GRC consulting needs.

We start with an as-is assessment and build structures step by step.

Initial processes or documents exist, but no complete management system.

The system runs, but needs to become more structured, evidence-ready, or audit-ready.

An existing certification should be extended, maintained, or re-certified.

You’re not sure where you stand. We start with an inventory.

Critical infrastructure, public sector, BSI-relevant.

Bank, insurance, financial-services provider with additional supervisory duties.

Manufacturing, engineering, automotive, machinery. Often with OT components.

Mid-market company, IT, software, or service provider.

Describe your industry in the notes field at the end.

Small business, startup, small agency.

Classic mid-market with its own IT organization.

Multiple locations or business units, often with a compliance function.

Group, agency, or large organization with division and subsidiary structures.

A specific event, audit, contractual obligation, or regulatory deadline is coming.

Planned project slot. Enough time for a structured build-up.

Multi-stage program, often in parallel with ongoing business operations.

Multi-year build-up / continuous support.