Our Services

IT GRC Excellence for Regulated Industries

Regulatory Compliance

We support you in implementing regulatory requirements:

  • → DORA (Digital Operational Resilience Act)
  • → MaRisk & BAIT
  • → NIS2 Directive
  • → ISO 27001 / ISMS
  • → SOX Compliance

Cybersecurity

Strengthen your information security:

  • → Security Assessments & Audits
  • → ISMS Design & Optimization
  • → Incident Response Planning
  • → Security Awareness Training

Internal Control System (ICS)

Design and testing of IT controls:

  • → IT Control Design (COSO)
  • → Effectiveness Testing
  • → SOX Compliance
  • → Audit Preparation

Third Party Risk Management

Managing outsourcing risks:

  • → Vendor Risk Assessments
  • → Cloud Exit Strategies
  • → Outsourcing Contracts
  • → ICT Service Provider Monitoring

AI Governance & EU AI Act

Responsible use of Artificial Intelligence:

  • → EU AI Act Readiness
  • → AI Risk Classification
  • → Model Risk Management
  • → AI Governance Frameworks
  • → Agentic AI, AI Copilots & AI Employees

Audit Activities

Support for internal and external audits:

  • → IT Audits & Year-End Reviews
  • → Regulatory Audits (BaFin, ECB)
  • → Audit Coordination & Support
  • → Findings Management & Remediation

Not sure where you stand?

Take our free Health-Check and get an initial assessment.

Take the Health-Check