Definition and strategic planning

Organization, process engineering

Technological surveillance

Services catalog

Procurement strategies

Contractual modeling

Monitoring and performance dashboards


Risk Management


Risk analysis, impact analysis, audits

Security and continuity policies and guidelines

Continuity procedures and plans, crisis management

Security strategies

Implementation of security measures

Training and awareness

Risk and security indicators




Assessments of normative, regulatory or legal compliance

ISO 9001, ISO 27001, ISO 22301, ISO 20000-1 standards

Compliance FINMA, LPD, GDPR, data protection laws & regulations

Quality, Information Security, Business Continuity Management Systems

Compliance indicators


Support strategic planning

by establishing a continuous process of design and implementation of corporate decisions on governance, security, information systems, compliance


Optimize organizational structures, and define roles and responsibilities

by business processes engineering, design and implementation of structures that meet strategic needs, services alignment and human resources incentive mechanisms


Analyse and manage risks and impacts

through audits, threat and vulnerabilities identification, risk qualification, assessing business impacts and proposition of risk treatment measures


Develop skills & competencies

including educating employees on the principles and rules in relation to management and operation of information systems, business continuity, security and quality (BCI Good Practices Guidelines, ISO 27001, ISO 22301, ISO 20000, ISO 9001)


Assess compliance and present gap analysis

through compliance audits, definition of indicators, development and implementation of compliance dashboards


Enforce asset management

by establishing inventories and monitoring systems of information assets, tangible or intangible; definition of deployment, use, maintenance and disposal rules


Establish incident management

by designing and implementing the organization and processes for identification, analysis and treatment of information security and business continuity incidents


Manage business continuity

through the design and implementation of a framework (organization and process) necessary for the prevention, response (crisis management) and recovery in case of disaster


Support implementation of management systems

by designing the organization, policies and guidelines for achieving quality objectives (ISO 9001), information security objectives (ISO 27001), business continuity objectives (ISO 22301), services management objectives (ISO 20000-1), or environmental objectives (ISO 14001)


Maintain legal and regulatory compliance

by establishing the organization and measures required for regulatory and legal surveillance and compliance (FINMA, LPD, GDPR, data protection international laws and regulations)


Evaluate and select service providers and manage the relationship

by preparing and managing requests for proposals and the formalization of suppliers / customers relationship models, definition of service level agreements and contractual management


Identify opportunities to improve operational efficiency

by supply chain optimization and process reengineering


Assess and rescue projects in crisis

by clarifying requirements, redefining the project charter, the planning and the resources as well as governance model and staffing adjustments


Support change management

Support change management through a communication plan, impact analysis, training and awareness campaigns