Our services

Services. Comprehensively.

Legal expertise and IT competence in one specialist.

01

Risk Management⏱ ~2–4 weeks to gap analysis

We build and manage your GRC programme from start to finish.

  • Enterprise Risk Management (ERM) systems — design and implementation
  • ISO 31000 / ISO 27005 implementation
  • Risk analysis, risk registers and developing risk culture
  • COSO ERM, NIST RMF, FAIR, COBIT, OCTAVE frameworks
Output: A functioning GRC programme you can present to auditors, clients and the board.
→ Book a free 30-min consultation
03

Cybersecurity and Threat Analysis⏱ ~2–3 weeks to report

You don't know who is targeting you, how they do it, or what data is at risk.

We analyse your threat landscape and strengthen your defence mechanisms.

  • ISA/IEC 62443 — industrial automation and control systems cybersecurity
  • Threat analysis and attack surface mapping
  • OSINT-based investigations and vulnerability assessments
  • Incident response procedures
Output: A clear overview of your threat landscape, documented defence measures, and a corresponding action plan.
→ Book a free 30-min consultation
04

Training and Awareness⏱ 1 day to training session

Your employees are your biggest security risk — not out of malice, but because no one taught them how to recognize threats.

We train your team to recognize and thwart modern attacks.

  • Anti-social engineering training (B2B)
  • Advanced cybersecurity training for management and staff
  • RED TEAM: social engineering training and consulting (trade secret protection)
Output: A team that recognizes attacks before they cause damage.
→ Book a free 30-min consultation
05

Data Processing Policy⏱ 2–3 working days

Every Estonian company that handles personal data needs this document. Most don’t have it — and the board is personally liable for that gap.

A GDPR Article 30‑compliant Records of Processing Activities (RoPA) document, drafted for your specific business.

  • Mapping of all personal data processing activities across your organisation
  • Legal basis, retention periods and data categories documented per processing activity
  • Third‑party processor relationships identified and recorded
  • Compliant with GDPR Art. 30 and Estonian DPA requirements
  • Ready for immediate use — no further formatting or legal review needed
€ 500 + VAT · fixed price
Deliverable: A complete, board‑signable RoPA document that satisfies GDPR Art. 30 obligations from the day of delivery.
→ Book a free 30‑min consultation

Separate service line

Google Workspace Solutions

Work environment, email and IT infrastructure — separate packages. View GWS packages →

Book your free 30-min board liability call
Prices

Pricing Overview

All prices exclude VAT. Exact pricing depends on company size and scope.

ServiceFrom
Google Workspace migration + full setup€ 999
GDPR GAP analysis assessment + report€ 1,500
ISO 27001 readiness audit€ 3,500
NIS2 compliance audit€ 4,000
DORA GAP analysis€ 5,500
Social engineering training (group up to 20)€ 1,200
Data processing policy (GDPR Art. 30 compliant)€ 500

* Prices exclude VAT. Exact pricing depends on company size. Every new client starts with a free 30-minute discovery call.