For Small and Medium Enterprises (SME's).
Every organization faces unique threats and vulnerabilities. Standard solutions often fail to manage specific risks effectively. Through custom implementation I deliver GAP analysis, risk assessments, training and audit preps. I am a Barcelona-based Security Officer.
Security without strategy fails. We ensure your ISMS integrates with corporate objectives, governance frameworks, and operational reality. Alignment drives adoption and effectiveness.
Physical access, personnel protocols, vendor management, information security spans the entire organisation. We take a 360° view to close gaps traditional IT-only approaches miss.
Gap analysis identifies where you stand. We prepare documentation, evidence trails, and control evidence to meet ISO 27001:2013 and ISO 27701:2025 audit standards.
One-size-fits-all frameworks fail. We adopt international standards but customise controls, policies, and processes to match your industry, risk appetite, and organisational culture.
Your team must understand security to sustain it. We provide awareness training, risk workshops, control design sessions and strategic planning support, thus building internal expertise.
Full ISMS implementation or fractional Security Officer role. Ad-hoc consultancy or on-site oversight. Choose the model that fits your timeline and budget.
Short, practical posts on ISO 27001/27701, GDPR, NIS2 and real-world security challenges for 50–500 FTE organisations.
A practical look at resourcing, ownership and scope creep, based on recent implementation work with EU tech companies.
How to make a PIMS to support GDPR and existing privacy processes instead of becoming another parallel framework.
When new posts are live, titles will link to full articles.
Briefly describe your organisation (size, sector) and what you need help with. We will respond within one business day.
Prefer email? Contact: guido@vroeff.nl · Barcelona