+41 62 297 12 12


IAM Identity and Access Management Excellence

Our consulting areas

We are experts in the following areas:


We create 360° audits of the ACTUAL situation of your IT infrastructure and an implementation roadmap.



Let our specialized security consulting team assist you.



We define the risk indicators and create the link between strategy and risk management.



We support you in the development of your IT strategy in coordination with the various business units.



We create role models, a situation analysis and risk reporting for the administration of users and their rights.



What does data protection mean exactly?
We are specialists in GDPR and personal data and information.

360° IT Review – proven procedure for an all-round view

Review & Audit

With our proven 360° IT Review, we assess the ACTUAL situation of your IT infrastructure in all relevant areas and create the associated implementation roadmap in a vendor-neutral manner with a holistic 360° all-round view from the outside.

Our approach and working methods are based both on standardized and established procedures, but above all on our best practices, trends and the extensive experience of our IT experts.

Confidentiality / Integrity / Availability

Information Security

We specialize in providing information security and risk management services. Our security consulting team consists of a number of highly skilled, highly motivated and extremely dedicated security specialists whose goal is to provide value-added risk consulting services to our clients.

With our security assessment, management and training services, we can assess and mitigate the risks that put our clients’ data and information at risk and impact your mission-critical processes and image.

We can also help you implement the right security processes and procedures to seamlessly and efficiently improve your security posture without disrupting your day-to-day business.

Identifying risks early and systematically

Risk Management

For risk management, the corporate strategy and other internal and external guidelines of the organization are elementary for determining the criteria for risk classification and assessment according to the Enterprise Risk Management (ERM) approach:

Enterprise Risk Management Approach:

– Corporate risks (leadership, organization, processes, finance, human resources, IT, etc. )
– Compliance / GRC / ICS
– Technical risks
– Project risks
– Software risks

We support you in defining the strategic risk indicators (risk policy, risk catalog) and create the link between strategy and operational risk management. (Top Down Approach)

On the road to success with an IT strategy

Strategy & Architecture Consulting

The goal is to describe how IT should be aligned in order to optimally support the specified business requirements / business objectives. Subsequently, implementable measures and a roadmap are defined.

We support you in the development of your IT strategy by jointly:

– Conduct an IT site assessment to identify the starting point, the need for action and possible restrictions
– derive the vision and mission, goals and measures of IT
– Identify relevant IT trends and technological requirements

– work out and evaluate different options for action
– design your IT strategy in coordination with the business units
– create target and action roadmaps as a basis for investment and as a planning basis for IT controlling

Secure access management and control


With the introduction of RBAC, a more cost-effective and simpler administration of users and their rights is achieved on the one hand. Much more important, however, is the clear assignment of roles with regard to compliance requirements such as segregation of duties or authorization certifications. For automatic provisioning in an IAM system, role creation according to RBAC is mandatory. It is so central that we see the development of an RBAC-oriented role model as a guarantee for an efficient Identity & Access Management system.

– Show role mining potential
– Conduct situation analysis bottom-up
– Identify and evaluate sources, develop recommendation
– Analyze existing employee authorizations and authorization processes (entry, exit, change) for roles and accounts
– Risk and vulnerability reporting
– Introduce best practices and suggestions for improvement

– Creation of the role model
– Role validation
– Assignment of rights to business roles
– Development of Entitlements for the
automatic assignment of rights
– Role Reeingineering – Role Life Cycle

On the road to success with an IT strategy


Under the new requirements of the GDPR, personal data is information that relates to an identified or identifiable individual; for example, a name, a photograph, an email address, bank account details, location details, medical information, or a computer IP address.

So imagine a Swiss company, e.g. a bookseller, who in addition to his store in the center of any city in Switzerland also offers an online store. Customers – from another European country – order books via this online store. Thus, the bookseller is obliged to comply with and implement the requirements of the GDPR.

Inform yourself! What does data protection mean exactly? Which processes and procedures are affected? Get advice and support from specialists who focus on the topic of data protection and information security.

We will be happy to provide you with our “GDPR Checklist” upon request.

Contact us!

Are you interested in our areas of expertise, do you need advice or do you have a specific goal in mind? Contact us for a non-binding conversation!