Common questions, straight answers.

A fixed-fee diagnostic with a defined scope. I look at your current posture against your target framework or problem (ISO 27001, SOC 2, NIS2, cloud cost drift, AI governance, EU AI Act deployer gap analysis), identify the gaps, and deliver a prioritised 90-day roadmap. Each assessment takes 5-10 business days. At the end, you have a clear picture and a decision point: continue working together, take it in-house, or stop entirely.

Bi-weekly leadership sessions plus async availability between. I own the governance cadence, coordinate compliance, oversee cloud decisions, handle AI policy, answer vendor and customer security questionnaires, and communicate with your board. Same person every time. For urgent matters, same-day response.

I work primarily with ISO 27001 (and 27002, 27701), NIS2, and GDPR — these are the frameworks I implement most often for Danish and Nordic companies. Typically, if you sell to enterprise customers, ISO 27001 is where to start. If you operate in a regulated sector, NIS2 or DORA may be the priority. I've also delivered projects under SOC 2, CIS Controls, NIST CSF, CMMC (up to Level 3), ISAE 3402, ISO 9001, and a broader range of ISO 27000-series standards. If your certification path isn't listed, ask — chances are I've touched it. I work out the right starting point in the scoping call.

My primary focus is growing companies with 40-250 employees, mostly Danish B2B SaaS and regulated mid-market. That's the sweet spot where IT, security, and AI problems are real but a full-time hire doesn't make sense yet. My career track spans growing companies through enterprise scale, so I bring enterprise-grade discipline to smaller companies at a non-full-time price.

Readiness assessments are fixed-fee and published: ISO/SOC 2 Readiness 25-35K DKK, Cloud Cost Review 25/50/100K DKK tiered by your cloud spend (with a 2x-savings-or-refund guarantee), Customer AI Readiness 25-30K DKK (45K for the Questionnaire-Unlock variant). Execution Sprints from 50K DKK, scoped to outcomes. Retainer pricing is scoped to your specific problem set and agreed in the scoping call. Every engagement is fixed-fee or agreed-scope, no hourly billing surprises.

Yes, and that's the point. You get continuity, no handoffs, no revolving door of consultants. The same person who scoped the work executes it. You build a relationship with one person who knows your business deeply. That's a feature, not a limitation.

No team rotation, no junior handoffs, fixed pricing. You know exactly who does the work before you sign anything. Large consultancies often quote six figures, take 3-6 months, and rotate junior people through your engagement. I scope it, plan it, execute it myself.

That's the goal. I build processes and documentation your team can maintain. When you're ready for a full-time hire, I help you write the job spec, evaluate candidates, and handle the transition.

Execution Sprints are available for exactly this. If a specific project needs concentrated effort beyond the retainer hours (certification prep, NIS2 implementation, AI governance rollout), we scope a sprint from 50,000 DKK prepaid, with clear deliverables and timeline. No ambiguity about what you're paying for.

My primary focus is Denmark, but I work across the Nordics and EEA. My career track includes engagements in the UK, EU, and Nordics across 9 industries. The frameworks and principles are the same. If you're outside Denmark, let's have a conversation and see if there's a fit.

An assessment can typically start within 1-2 weeks of the scoping call. The scoping call itself is 30 minutes, free, and usually available within a few days. No long procurement cycles on my end.

30 minutes. We talk about your situation: what triggered the need, what you've tried, where the gaps are. I'll tell you whether I can help and what the right starting point is. If it's not a fit, I'll say so and point you somewhere that works.