ADVISORY SERVICES

Tailored to your organization’s real needs

Through our ongoing advisory support, we provide flexible and responsive expert assistance in the areas of information security, cybersecurity, and sector-specific regulatory compliance.

Advisory support tailored to your situation

Not every project requires full-scale engagement. Sometimes it’s a single critical question, a focused analysis, a rapid expert opinion, or a precisely formulated position in response to evolving legal, technological, or regulatory landscapes.

Our ongoing advisory services include:

  • interpreting the requirements of standards and regulations (e.g. ISO 27001, ISO 22301, NIS2, DORA, GDPR)
  • preparing and reviewing normative documentation (policies, procedures, guidelines)
  • analyzing vendor relationships (including compliance assessments and audit questionnaires)
  • supporting information security incident response (including forensic analysis)
  • developing compliance tools (e.g. compliance matrices, oversight frameworks, business continuity plans)

We support security and compliance teams, executive leadership, and operational units alike — delivering actionable insights and ready-to-implement solutions.

Legal support? CORE Law.

For all legal matters, we collaborate with the law firm CORE Law Grzybowski & Pilc, a member of the CORE Group. The firm specializes in technology law, data protection, and cybersecurity, ensuring our clients benefit from a cohesive, end-to-end approach — especially where legal and technological domains intersect.

This collaboration enables us to provide end-to-end support in areas such as:

  • Reviewing and advising on ICT service provider agreements

  • Assessing product and service compliance with DORA and NIS2 requirements

  • Drafting and negotiating contractual clauses related to information security

  • Preparing formal submissions to supervisory authorities and CSIRTs

  • Supporting post-incident response and remediation efforts

Examples of recent engagements:

  • Determining whether an organization falls within the scope of NIS2 or DORA

  • Classifying a product as an ICT service for a financial institution (under DORA)

  • Developing a list of required policies and procedures for a NIS2-covered entity

  • Preparing a vendor assessment questionnaire aligned with GDPR and NIS2 requirements

  • Acting as the designated point of contact with CSIRT NASK

  • Conducting forensic analysis of a ransomware incident, including root cause and impact assessment

  • Providing ongoing legal and regulatory advisory to IT and compliance teams

In security and compliance, precision matters — but so does timing. That’s why our ongoing advisory services go beyond expertise. We offer a hands-on approach, flexibility, and readiness to act precisely when you need it most.

RESPONSIVNESS. 
RELIABILITY. 
CONTEXT-DRIVEN.

Schedule your free consultation today

+48 505 330 182
+61 282 10 03

biuro@coreconsulting.pl