Har du spørsmål?

Ta kontakt med oss for en uforpliktende prat.

Ta kontakt Bli kontaktet

Home / Information Security

Information Security

We help your business ensure compliance and strengthen resilience against digital threats - so you maintain continuity in the event of unwanted incidents.

Svein Waage

Partner / Security

+47 932 23 115 svein.waage@gritera.com

Information security is not just a necessity – it’s a foundation for trust and growth.
At Gritera Security, we help organizations turn security into a strategic asset.

Our advisors are among Norway’s most experienced in the field of information security. We have worked both operationally and strategically, and have hands-on experience from complex projects across the public and private sectors. This combination gives us a deep understanding of the requirements and challenges organizations face — and the practical insight needed to make security efforts work in the real world. We tailor our approach to each organization’s goals, risk profile, and maturity.

Our philosophy is simple: information security should enable the business, not hinder it. We help establish governance, risk management, preparedness, technical controls, and competence that create structure, confidence, and lasting value.

We offer services within

Governance, Risk & Compliance (GRC)

We help you establish structure and overview across your security landscape — because informed decisions, effective risk reduction, and stakeholder trust all depend on it. Without a clear framework, many organizations lose control of responsibilities, priorities, and progress in their security work.

Through the implementation of management systems, risk management practices, and compliance with standards such as ISO 27001, DORA, and NIS2, we help you build a solid foundation for security governance. Our advisors ensure that security is anchored in leadership, integrated into business processes, and becomes a natural part of everyday operations.

The result is better decision-making, demonstrable compliance, and genuine confidence — not just on paper, but in practice. You gain clarity, direction, and a level of security that supports your business goals and builds trust both internally and externally.

With our “CISO for hire” service, you also gain access to experienced security leaders who can develop and drive security strategies, manage risk, and ensure continuous improvement and compliance.

Typical Deliverables:
• Establishment of management systems (ISO 27001, 27701, 42001)
• Risk management and assessment (ISO 27005, 31000, BIA)
• Organization of security governance structures
• GAP and maturity assessments
• Vendor follow-up and third-party audits
• CISO for hire and strategic advisory for executives and boards

Preparedness and Continuity

When the unexpected happens, preparation is what provides direction, confidence, and the ability to act. We help you make preparedness and business continuity an integral part of your management framework — so your organization can remain resilient, even in times of crisis.

We work closely with you to build preparedness that truly works — from clear roles and decision support to realistic exercises and digital tools that bring structure and calm to everyday operations.

Our principle is straightforward: plans must work in practice. That’s why we combine extensive experience in crisis management and societal security with recognized standards such as ISO 22301. We create frameworks that help protect people, assets, and reputation — while maintaining operations, even when the unexpected occurs.

Typical Deliverables:
• Business continuity strategy and planning
• Business Impact Analysis (BIA)
• Risk and vulnerability assessments (RVA) and risk-based planning
• Crisis training and tabletop exercises
• Documentation and support for audits and inspections

Identity & Access Management (IAM)

The right person, the right access, at the right time — critical for both efficiency and security.
We help you assess options and build a solid IAM strategy and architecture that balances efficiency, security, and user experience.

With experience from numerous solutions — including Entra ID, Omada, and One Identity — we assist with everything from maturity assessments and requirements specifications to implementation and operations.

Typical Deliverables:
• IAM strategy and roadmap
• Training, awareness, and internal communication on IAM
• Technology selection and integration architecture
• Requirements specification for IGA, PAM, and Access Management
• Zero Trust models and role architecture

Technical Security

We ensure your security measures work — in practice, under pressure, and when it truly matters.
Our advisors combine deep technical expertise with operational experience from complex IT and OT environments.

Through security architecture, Red Teaming, and SOC development, we help you withstand both today’s and tomorrow’s threats.

Typical Deliverables:
• Security architecture and technical hardening
• Red Teaming, vulnerability assessments, and physical security
• SOC and SIEM implementation and improvement
• OT security and advisory (IEC 62443)

Competence Development

True security begins with knowledge.
We help organizations build a strong security culture and increase competence at all levels — from employees to the board.

As partners with PECB and OffSec, and with our own instructors from Norwegian universities, we offer both certification courses and customized training programs that make security understandable and relevant.

Typical Deliverables:
• Awareness programs and leadership training
• Certification courses (ISO 27001, DORA, NIS2)
• Tailored courses and workshops
• Researchers, lecturers, and mentors available for hire

Build your expertise with us

We offer individual courses through PECB, giving you the opportunity to achieve your ISO certifications. We provide you with the necessary tools and flexible learning options, including self-study and e-learning, to achieve your goals.

Se våre kurs