ISO Systems, GDPR, and Compliance That Work in Practice
Through iQuality Services (iQS), I provide consulting for the design, documentation, implementation, and improvement of management systems based on international standards and regulatory requirements.
The work covers areas such as Quality Management Systems, Information Security Management, Supply Chain Security, Anti-Bribery, Food Safety, Business Continuity, and GDPR compliance under the European Union framework.
Over the years, I’ve seen the same situation come up again and again. Many organizations know they need stronger systems, clearer processes, or certification support, but they are not always sure where to begin or how to make everything work in practice.
This is usually where the real challenge starts.
A Practical Approach to ISO Systems, Not Just Documentation
I never approach this work as a paperwork exercise. The goal is not to produce documents for the sake of having documents. The goal is to build systems that make sense for your organization, support the way you actually operate, and help you move toward certification or compliance with clarity.
The focus is always the same. Build systems that work in reality, not just on paper.
Quality, security, and compliance have always mattered. Today, they matter even more. In a competitive environment, the real question is not whether these things are important. The real question is how to implement them in a way that is practical, sustainable, and aligned with your business.
That is where structured management systems come in. They help organizations create clarity, improve consistency, reduce risk, and build trust.
And the principle behind all of it stays simple.
Quality always pays off!
From there, the work can take different directions, depending on what your organization actually needs.
Areas of Consulting and Expertise
My consulting work covers a range of management systems and organizational needs, depending on where your business is today and where you want it to go next.
Training
Sometimes the first step is not implementation. It is understanding what kind of support your team actually needs. I help you identify the right path, whether that means awareness sessions, internal seminars, implementation support, or structured training designed to prepare your people for certification-level requirements.
Quality Management System
I support organizations in developing and implementing ISO 9001 Quality Management Systems that are ready for certification and built around how the business actually operates.
Information Security Management Systems
I help organizations design and implement ISO 27001 Information Security Management Systems that strengthen control, reduce exposure, and support a structured approach to information security.
European Union’s General Data Protection Regulation (GDPR)
I assist organizations in understanding, implementing, and managing GDPR requirements. The focus is always on practical compliance, internal accountability, and documentation that can stand up to scrutiny.
Supply Chain Security Management Systems
I help build ISO 28000 Supply Chain Security Management Systems for organizations that need stronger supply chain controls, better risk visibility, and readiness for certification.
Anti-Bribery Management Systems
I support the implementation of ISO 37001 Anti-Bribery Management Systems for organizations that want to strengthen governance, reduce exposure, and formalize ethical controls.
Food Safety Management System
I help organizations develop ISO 22000 Food Safety Management Systems that support both compliance and operational discipline.
Business Continuity Management System
I assist with the development of ISO 22301 Business Continuity Management Systems so organizations are better prepared to respond, recover, and continue operating when disruption happens.
Maintain and improve Certified Systems
Certification is not the end of the process. I also work with organizations that already hold certification and want to maintain, improve, or strengthen their management systems over time.
Updating Certified Management System Documentation
Standards evolve, and documentation needs to evolve with them. I help organizations update their management system documents so they remain aligned with revised requirements and current practices.
Security Consulting and Risk Advisory Services
In addition to management systems and compliance consulting, I also provide specialized security consulting services focused on real-world risk reduction, physical security, and operational resilience.
This part of my work is dedicated to helping organizations understand how security functions in practice, identify vulnerabilities, and implement solutions that are realistic, effective, and aligned with how their sites actually operate.
Security Consulting Services Romania – Practical, Independent, Vendor-Neutral
I provide specialized, unbiased security consulting services to organizations throughout Romania. My mission is simple: to help public authorities, critical infrastructure sectors, educational and healthcare institutions, and commercial organizations better understand their risks and make informed, defensible security decisions based on real-world data.
When we work together, you are not buying equipment or being pushed toward a specific solution. You are getting clarity. You are getting an honest assessment of what actually matters for your site.
Because I operate with complete vendor neutrality, every recommendation is driven by your needs, not by product sales. The goal is always the same: reduce risk in a practical, measurable way.
What I Do and How I Can Help You
Security is not about adding more systems. It is about understanding where you are exposed and fixing what actually matters.
My work focuses on helping you identify vulnerabilities early, improve existing controls, and make better decisions about security investments, whether that involves procedures, systems, or environmental changes.
I support organizations with risk assessments, CPTED advisory, security audits, policy development, and guidance on selecting the right technologies. Everything is tailored to how your site actually operates, not how it looks on paper.
Physical Security Consulting – Clear Decisions, Real Risk Reduction
I provide independent physical security consulting services across Romania and Europe, with over 30 years of industry experience.
My focus is on evaluating and improving video surveillance systems, access control, alarm monitoring, lighting, perimeter protection, and operational procedures. The objective is not complexity. It is clarity.
Whether you are responding to an incident, planning upgrades, or simply trying to understand where your real risks are, I help you prioritize what will actually reduce your exposure.
Independent Advice, Without a Sales Agenda
I do not sell equipment and I am not affiliated with any manufacturers or installers. That matters.
It means every recommendation you receive is based strictly on your site, your risks, and your operational needs. Nothing more, nothing less.
This gives you the confidence to implement solutions that are practical, compliant, and cost-effective.
A Practical and Structured Approach
Security consulting should not disrupt your operations or create unnecessary complexity. My approach is straightforward and designed to give you clear results without wasting time.
We start with a focused discussion to understand your objectives and constraints. Then I visit your site to see how things actually work, not just how they are described.
From there, I carry out a detailed assessment of your existing controls, looking at surveillance, access control, alarms, lighting, perimeter protection, and procedures.
What you receive is not theory. It is a clear, prioritized set of recommendations that you can act on immediately.
If needed, I can stay involved and support implementation, helping you review vendor proposals and ensuring everything is done correctly.
Why Work With Me
Experience matters in security. So does independence.
With over three decades of consulting experience, I bring both local understanding of Romania’s security environment and broader European exposure.
More importantly, I focus on your objectives, not generic solutions. Every recommendation is tailored to your organization, your risks, and your operational reality.
Security Audits and Risk Reviews
Having security in place does not mean you are secure.
What matters is whether your controls actually work, whether they are defensible, and whether they match how your site operates, especially outside normal hours.
I carry out structured physical security audits and risk reviews across Romania and Europe, with one goal: to give you an objective, vendor-neutral understanding of your current security posture.
What a Security Audit Really Looks At
An effective audit goes beyond checking boxes. It looks at how your systems and procedures perform in real conditions.
That means reviewing access control and key management, evaluating surveillance coverage and blind spots, assessing perimeter integrity, and understanding how lighting impacts risk after hours.
It also means testing how alarms function, how incidents are handled, and whether teams actually work together or operate in silos.
From Findings to Action
The outcome of an audit is not a long theoretical document.
You receive a clear breakdown of risks, where controls fail, and what needs to be addressed first. The focus is always on practical improvements, quick wins, and a structured path forward.
Where required, I align risk reviews with ISO 31000:2018 principles, especially for organizations that need structured reporting, governance alignment, or decision-making support.
Security Policies and Procedures Advisory
A security procedure that cannot be followed in real life will fail when it matters most.
Many organizations have policies that look good on paper but do not reflect how their site actually operates. When something goes wrong, people improvise.
My role is to make sure that does not happen.
Making Procedures Work in Reality
I help organizations develop practical, usable Standard Operating Procedures and incident response protocols that people can actually follow under pressure.
This starts with understanding how your site functions, including staffing levels, shift patterns, and after-hours response capabilities.
If you already have procedures, I review them critically. Are they realistic? Do escalation paths work? Do roles reflect reality?
From Gaps to Clear, Usable Procedures
Once gaps are identified, I redesign or refine procedures so they are clear, concise, and aligned with your operational reality.
I also support rollout, helping your team understand exactly what to do, when to act, and who is responsible.
Security is not static, so I also help you build processes for continuous improvement, ensuring your procedures evolve as your risks and operations change.
Security Management Plans – From Documents to Daily Practice
A security management plan should not sit on a shelf. It should guide daily decisions.
I develop practical, vendor-neutral security management plans that align with your real risks and operational needs.
What a Security Management Plan Actually Does
At its core, a security management plan defines how security is managed, who is responsible, and how incidents are handled.
It clarifies roles, identifies risks, sets operational controls, and establishes clear response processes.
It also ensures your organization has a structure for training, testing, and continuous improvement.
When You Need a Structured Plan
Organizations typically need this when they expand, face recurring incidents, upgrade systems, or manage multiple sites.
It is also essential when responsibilities are unclear, when compliance requirements increase, or when consistency across locations becomes necessary.
What You Actually Receive
You receive a clear, structured plan that includes governance, risk overview, operational procedures, incident response frameworks, and compliance expectations.
Everything is designed to be used, not just documented.
CPTED Advisory Services – Safer Environments by Design
I provide independent CPTED advisory services for organizations that want to improve safety, reduce crime opportunities, and create environments that people feel confident using.
What CPTED Really Means
CPTED, or Crime Prevention Through Environmental Design, is about how spaces influence behavior.
The way a place is designed affects visibility, movement, ownership, and how likely it is that inappropriate behavior goes unnoticed.
Good CPTED is not about adding more security. It is about designing environments that naturally discourage misuse and support safe, legitimate use.
Why CPTED Matters in Practice
Poor visibility, hidden areas, unclear access routes, and underused spaces all increase risk.
A well-executed CPTED assessment improves visibility, reduces blind spots, supports natural surveillance, and makes spaces safer, especially after hours.
A Practical, Site-Based CPTED Approach
Every site is different.
My work is based on understanding how your space is actually used, identifying real vulnerabilities, and providing clear, defensible recommendations.
These are aligned with recognized standards such as ISO 22341:2021 and ISO 31000:2018, but always adapted to your specific context.
Let’s Talk About Your Site
If you are dealing with safety concerns, planning a new development, or simply want to better understand your risks, we can start with a simple conversation.
No pressure, no sales agenda. Just a clear discussion about your site, your concerns, and what practical steps might make a real difference.
Let’s Talk About What Makes Sense for Your Organization
If you are thinking about certification, updating an existing system, or building a clearer path toward compliance, feel free to get in touch.
I’m always happy to start with a conversation and help you understand what makes the most sense for your organization.