Nick Sotiroglou
Services

Compliance support built for real operating pressure.

Practical help for audits, controls, documentation, and delivery support when your internal team is stretched.

Talk through your needs
Offers

What I sell, when to bring me in, and what you get.

Each offer is scoped around the work that tends to create the most drag during audit prep and ongoing compliance delivery.

Audit Readiness & Audit Support

Best for
Teams preparing for SOC 2, ISO 27001, PCI-DSS, or similar audits with fixed deadlines.
Typical scope
Evidence organization, request tracking, owner follow-up, and auditor coordination.
Result
Smoother audit cycles, cleaner evidence handling, and fewer last-minute scrambles.

Compliance Program Operations

Best for
Teams with recurring compliance work that has become too manual, inconsistent, or hard to own.
Typical scope
Ownership mapping, workflow cleanup, recurring operating cadence, and follow-through support.
Result
Less drift, clearer responsibility, and steadier execution between audit cycles.

Policy & Control Design

Best for
Teams whose policies and controls are bloated, generic, or disconnected from reality.
Typical scope
Policy drafting, control language, operational alignment, and evidence-friendly documentation.
Result
Documentation that supports both the business and the audit.

Gap Assessments & Remediation Planning

Best for
Teams with too many open issues and no practical priority order for cleanup.
Typical scope
Current-state review, gap analysis, and remediation planning tied to risk and business impact.
Result
A focused cleanup plan with clear next steps instead of scattered findings.

Overflow Support for Firms

Best for
vCISO firms, audit firms, and consultancies that need extra delivery capacity during busy cycles.
Typical scope
Contract support, evidence coordination, remediation follow-through, documentation, and client updates.
Result
More throughput without adding permanent headcount.
See overflow support
Engagement models

Flexible support based on how much ownership you need.

Some teams need a contained project. Others need embedded help or overflow delivery during busy quarters.

Project-based

Best for audit prep, gap assessments, remediation planning, and focused documentation work.

Embedded contract support

Best when you need steady execution help across compliance operations, evidence handling, and owner follow-through.

Overflow support for firms

Best for vCISO firms, audit firms, and consultancies that need experienced delivery support during busy periods.

Need audit support, program cleanup, or extra delivery capacity?

I can step into the work that is blocking progress and help get it back under control.

Start the conversation