About ITGRC Advisory Ltd. | Leading SOC 2 Compliance Experts in the UK

About us

ITGRC Advisory Ltd, headquartered in the UK with offices in Poland and the UAE, is a leader in technology, information security, and GRC&Audit. Our experienced 10-person team delivers detailed audits and manages reputational risks, especially in regulated markets.

We provide comprehensive SOC 1, SOC 2, SOC 3, and other SOC audits across sectors such as finance, energy, and ICT, focusing on robust internal controls. Our services extend to IT and security audits, GRC system integration, and business failure analysis, offering insights into potential risks. We also specialize in international compliance and cybersecurity standards.

With a proven track record of sophisticated projects for both private and public sectors, including high-profile institutions and critical installations, ITGRC Advisory Ltd is dedicated to ensuring client success through top-tier expertise in technology, security, and compliance.

Leaders

Sebastian Burgemejster

Sebastian, an expert with over 15 years of experience in internal and external auditing, specializes in managing the areas of the second and third lines of assurance. His experience encompasses the implementation, consulting, and auditing of information security, IT service, risk, and quality management systems in international organizations from the USA, EU, UK, and Australia.

As a proponent of the integrated GRC philosophy and new technologies, Sebastian actively engages in the industry environment. He is a co-founder of the Antifragility Institute in Chicago, former president of IIA Poland, and a member of prestigious organizations such as AICPA, IIA, ISSA, ISACA, and OCEG. Currently, he serves as an independent member of the Audit Committee of the Ministry of Foreign Affairs and participates in cybersecurity working groups at the Ministry of Digital Affairs.

Sebastian holds an impressive array of international professional certifications, including CISA, CISM, CRISC, CDPSE, CCAK, and many others in the fields of audit, information security, and risk management. He is also an accredited ISACA trainer, underscoring his commitment to development and education in the industry.

Piotr Welenc

Piotr Welenc is a recognized expert with over 25 years of experience in the IT industry and in internal and external auditing. His career spans work for leading financial and legal institutions in Poland and Europe. He specializes in internal and IT auditing, with extensive knowledge in risk management, process optimization, corporate and IT governance, and compliance, including with the Sarbanes-Oxley Act. He has held key roles in publicly traded companies, providing advice on GRC and ESG matters.

As an innovator, Piotr has contributed to the development of IT systems supporting GRC processes in publicly traded companies and healthcare institutions. He is a co-creator of a pioneering GRC-class system in Poland, which digitalized corporate processes. His commitment to education is evident in his lecturing on postgraduate studies in internal auditing, IT, and risk management, as well as his active participation in cybersecurity working groups at the Ministry of Digital Affairs.

Piotr is also a co-founder of the Antifragility Institute in Chicago, promoting innovation and organizational resilience. His competencies are confirmed by numerous international certifications, including MBA, CISA, CICA, CGEIT, CRISC, CDPSE, and many others. As an accredited ISACA trainer, Piotr continuously contributes to professional development in the industry, sharing his extensive knowledge and experience.

Our team

Marzena
Staniszewska

Marzena Staniszewska is an experienced internal auditor and trainer with a 37-year career in public sector units, including 20 years in ministries. She has managed internal audit offices, served on the Audit Committee, and was the Chief Audit Executive in the Ministry of Defence. Marzena also consults for financial institutions and specializes in audit, ethics, quality, and trust in the internal audit profession. Her extensive work with the Institute of Internal Auditors (IIA) Poland highlights her deep knowledge and professional experience.

Ewelina
Zielska

Ewelina Zielska is an information security specialist and experienced Data Protection Officer. With a law degree from the University of Warsaw and postgraduate studies in data protection, she has audited information security, business continuity, and third-party management in the financial sector, and supported SOC2 audits.

As a lead auditor for ISO 27001 and ISO 9001, Ewelina has ensured compliance with data protection requirements and managed information security risks. Her expertise in ISO standards enables her to conduct effective audits and compliance assessments. Ewelina's teamwork skills and membership in SABI underscore her commitment to professional development and strengthening data protection in organizations.

Mariusz
Sujka

Mariusz Sujka, a certified internal auditor (CRMA, CGAP) with over 20 years of experience, specializes in auditing, risk management, and internal control. With a law background, he has managed audit teams, coordinated over 100 projects, and worked in finance, procurement, information security, compliance, HR, and fraud prevention.

He has evaluated internal audits for banks, developed control and risk management procedures, and led training sessions. Certified in ISO 31000, ISO 27001, and ISO 37001, Mariusz collaborates with the IIA Global Standards Council and excels in audit methodologies and planning. His expertise and leadership strengthen organizational audit functions.

Maciej
Jędrzejewski, PhD

Maciej Jędrzejewski, PhD, is a cybersecurity expert with a doctorate in Security Sciences from the Pedagogical University of Krakow. He holds certifications like Certified Ethical Hacker (CEH) and Lead Auditor for ISO 27001, ISO 22301, and ISO 20000.

Maciej has managed security projects, conducted penetration tests, risk analyses, and audits across various sectors. He developed security policies, ensured compliance with international standards, and created a Security Operations Center (SOC) for a Polish military production group. His expertise in system administration, risk management, and high-security environments makes him a key asset in enhancing organizational security and compliance.

Miłosz
Jaworski

Miłosz Jaworski is an IT security expert and Solution Architect specializing in network and security architecture. He designs and implements tailored security solutions, leveraging his deep understanding of network solutions and IT system security.

Miłosz holds numerous certifications, including Check Point Certified Harmony Endpoint Specialist (CCES), CompTIA Advanced Security Practitioner (CASP+), and CompTIA Network Vulnerability Assessment Professional (CNVP). He is also certified in PenTest+, CISSO, CPEH, CPTE, CSWAE, and CVA.

An accomplished author and trainer, Miłosz shares his knowledge through publications and instructional videos. His expertise in IT security and ethical hacking makes him a key contributor to securing network infrastructures and educating the cybersecurity community.

Iwona
Krzaczek

Iwona Krzaczek is an internal auditor with international certification (CIA No. 111981) and qualifications as a chief accountant. With over 13 years of experience, she specializes in auditing local government units, government administration, hospitals, and enterprises, focusing on EU and national fund expenditures.

Her expertise includes Regional Operational Programs (RPO), Human Capital Operational Program (POKL), Knowledge Education Development Operational Program (POWER), and Smart Growth Operational Program (POIR). Iwona excels in internal control systems and process improvement.

She has held key roles at the Marshal's Office of the Lublin Voivodeship and collaborated with Ernst & Young Business Advisory. Iwona's education includes postgraduate studies in internal audit, financial control, accounting, finance, and a master's degree in sociology. Her extensive experience ensures effective management and compliance within organizations.

Maciej
Sztejter

Maciej Sztejter is the UK Business Development Director, known for his success across various industries. He holds multiple Cisco certifications, highlighting his expertise in networking and IT solutions.

With an academic background in archaeology, Maciej has diverse interests, including fantasy, martial arts, and historical reenactments. This unique blend of technical skills and personal hobbies makes him a dynamic leader in his field.

Jan
Sroka

Jan Sroka is a junior audit specialist with experience in SOC2 audits and ISO 27001 and ISO 9001 implementation projects. He is currently studying Economics and Finance in English at the University of Warsaw. Jan has completed IT audit training, enhancing his expertise in the field. His educational background, practical experience, and specialized training make him a skilled professional in auditing and compliance. Jan's focus on SOC2 and ISO standards underscores his commitment to high-quality and secure business processes.

Katarzyna
Celińska

Katarzyna Celińska is an accomplished Marketing, PR, and Office Manager with extensive experience in marketing, public relations, and social media management. She has worked as the Marketing and PR Manager for IIA Poland, where she also edited the IIA Poland Magazine. Previously, she served as a Senior Specialist in the Press Office at the Ministry of Environment.

Katarzyna excels in developing and executing marketing strategies, managing PR campaigns, and overseeing office operations, making her a versatile professional adept at enhancing organizational communication and outreach efforts.

Stay in touch

office@itgrcadvisory.com

ITGRC ADVISORY LTD.

590 Kingston Road, London,

United Kingdom, SW20 8DN

company number: 12435469