Learn how we can help you
Inge Vandijck.
Just like a beehive, every organization is stronger when people, knowledge, and purpose connect.
With the right structure and collaboration, even the biggest challenges become opportunities for resilience and sustainable impact.
We help you achieve this through advisory, training, coaching, and smart tech—always with a systems thinking approach.
Our Advisory We deliver sharp risk advice, expert professionals on demand, practical training, in-depth assessments, and clear reporting.
Our Advisory We deliver sharp risk advice, expert professionals on demand, practical training, in-depth assessments, and clear reporting.
(01)
Purpose: Provide executive-level cybersecurity leadership without the overhead of a full-time hire, ensuring compliance, resilience, and board-level confidence.
How we work:Design a cybersecurity strategy aligned with NIS2 and ISO 27001.
Oversee supplier and third-party risks.
Build and test incident response playbooks.
Translate technical issues into clear insights for boards and regulators.
CISO As-a-Service
(02)
Purpose: Help organisations embed risk intelligence at the executive level, turning risk into a driver of strategy and resilience.
How we work:Govern and maintain the enterprise risk framework.
Link risk appetite directly to strategy and performance.
Lead scenario planning and run risk committees.
Provide integrated reporting that connects operations with leadership.
CRO As-a-Service
(03)
Purpose: Deliver sustainability leadership on demand, ensuring compliance with ESG and CSRD while creating long-term stakeholder value.
How we work:Shape and maintain ESG strategy and roadmap.
Conduct double materiality assessments and KPI design.
Lead sustainability reporting aligned with CSRD/ESRS.
Embed climate and social risks into enterprise models.
CSO As-a-Service
(04)
Purpose: Establish a single, trusted source of truth for risk, compliance, and resilience language across the organisation.
How we work:Develop a glossary aligned with ISO standards and regulations.
Update terminology as new frameworks and laws evolve.
Embed the glossary into policies, governance, and training.
Ensure consistent language across teams and leadership.
Maintain Glossary
(05)
Purpose: Keep organisations ahead of shifting regulatory landscapes with a clear, actionable register of obligations.
How we work:Monitor EU and national regulatory updates.
Capture obligations in a structured register.
Provide concise impact notes and timelines.
Deliver regular board-ready compliance updates.
Maintain Register Regulations
(06)
Purpose: Ensure organisations are audit-ready, compliant, and continuously improving their resilience posture.
How we work:Prepare tailored audit frameworks aligned with ISO standards.
Run pre-audit rehearsals and independent maturity checks.
Support evidence collection and corrective actions.
Turn audits into opportunities for improvement, not just obligations.
Audit
(01)
Purpose: Provide executive-level cybersecurity leadership without the overhead of a full-time hire, ensuring compliance, resilience, and board-level confidence.
How we work:Design a cybersecurity strategy aligned with NIS2 and ISO 27001.
Oversee supplier and third-party risks.
Build and test incident response playbooks.
Translate technical issues into clear insights for boards and regulators.
CISO As-a-Service
(02)
Purpose: Help organisations embed risk intelligence at the executive level, turning risk into a driver of strategy and resilience.
How we work:Govern and maintain the enterprise risk framework.
Link risk appetite directly to strategy and performance.
Lead scenario planning and run risk committees.
Provide integrated reporting that connects operations with leadership.
CRO As-a-Service
(03)
Purpose: Deliver sustainability leadership on demand, ensuring compliance with ESG and CSRD while creating long-term stakeholder value.
How we work:Shape and maintain ESG strategy and roadmap.
Conduct double materiality assessments and KPI design.
Lead sustainability reporting aligned with CSRD/ESRS.
Embed climate and social risks into enterprise models.
CSO As-a-Service
(04)
Purpose: Establish a single, trusted source of truth for risk, compliance, and resilience language across the organisation.
How we work:Develop a glossary aligned with ISO standards and regulations.
Update terminology as new frameworks and laws evolve.
Embed the glossary into policies, governance, and training.
Ensure consistent language across teams and leadership.
Maintain Glossary
(05)
Purpose: Keep organisations ahead of shifting regulatory landscapes with a clear, actionable register of obligations.
How we work:Monitor EU and national regulatory updates.
Capture obligations in a structured register.
Provide concise impact notes and timelines.
Deliver regular board-ready compliance updates.
Maintain Register Regulations
(06)
Purpose: Ensure organisations are audit-ready, compliant, and continuously improving their resilience posture.
How we work:Prepare tailored audit frameworks aligned with ISO standards.
Run pre-audit rehearsals and independent maturity checks.
Support evidence collection and corrective actions.
Turn audits into opportunities for improvement, not just obligations.
Audit
(01)
Purpose: Provide executive-level cybersecurity leadership without the overhead of a full-time hire, ensuring compliance, resilience, and board-level confidence.
How we work:Design a cybersecurity strategy aligned with NIS2 and ISO 27001.
Oversee supplier and third-party risks.
Build and test incident response playbooks.
Translate technical issues into clear insights for boards and regulators.
CISO As-a-Service
(02)
Purpose: Help organisations embed risk intelligence at the executive level, turning risk into a driver of strategy and resilience.
How we work:Govern and maintain the enterprise risk framework.
Link risk appetite directly to strategy and performance.
Lead scenario planning and run risk committees.
Provide integrated reporting that connects operations with leadership.
CRO As-a-Service
(03)
Purpose: Deliver sustainability leadership on demand, ensuring compliance with ESG and CSRD while creating long-term stakeholder value.
How we work:Shape and maintain ESG strategy and roadmap.
Conduct double materiality assessments and KPI design.
Lead sustainability reporting aligned with CSRD/ESRS.
Embed climate and social risks into enterprise models.
CSO As-a-Service
(04)
Purpose: Establish a single, trusted source of truth for risk, compliance, and resilience language across the organisation.
How we work:Develop a glossary aligned with ISO standards and regulations.
Update terminology as new frameworks and laws evolve.
Embed the glossary into policies, governance, and training.
Ensure consistent language across teams and leadership.
Maintain Glossary
(05)
Purpose: Keep organisations ahead of shifting regulatory landscapes with a clear, actionable register of obligations.
How we work:Monitor EU and national regulatory updates.
Capture obligations in a structured register.
Provide concise impact notes and timelines.
Deliver regular board-ready compliance updates.
Maintain Register Regulations
(06)
Purpose: Ensure organisations are audit-ready, compliant, and continuously improving their resilience posture.
How we work:Prepare tailored audit frameworks aligned with ISO standards.
Run pre-audit rehearsals and independent maturity checks.
Support evidence collection and corrective actions.
Turn audits into opportunities for improvement, not just obligations.
Audit
(01)
Purpose: Provide executive-level cybersecurity leadership without the overhead of a full-time hire, ensuring compliance, resilience, and board-level confidence.
How we work:Design a cybersecurity strategy aligned with NIS2 and ISO 27001.
Oversee supplier and third-party risks.
Build and test incident response playbooks.
Translate technical issues into clear insights for boards and regulators.
CISO As-a-Service
(02)
Purpose: Help organisations embed risk intelligence at the executive level, turning risk into a driver of strategy and resilience.
How we work:Govern and maintain the enterprise risk framework.
Link risk appetite directly to strategy and performance.
Lead scenario planning and run risk committees.
Provide integrated reporting that connects operations with leadership.
CRO As-a-Service
(03)
Purpose: Deliver sustainability leadership on demand, ensuring compliance with ESG and CSRD while creating long-term stakeholder value.
How we work:Shape and maintain ESG strategy and roadmap.
Conduct double materiality assessments and KPI design.
Lead sustainability reporting aligned with CSRD/ESRS.
Embed climate and social risks into enterprise models.
CSO As-a-Service
(04)
Purpose: Establish a single, trusted source of truth for risk, compliance, and resilience language across the organisation.
How we work:Develop a glossary aligned with ISO standards and regulations.
Update terminology as new frameworks and laws evolve.
Embed the glossary into policies, governance, and training.
Ensure consistent language across teams and leadership.
Maintain Glossary
(05)
Purpose: Keep organisations ahead of shifting regulatory landscapes with a clear, actionable register of obligations.
How we work:Monitor EU and national regulatory updates.
Capture obligations in a structured register.
Provide concise impact notes and timelines.
Deliver regular board-ready compliance updates.
Maintain Register Regulations
(06)
Purpose: Ensure organisations are audit-ready, compliant, and continuously improving their resilience posture.
How we work:Prepare tailored audit frameworks aligned with ISO standards.
Run pre-audit rehearsals and independent maturity checks.
Support evidence collection and corrective actions.
Turn audits into opportunities for improvement, not just obligations.
Audit
Our Advisory We deliver sharp risk advice, expert professionals on demand, practical training, in-depth assessments, and clear reporting.
(01)
Purpose: Provide executive-level cybersecurity leadership without the overhead of a full-time hire, ensuring compliance, resilience, and board-level confidence.
How we work:Design a cybersecurity strategy aligned with NIS2 and ISO 27001.
Oversee supplier and third-party risks.
Build and test incident response playbooks.
Translate technical issues into clear insights for boards and regulators.
CISO As-a-Service
(02)
Purpose: Help organisations embed risk intelligence at the executive level, turning risk into a driver of strategy and resilience.
How we work:Govern and maintain the enterprise risk framework.
Link risk appetite directly to strategy and performance.
Lead scenario planning and run risk committees.
Provide integrated reporting that connects operations with leadership.
CRO As-a-Service
(03)
Purpose: Deliver sustainability leadership on demand, ensuring compliance with ESG and CSRD while creating long-term stakeholder value.
How we work:Shape and maintain ESG strategy and roadmap.
Conduct double materiality assessments and KPI design.
Lead sustainability reporting aligned with CSRD/ESRS.
Embed climate and social risks into enterprise models.
CSO As-a-Service
(04)
Purpose: Establish a single, trusted source of truth for risk, compliance, and resilience language across the organisation.
How we work:Develop a glossary aligned with ISO standards and regulations.
Update terminology as new frameworks and laws evolve.
Embed the glossary into policies, governance, and training.
Ensure consistent language across teams and leadership.
Maintain Glossary
(05)
Purpose: Keep organisations ahead of shifting regulatory landscapes with a clear, actionable register of obligations.
How we work:Monitor EU and national regulatory updates.
Capture obligations in a structured register.
Provide concise impact notes and timelines.
Deliver regular board-ready compliance updates.
Maintain Register Regulations
(06)
Purpose: Ensure organisations are audit-ready, compliant, and continuously improving their resilience posture.
How we work:Prepare tailored audit frameworks aligned with ISO standards.
Run pre-audit rehearsals and independent maturity checks.
Support evidence collection and corrective actions.
Turn audits into opportunities for improvement, not just obligations.
Audit
Our Academy We deliver practical risk training led by experts, so you can manage risks with confidence.
Our Academy We deliver practical risk training led by experts, so you can manage risks with confidence.
Our Academy We deliver practical risk training led by experts, so you can manage risks with confidence.
(01)
Purpose: Introduce professionals to the principles and tools of enterprise risk management aligned with ISO 31000.
How we work:Teach governance, principles, and the core process.
Explore key tools such as bow-tie analysis and risk registers.
Use real-world case studies for applied learning.
Provide certification pathways and assessments.
ISO 31000 Training – Foundations
(02)
Purpose: Enable participants to design and roll out a practical ISO 31000-aligned framework inside their organisation.
How we work:Guide the design of frameworks, policies, and governance.
Facilitate implementation labs using live challenges.
Provide structured feedback on draft frameworks.
Support participants in producing rollout-ready plans.
ISO 31000 Training – Implementer
(03)
Purpose: Build the skills to design, implement, and maintain a Business Continuity Management System (BCMS) aligned with ISO 22301.
How we work:Teach continuity principles, risk assessment, and BIA.
Develop crisis management playbooks.
Run simulations and recovery drills.
Link continuity to compliance with regulations like NIS2 and DORA.
ISO 22301 Training (Business Continuity Management)
(04)
Purpose: Equip professionals with the knowledge to design, implement, and maintain an Information Security Management System (ISMS).
How we work:Explore ISMS scope, requirements, and Annex A controls.
Train on evidence preparation for audits.
Run practical labs on incidents and supplier security.
Build the foundation for certification readiness.
ISO 27001 Training (Information Security Management)
(01)
Purpose: Introduce professionals to the principles and tools of enterprise risk management aligned with ISO 31000.
How we work:Teach governance, principles, and the core process.
Explore key tools such as bow-tie analysis and risk registers.
Use real-world case studies for applied learning.
Provide certification pathways and assessments.
ISO 31000 Training – Foundations
(02)
Purpose: Enable participants to design and roll out a practical ISO 31000-aligned framework inside their organisation.
How we work:Guide the design of frameworks, policies, and governance.
Facilitate implementation labs using live challenges.
Provide structured feedback on draft frameworks.
Support participants in producing rollout-ready plans.
ISO 31000 Training – Implementer
(03)
Purpose: Build the skills to design, implement, and maintain a Business Continuity Management System (BCMS) aligned with ISO 22301.
How we work:Teach continuity principles, risk assessment, and BIA.
Develop crisis management playbooks.
Run simulations and recovery drills.
Link continuity to compliance with regulations like NIS2 and DORA.
ISO 22301 Training (Business Continuity Management)
(04)
Purpose: Equip professionals with the knowledge to design, implement, and maintain an Information Security Management System (ISMS).
How we work:Explore ISMS scope, requirements, and Annex A controls.
Train on evidence preparation for audits.
Run practical labs on incidents and supplier security.
Build the foundation for certification readiness.
ISO 27001 Training (Information Security Management)
(01)
Purpose: Introduce professionals to the principles and tools of enterprise risk management aligned with ISO 31000.
How we work:Teach governance, principles, and the core process.
Explore key tools such as bow-tie analysis and risk registers.
Use real-world case studies for applied learning.
Provide certification pathways and assessments.
ISO 31000 Training – Foundations
(02)
Purpose: Enable participants to design and roll out a practical ISO 31000-aligned framework inside their organisation.
How we work:Guide the design of frameworks, policies, and governance.
Facilitate implementation labs using live challenges.
Provide structured feedback on draft frameworks.
Support participants in producing rollout-ready plans.
ISO 31000 Training – Implementer
(03)
Purpose: Build the skills to design, implement, and maintain a Business Continuity Management System (BCMS) aligned with ISO 22301.
How we work:Teach continuity principles, risk assessment, and BIA.
Develop crisis management playbooks.
Run simulations and recovery drills.
Link continuity to compliance with regulations like NIS2 and DORA.
ISO 22301 Training (Business Continuity Management)
(04)
Purpose: Equip professionals with the knowledge to design, implement, and maintain an Information Security Management System (ISMS).
How we work:Explore ISMS scope, requirements, and Annex A controls.
Train on evidence preparation for audits.
Run practical labs on incidents and supplier security.
Build the foundation for certification readiness.
ISO 27001 Training (Information Security Management)
(01)
Purpose: Introduce professionals to the principles and tools of enterprise risk management aligned with ISO 31000.
How we work:Teach governance, principles, and the core process.
Explore key tools such as bow-tie analysis and risk registers.
Use real-world case studies for applied learning.
Provide certification pathways and assessments.
ISO 31000 Training – Foundations
(02)
Purpose: Enable participants to design and roll out a practical ISO 31000-aligned framework inside their organisation.
How we work:Guide the design of frameworks, policies, and governance.
Facilitate implementation labs using live challenges.
Provide structured feedback on draft frameworks.
Support participants in producing rollout-ready plans.
ISO 31000 Training – Implementer
(03)
Purpose: Build the skills to design, implement, and maintain a Business Continuity Management System (BCMS) aligned with ISO 22301.
How we work:Teach continuity principles, risk assessment, and BIA.
Develop crisis management playbooks.
Run simulations and recovery drills.
Link continuity to compliance with regulations like NIS2 and DORA.
ISO 22301 Training (Business Continuity Management)
(04)
Purpose: Equip professionals with the knowledge to design, implement, and maintain an Information Security Management System (ISMS).
How we work:Explore ISMS scope, requirements, and Annex A controls.
Train on evidence preparation for audits.
Run practical labs on incidents and supplier security.
Build the foundation for certification readiness.
ISO 27001 Training (Information Security Management)
(01)
Purpose: Introduce professionals to the principles and tools of enterprise risk management aligned with ISO 31000.
How we work:Teach governance, principles, and the core process.
Explore key tools such as bow-tie analysis and risk registers.
Use real-world case studies for applied learning.
Provide certification pathways and assessments.
ISO 31000 Training – Foundations
(02)
Purpose: Enable participants to design and roll out a practical ISO 31000-aligned framework inside their organisation.
How we work:Guide the design of frameworks, policies, and governance.
Facilitate implementation labs using live challenges.
Provide structured feedback on draft frameworks.
Support participants in producing rollout-ready plans.
ISO 31000 Training – Implementer
(03)
Purpose: Build the skills to design, implement, and maintain a Business Continuity Management System (BCMS) aligned with ISO 22301.
How we work:Teach continuity principles, risk assessment, and BIA.
Develop crisis management playbooks.
Run simulations and recovery drills.
Link continuity to compliance with regulations like NIS2 and DORA.
ISO 22301 Training (Business Continuity Management)
(04)
Purpose: Equip professionals with the knowledge to design, implement, and maintain an Information Security Management System (ISMS).
How we work:Explore ISMS scope, requirements, and Annex A controls.
Train on evidence preparation for audits.
Run practical labs on incidents and supplier security.
Build the foundation for certification readiness.
ISO 27001 Training (Information Security Management)
Our Practice We provide expert risk coaching for individuals and teams, offering tailored guidance to build confidence and strengthen decision-making.
Our Practice We provide expert risk coaching for individuals and teams, offering tailored guidance to build confidence and strengthen decision-making.
Our Practice We provide expert risk coaching for individuals and teams, offering tailored guidance to build confidence and strengthen decision-making.
(01)
Purpose: Equip leaders and teams to take ownership of sustainability reporting in line with CSRD and ESRS requirements.
How we work:Guide teams through double materiality analysis.
Coach reporting framework design and KPI development.
Support ESG data collection across the value chain.
Review draft reports for clarity, compliance, and impact.
Sustainability Reporting
(02)
Purpose: Build leadership confidence in justifying and prioritising security investments by linking them directly to business value.
How we work:Facilitate workshops to evaluate security investments.
Develop models connecting costs to avoided risks.
Train teams to frame security ROI in board-level language.
Enable repeatable use of the ROSI method in decision-making.
ROSI (Return on Security Investment)
(01)
Purpose: Equip leaders and teams to take ownership of sustainability reporting in line with CSRD and ESRS requirements.
How we work:Guide teams through double materiality analysis.
Coach reporting framework design and KPI development.
Support ESG data collection across the value chain.
Review draft reports for clarity, compliance, and impact.
Sustainability Reporting
(02)
Purpose: Build leadership confidence in justifying and prioritising security investments by linking them directly to business value.
How we work:Facilitate workshops to evaluate security investments.
Develop models connecting costs to avoided risks.
Train teams to frame security ROI in board-level language.
Enable repeatable use of the ROSI method in decision-making.
ROSI (Return on Security Investment)
(01)
Purpose: Equip leaders and teams to take ownership of sustainability reporting in line with CSRD and ESRS requirements.
How we work:Guide teams through double materiality analysis.
Coach reporting framework design and KPI development.
Support ESG data collection across the value chain.
Review draft reports for clarity, compliance, and impact.
Sustainability Reporting
(02)
Purpose: Build leadership confidence in justifying and prioritising security investments by linking them directly to business value.
How we work:Facilitate workshops to evaluate security investments.
Develop models connecting costs to avoided risks.
Train teams to frame security ROI in board-level language.
Enable repeatable use of the ROSI method in decision-making.
ROSI (Return on Security Investment)
(01)
Purpose: Equip leaders and teams to take ownership of sustainability reporting in line with CSRD and ESRS requirements.
How we work:Guide teams through double materiality analysis.
Coach reporting framework design and KPI development.
Support ESG data collection across the value chain.
Review draft reports for clarity, compliance, and impact.
Sustainability Reporting
(02)
Purpose: Build leadership confidence in justifying and prioritising security investments by linking them directly to business value.
How we work:Facilitate workshops to evaluate security investments.
Develop models connecting costs to avoided risks.
Train teams to frame security ROI in board-level language.
Enable repeatable use of the ROSI method in decision-making.
ROSI (Return on Security Investment)
(01)
Purpose: Equip leaders and teams to take ownership of sustainability reporting in line with CSRD and ESRS requirements.
How we work:Guide teams through double materiality analysis.
Coach reporting framework design and KPI development.
Support ESG data collection across the value chain.
Review draft reports for clarity, compliance, and impact.
Sustainability Reporting
(02)
Purpose: Build leadership confidence in justifying and prioritising security investments by linking them directly to business value.
How we work:Facilitate workshops to evaluate security investments.
Develop models connecting costs to avoided risks.
Train teams to frame security ROI in board-level language.
Enable repeatable use of the ROSI method in decision-making.
ROSI (Return on Security Investment)
(01)
Purpose: Equip leaders and teams to take ownership of sustainability reporting in line with CSRD and ESRS requirements.
How we work:Guide teams through double materiality analysis.
Coach reporting framework design and KPI development.
Support ESG data collection across the value chain.
Review draft reports for clarity, compliance, and impact.
Sustainability Reporting
(02)
Purpose: Build leadership confidence in justifying and prioritising security investments by linking them directly to business value.
How we work:Facilitate workshops to evaluate security investments.
Develop models connecting costs to avoided risks.
Train teams to frame security ROI in board-level language.
Enable repeatable use of the ROSI method in decision-making.
ROSI (Return on Security Investment)
What does Bright Phoenix do, exactly?
Who do you work with?
What makes your approach different?
How do we get started?
How do you define “sustainable risk management”?
What does Bright Phoenix do, exactly?
Who do you work with?
What makes your approach different?
How do we get started?
How do you define “sustainable risk management”?
What does Bright Phoenix do, exactly?
Who do you work with?
What makes your approach different?
How do we get started?
How do you define “sustainable risk management”?
