GRC · IT Audit · Risk Management · InfoSec

Your business stays compliant — without a separate lawyer and IT consultant

Legal expertise and IT competence in one person. GRC partner for IT audits, risk management and regulatory compliance (ISO 27001, NIS2, GDPR, E-ITS).

Google Partner
ISACA
PECB ISO 27001 Lead Auditor
(ISC)2
Microsoft Certified
CompTIA Security+
Services

What we do

Practical GRC solutions for Estonian and international businesses — without the bureaucracy.

Risk management
Building and managing your GRC programme end to end. ISO 31000, COSO ERM, FAIR — applied, not theoretical.
Learn more →
IT audit and compliance
ISO 27001, NIS2, GDPR, E-ITS — we bring you into compliance on time. Certification is not the goal, security is.
Learn more →
Cybersecurity and threat analysis
Threat landscape mapping, gap analysis and incident readiness — before something goes wrong.
Learn more →
Training and awareness
Employees are the biggest security risk — not maliciously, but because nobody has trained them. We change that.
Learn more →
Google Workspace
Secure GWS deployment, administration and GDPR compliance. Google Cloud Partner since 2024.
Learn more →
View all services →
Who we are

Legal science meets IT competence

HoneyLake specialises in comprehensive management of legal and information security risks. We bring together legal expertise and top-tier IT competence — in one specialist.

We help companies and public institutions build robust, practical, and compliant risk management systems. We work with internationally recognised frameworks, including: COSO ERM, ISO 31000 / ISO 27005, NIST RMF, FAIR, COBIT, OCTAVE.

We support you in aligning information systems with E-ITS requirements or the ISO 27001 standard, as well as implementing baseline security controls.

Our story →

We started this journey more than 20 years ago — across business landscapes in Estonia, Spain and the United Kingdom, where risk management has never been just filling in tables, but a matter of organisational survival.

Our lead is a University of Tartu Law graduate and certified IT auditor — a combination that is rare in the market. This means we see risks simultaneously from both the legal liability and technical implementation perspective.

We are active members of the ISACA Estonian Chapter community and keep our knowledge continuously at international level — with certifications from Google, Microsoft, CompTIA, ISC² and PECB.

We work in Estonian, English, Russian and Spanish — available wherever your business operates.

Our uniqueness

Why HoneyLake?

Our strength lies in the seamless integration of legal expertise and GRC.

01
Law + IT in one specialist
No need to hire a separate lawyer and IT consultant. Our expertise covers both domains — nothing gets "lost in translation".
See services →
02
Long-term partner
We come to stay — we understand your organisation's specifics and build a strong risk culture together.
How we work →
03
International experience
20+ years of ERM experience in Estonia, Spain and the UK. Serving clients in Estonia, the EU and internationally.
Our background →
04
We work in your language
Estonian, English, Russian and Spanish — available wherever your business operates. Serving clients across Estonia, the EU and internationally.
Get in touch →
Process

How we work

1

Consultation

Free 30-min call. We map the situation and answer your questions.

2

Analysis

We assess gaps, risks and obligations. You receive a written summary.

3

Solution

We build a prioritised action plan with deadlines and owners.

4

Implementation

We work alongside your team. Documents, training, controls.

5

Continuous support

Regular reviews, monitoring changes, always available.

Let's start working together?

Book a free 30-minute consultation on Google Meet and let's see how we can help your organisation.