Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
Jan Andraščík is an independent cybersecurity consultant based in Prague, Czech Republic. According to the website, he primarily helps financial institutions, public-sector organizations, fintech companies, and technology businesses improve cyber resilience and meet compliance requirements such as ISO 27001, NIS2, and DORA. This is not a standardized security product; the offering is centered on consulting, assessments, roadmaps, audit readiness, training, and project delivery.
In terms of coverage, the service leans toward GRC and security governance, while also extending into security architecture and operations. For ISMS work, it includes ISO 27001 management system design, implementation, gap analysis, audit preparation, and internal audits. For risk governance, it covers ICT/InfoSec risk management, reporting, security policies, governance frameworks, and third-party risk management. On the operational side, it includes SOC/CSIRT processes, staffing and tooling planning, as well as vulnerability management and hardening. For resilience, it covers BIA, RTO/RPO, recovery scenarios, DR/BC testing, and incident communications. His personal certifications include CISA, CISM, CRISC, CISSP, and CDPSE, which provide strong professional credibility.
The site does not specify a concrete deployment model. A reasonable interpretation is that this is project-based consulting delivery, potentially involving assessments, design, training, or audit preparation depending on client needs. It mentions SOC/CSIRT tooling, risk reporting, and vulnerability management, but does not disclose specific platforms, APIs, SIEM/SOAR/EDR integrations, or alerting mechanisms. As a result, it is better suited as a planning and governance advisor rather than a direct replacement for a managed detection and response platform.
The website does not disclose pricing models, rates, packages, or project timelines, so it is not possible to assess the entry cost. Since this is an independent consultant, he may theoretically be more flexible than large consulting firms for small and mid-sized compliance projects, gap assessments, or targeted roadmaps, but this would need to be confirmed based on the actual quote and delivery scope.
The main advantages are a clear compliance focus, coverage of ISO 27001, NIS2, and DORA, and a scope that also includes risk, architecture, SOC/CSIRT, and BCP/DRP. It is a good fit for European financial institutions, public-sector bodies, and technology organizations facing significant regulatory pressure. The drawbacks are the lack of published case studies, pricing, team size, SLA, and tooling ecosystem information. As an independent consultant, resources may be limited for large multinational projects or 24/7 managed support.
The article does not provide information about access from China, so domain connectivity and payment methods would need to be tested and confirmed. If Chinese companies need support for MLPS, critical information infrastructure protection, the Data Security Law, or local audit requirements, domestic security consulting firms should be considered first. For EU-related business, NIS2, or DORA compliance, he can be considered as a potential European compliance advisor.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on janandrascik.eu official site.
janandrascik.eu is an Czechia Security provider. TG4G tracks its product information, an overall rating of 6.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach janandrascik.eu directly.