top of page

About us

The ITGRC Advisory LTD company was established on the initiative of two experienced, certified auditors and managers Sebastian Burgemejster and Piotr Welenc. For over a dozen years, both of them have been successfully implementing sophisticated projects in key private and public sector institutions responsible for broadly understood state security. At the same time, the passion to share their experiences and knowledge-pushed them towards education, lecturing, training, and workshops. The joy of teaching has always been with them for over 20 years. As one of the first in Poland, we have international CDPSE certificates in the field of privacy, protection, and personal data.

Sebastian and Piotr are experts in their fields, have one of the highest qualifications supported by international certificates, and have a unique and distinctive experience, among others:

  • worked for the Polish Air Navigation Services Agency;

  • worked for the National Bank of Poland;

  • worked for the Polish Financial Supervision Authority as trainers;

  • performed audits of the European Central Bank;

  • implementing IT and security procedures in accordance with the ISRS standard (used for highest-risk installations, i.e. nuclear power plants);

  • implementing of service, IT, and safety procedures for the Boening 787 Dreamliner aircraft.

They support their clients at all stages of building an effective and secure business.


Through our knowledge to your value.

Our values

quality, professionalism, ethics, trust

Our competences

Our team has unique professional experience, knowledge, skills, and competences have been supported by Polish and international qualifications, such as:


  • Certified Information Security Manager (CISM)

  • Certified Information Systems Auditor (CISA)

  • Certified in Risk and Information Systems Control (CRISC)

  • Certification in Control Self-Assessment (CCSA)

  • Certified Internal Auditor (CIA)

  • Certified Government Auditing Professional (CGAP)

  • Certification in Risk Management Assurance (CRMA)

  • Cybersecurity Nexus (CSX)

  • Approved Compliance Expert (ACE)

  • Approved Compliance Officer (ACO)

  • COSO Internal Control

  • Accreditation in Internal Quality Assessment/Validation

  • Lead Auditor ISO 9001

  • Lead Auditor ISO/IEC 20000

  • Lead Auditor ISO 22301

  • Lead Auditor ISO/IEC 27001

  • Internal Auditor ISO 28000

  • ITIL - Foundation Certificate in IT Management

  • Security clearance

  • Prince2 Foundation / Prince2 Practitioner

  • TOGAF 8 Certified

  • Advanced SOC for Service Organizations

  • AICPA Certified public accountant (CPA) 


We work with major international and national organizations and institutes:


  • Information Systems Audit and Control Association (ISACA)

  • The Institute of Internal Auditors (IIA)

  • Association of the Institute of Computer Investigation


One of our companies is the ISACA-accredited organization to conduct training for products and services provided by ISACA in the EMEA. We demonstrate over 12 years of experience in the areas of IT audit, security, risk management, and IT Governance. ITGRC Advisory has taken up the challenge of spreading and developing knowledge in the field of broadly understood IT and security.

bottom of page