Home

A carelessly planned project takes three times longer to complete than expected;
a carefully planned project takes only twice as long.
-Golub's Law
HOME ABOUT US MANAGEMENT CONSULTING T&P ACADEMY ENERGY MANAGEMENT IT GOVERNANCE PROJECTS NEWS

» T&P Overview

» T&P LinkedIn

» Key consultants

» IQISMS

» EU funded projects

» E-library

» Photo gallery


     IT Governance CoE
     PROJECTS

IT Governance projects

Name of the project Short description Financer / Client Realization
IT audit in KB First Pension Fund

The scope of the IT audit includes:

  • Workflows related to the information settings
  • Linkage of the systems for managing the mandatory and voluntary pension fund
  • Compliance of the applications within the current data protection regulation
    Reserve location
  • Ensuring security of the portal and the web page (Penetration testing using the black box pentest methodology)
Identifying possibilities for misuse of information settings and software applications

KB First Pension Fund

November 2016
GIRDA – Gameplay for inspiring digital adoption

GIRDA – Gameplay for inspiring digital adoption

Erasmus+ programme – Key action: Cooperation for innovation and the exchange of good practices


The project will address the problem of encouraging and nurturing digital take-up amongst older citizens who have not previously had access to digital technology.  The project approach will use touch-table games to introduce individuals (who have reached an advanced stage in their lives without learning to use any digital technology)  to digital interaction that provides confidence motivation and skills that can subsequently support exploratory-based learning of other digital technologies.  The approach will be to pilot and validate a new approach to learning digital skills that targets affective barriers to technology adoption as well as the cognitive and physical process of learning and skill acquisition.

EC - Erasmus + programme

November 2016 – September 2020
Development of new system for SEZK - electronic signing

Development of technical specification for the new SEZK.
Deliverables:

  • analysis of the current system for electronic health cards
  • development of cost-benefit analysis for new options
  • development of technical specification for the new centralized cloud signing system
  • development of tender documents
assistance in procurement process
FZOM April - December 2016
ITIL and SCRUM training Development and delivery of ITIL and SCRUM trainings for IT professionals from ICT and Banking sector.  2 days of training with interactive exercises and case studies. AITA October 2015
Consulting support for the innovation management process in iDex - eel.me

The main objective of this project was supporting iDex for the venture financed by the Macedonian Fund for innovations and technical development – eell.me: an online platform for inside navigation and location-specific content provision.
Activities include:

  • Facilitation of a strategic workshop to define an innovative solution and establish a common understanding of the project team
  • Support the presentation and presenting innovative solutions to investors
    Support in project management, monitoring and reporting to investor
  • Analysis of the legal and security elements of the platform
    Implementation of legal requirements for privacy: Privacy impact assessment and Privacy by design
Preparation for further commercialization
Fund for Innovation and Technology Development/iDex September 2015-September 2016
Implementation of Information security management system based on ISO27001 in iVote The objective of this project was implementation of Information security management system based on ISO27001 in iVote.

The project was realized through the following activities: introduction to ISO27001 training; risk assessment and internal audit training, risk assessment, documenting the information security management system, internal audit and preparing the company for certification by an independent certification body.
iVote May-August 2015
Project evaluation and IT audit for  the Information System for Automation of the Process of Issuing Seismic Conditions in the Construction of Facilities (ISTE)

The project activities included defining a methodology for performing the IT audit and conducting audit of the Information System for Automation of the Process of Issuing Seismic Conditions in the Construction of Facilities delivered by third party.
Deliverables
-Methodology for Auditing the Information System
- Report on Auditing of the Information System for Automation of the Process of Issuing Seismic Conditions in the Construction of Facilities

SIPU May - July 2014
REG - Identification of IT quality standards and certifications

The project activities included conducting two surveys to identify the key IT industry standards and certificates that have impact on the quality of processes and productivity on companies operating in the ICT sector. The first survey was conducted through interviews in the target markets (United Kingdom + Ireland, Scandinavian countries, the Netherlands, Germany, United States, Turkey and Middle East). The second survey was conducted through online questionnaires in the region (Albania, Bosnia and Herzegovina, Kosovo, Macedonia and Serbia). Consequently, based on the two surveys, the greatest gaps in certifications that are yet to be obtained by regional companies were identified, so their competitiveness on the target markets could be significantly increased with such certificates.

Activities included: Identifying the current trends in the IT industry standards, models and certification schemes required in the target market of United Kingdom and Ireland through interviews with representatives from relevant organizations. Preparation of summary reports and analysis of the gathered data, and contribution to the preparation of the two deliverables – Target market report and Regional market report with recommendation.
USAID - Regional Economic Development March – May 2014

Business process modeling and upgrade of ISMS in AB Soft

The goal of the project is implementation of integrated management system (IMS) in the company taking into consideration the standards ISO9001:2008 and ISO27001:2013.

Activities included:  Project management, documenting business process model, documenting a quality management system; comprehensive framework for IMS consisted of ISO9001 and ISO27001; internal audit training, migrating ISMS to the new ISO27001:2013 and preparing the company for certification by an independent certification body.
AB Soft October 2014 - May 2015
Maintenance of the Information Security Management system in the Municipality of Veles Activities included: assessment of the current situation, analyses of the non-conformities, defining corrective and preventive actions for dealing with the non-conformities, revision of risk assessment, training for risk assessment  and incident management procedure, conduct of internal audit of the ISMS. Municipality of Veles April 2014-ongoing
Implementation of Integrated Management System in e-Port

T&P was subcontractor for Native in design and implementation of comprehensive framework for Integrated Management System consisted of ITSM - ISO 20000 and BCMS based ISO 22301

Activities included: development of framework for Integrated management system, design and delivery of training for the project team, documentation of the system, internal audit, and assessment of the preparedness for certification of implemented Integrated management system.
e-Port April- December 2014
Implementation of Integrated management system for Orion telekom

Design and implementation of comprehensive framework for Integrated Management System consisted of QMS based on ISO 9001, ISMS based on ISO 27001, ITSM based on ISO 20000 and BCMS based ISO 22301:2012
Activities included:
- project management
- assessment of the readiness for establishment of integrated management system
- risk assessment
- business impact assessment
- development of framework for Integrated management system
- business process modeling, documentation of the system
- training for project team for documentation and implementation of the system
- internal audit, and
- assessment of the readiness for certification of implemented Integrated management system.

Orion Telekom, Serbia May2013-June 2014
Development of IT audit methodology for Opportunity Banka

The project objective was to develop an IT audit methodology and audit questionnaire in line with the existing risk-based internal audit.
Activities:
- assessment of the current state of organization and security control in the overall IT
- analysis of the current Internal audit framework and practices
- development of risk-based IT audit methodology
- development of IT audit checklists
- review of the Operational risk assessment
- coaching for IT audit
- awareness rising on IT governance.

Opportunity Banka, Serbia September 2013
Implementation of Information Security management system based on ISo270001 in Tunilab, Tunis

The project objective was to assist in Implementation of Information Security Management System.
Design and implementation of Information Security Management System based on ISO 27001
Activities included: assessment of the readiness for implementation of information security management system, risk assessment, documentation of the system, training for project team for documentation and implementation of the system, internal audit, and assessment of the preparedness for certification of implemented ISMS.

Small Enterprise Assistance Fund, USA (financier)

TuniLab, Tunis (beneficiary)
September - December 2013
Conducting Legal, Institutional, Business Process and ICT Assessment for Business Registration Reform in Kosovo

Subcontractor for Security and ICT staff assessment
Activities included: assessment of the ICT staff and organization, as well as current state of the IT system in terms of security assessment of the physical controls, application controls, anti-virus, access controls and network controls; Data assessment of how Databases are maintained and how Data is treated and protected, assessment of the  operational procedures and controls (including access controls, data integrity controls, audit logs, backup/restore procedures, and business continuity/ disaster recovery).

World Bank (financier) July - November 2013
Implementation of Information Security Management system based on ISO 27001 in the Central Registry of Macedonia

The goal of the project is implementation of ISMS based on ISO 27001 and preparation for certification.
Activities included:
• Assessment of the current situation in CRM in regards to the requirements of the standard ISO 27001
• Development of action plan for implementation
• Development of documentation for the ISMS
• Training of the CRM team:
     o Introduction to ISO 27001
     o Risk assessment
     o Internal audit of the implemented ISMS
• Support in internal auditing of the implemented ISMS and defining corrective / preventive actions

Central Registry of Macedonia August 2012 - May 2013

Technical assistance in support to the social welfare fund, republic of Yemen – phase III

Activities included:
• Review IT training, define training needs, and prepare IT Training program for 2013-2014,
• Support the development of a Help-Desk at the IT Department in the SWF Head Office, including the preparation of the terms of reference for the Help- Desk and the preparation of job descriptions,
• analyze the operations in the IT department and prepare and IT Department manual to cover both processes and main policies,
• Analyze  the  actual  situation  concerning  the  MIS  development and propose steps and approaches for further development

EU December 2012 - January2013
External control of personal data protection in Nextsense

The project objective was to review the adjustment of the personal data protection documentation of the company with the requirements of the law on personal data protection
Activities:
• Documentation review
• Personal data collection review
• conversation with the persons authorized for personal data processing
• Review of the technical and organizational measures

Nextsense December 2012
Development of a Security Policy Study on the FZOM's IT System The main goal of the project is to prepare the Health Insurance Fund of Macedonia for implementation of a system for IT security management.
Specific goals of the project “Development of a Security Policy Study on the FZOM’s IT system” are:
    - Analysis of the FZOM’s current state in the sense of information security
    - Defining of a strategy and action plan for implementing an Information Security Management System according to the ISO 27001:2005 standard

Project activities:
- Defining the scope of the Information Security Management System
- Preparing a report from the GAP analysis and assessment of the readiness for implementing of ISO 27001:2005
-  Analysis of the current methodology for risk management of FZOM
- Documenting a Methodology for risk management and appropriate forms
- Documenting an Action Plan for implementation of a Information Security Management System
- Documenting a Manual for Information Security Management
- Execution of a preparatory training for FZOM’s project team needed to introduce them with ISO 27001 and assessment of risks.
FZOM 2011 - 2012
MIO - IT Governance and IS Audit in MISA

Project activities:
- Audit and assessment of the adequacy of the organizational structure and responsibilities of Ministry of Information Society and Administration (MISA) in terms of managing ICT in the context of ISO 38500 IT Governance;
- Audit and assessment of practices and implemented controls for compliance with the requirements of ISO 27001 information security management system
- Identification of ICT areas that require MISA to pay attention in order to align them with best practices.

Ministry of Information Society and Administration 2011
Development of by-law for the Law on Valuation - Methodology for valuation of IT

Participation in team of experts engaged for the purpose of development of methodology for valuation of IT and appropriate training program for the future valuators.
Activities included:
- Analysis of the Law for valuation
- Analysis of the world best practices for valuation of IT
- Analysis of other methodologies for valuation in Macedonia
- Definition and description of IT assets
- Development of Methodology for valuation of IT
- Definition of training plan for IT valuators
- Public hearing for the methodology for valuation of IT
- Development of bylaw act for methodology for valuation of IT

USAID competitiveness Project in Macedonia / Carana 2011
Implementation of Integrated Management System in Alfa Digital

Design and implementation of comprehensive framework for Integrated Management System consisted of ISO 9001, ISO 27001, ISO 20000 and ISO 14001.
Project activities: Assessment of the readiness for establishment of integrated management system, development of framework for Integrated management system, business process modeling, documentation of the system, training for project team for documentation and implementation of the system, internal audit, and assessment of the preparedness for certification of implemented Integrated management system.

Alfa Digital 2011
Implementation of Integrated Management System in Xpro

Design and implementation of comprehensive framework for Integrated Management System consisted of ISO 9001, ISO 27001, ISO 20000 and ISO 14001.
Project activities: Assessment of the readiness for establishment of integrated management system, development of framework for Integrated management system, business process modeling, documentation of the system, training for project team for documentation and implementation of the system, internal audit, and assessment of the preparedness for certification of implemented Integrated management system.

Xpro 2011
Information Security Capacity Building in Srbia This project included the following activities:
• Analyze the leading global certifications in Information Security (IS)
• Research the current state of ISS in the selected countries of the CEE region and their strategies
• Develop questionnaire and criteria for assessment of local IS service providers (training centers, instructors and consulting firms)
• Conduct interviews with IS service providers pre-selected by the Project to assess their readiness and suitability+B3 for participation in the Program
• Prepare reports that will include key recommendations for: selection of IS service providers for participation in the Program, design of a support program for training and certification of IS professionals, support of marketing and communications activities related to promotion of the Program and raising general awareness about IS
• Conduct assessment of potential grant beneficiaries for ISO 27001 certification pre-selected by the Project  (assess their readiness to implement the standard, HR and financial capacity, management buy-in and other relevant criteria)
USAID Competitiveness Project Srbia/Booz-Allen & Hamilton 2010

CaSys - Establishment of IT Service Management System based on ISO20000:2005

Readiness assessment for implementation of ITSM based on ISO 20000:2005. Training of the project team, framework development, documentation of policies, plans, processes, procedures, records for IT service management, Service Improvement, Planning of new services, Service delivery, Resolution Management, Release Management, Control Management, Relationship Management.

CaSys

2009

Cacttus- Implementation of integrated management system inclusive of QMS based on ISO 9001:2008 and ISMS based on ISO 27001:2005

Readiness assessment  for implementation of integrated management system consisted of Quality management system based on ISO 9001:2008 and Information security management system based on ISO 27001:2005, development of IMS framework, documenting the system, training for the Cacttus' project team and appropriate documentation and implementation of the system, internal audit training and preparation for certification of the implemented IQISMS.

BAS Kosovo- Co-financer/Cacttus, Kosovo

2009

E- Cadastre - project review and evaluation

Consultancy services for E-Cadastre project: expert opinion on the scoping of the functionalities and implementation activities of the project; IT Project Management; IT contract Management, Analyzing work processes and modeling workflow information systems, recommendations. Project results:                  

  • Findings and recommendations- List of the scoping of functionalities
  • Expert opinion about  activities needed for successful implementation                                 

Swedesurvey AB

2009

Pre-assessment for preparation for implementation of ISMS based on ISO 27001 in Hi-Tech (Phase 1)

 "Business Case" and evaluation of readiness for implementation of information security management system in BPI Hi-Tech .

IFC/Hi-Tech

2007

Establishing ISMS based on ISO 27001:2005 in Hi-Tech (Phase 2)

Implementation of Information Security Management System according to ISO 27001. Readiness assessment for  implementation of Information Security Management System according to ISO 27001,  framework development, system documentation, Hi-tech project team training for standard' general requirements, training for internal assessors of ISMS, readiness assessment for certification for the system.

IFC / Hi-Teach

2007 - 2008

Establishment of ISMS and ITSM in AML -  Development capacity - supplies against money laundering - Lot 1

Establishment of IT Service Management System based on ITIL and aspects of ISO20000:2005, and Information Security Management System based on ISO27001:2005. The goal of this project is to establish support to the development and consolidation of a functional and effective anti-money laundering system, through application of critical technology infrastructure components that give the Agency a long term capability to expedite implementation of anti money laundering legislation and enforcement.
 
The part of the project realized by T&P included:
- Support to the Project Manager with Project Administration
- Preparation of Information Security and IT Management System Manual.

ЕАR / Ministry of finance

2006 - 2007

Review and upgrade of the established ISMS and ITSM in AML 2008

Upgrade of results from AML project trough assessment of the established security controls, assessment of compliance with Macedonian legislative, revision of the existing documentation (manual, policies and procedures) and training for the IT' employees management system and introduction to the system for all employees.

Directorate for Prevention Money Laundering and Terrorism Financing

2008

Establishing ITSM in Kosovo Juridical Council (CMIS)

Establishment of IT Service Management System based on ITIL and aspects of ISO20000:2005. Development of IS strategy for KJC in Kosovo aiming to finalize the integration of the CMIS - Case management IS. Trajkovski Ljubomir was the project manager.

UMNIK/EAR Kosovo

2006 - 2007

Establishment of ITSM in Ministry of Finance (DIS)

Establishment of IT Service Management System based on ITIL and aspects of ISO20000:2005. The project was focused towards building the capacities of the Ministry of Finance - CFCU & NF; T&P was responsible for defining working model supported with ICT and preparation of ICT policies and procedures based on ITIL and ISO 20000.

EAR / Ministry of finance

2006

Establishment of ISMS based on ISO 27001 in Marnet

Awareness raising, preparation of basic documentation for information security management system based on ISO 27001:2005 in MARNET

USAID / UKIM

2006

Establishment of ISMS in Teteks Credit Bank

Design, documentation  and implemenatation of security information system based on ISO 27001:2005 in TKB. Awareness raising, risk assessment and preparation of the ISMS documentation (manual, policies, procedures and records templates)..

Teteks Credit Bank

2006

Establishment of in ISMS Inet

Preparation of “IT Mark“ declaration for information security  level 1 and 2 in Inet

APPRM / Inet

2006

e-GOV  security aspects 

Organization of information security in E-Gov projects, with proposal of basic functions and activities related with security.

USAID project  е-GOV

2006

“Information Security Initiative” - Metamorfozis

Project “Information Security Initiative”  - Ljubomir Trajkovski is engaged as information security expert.

Metamorfozis

2007

Feasibility study for implementation of ISO standards in Zito Vardar

Consortium Challenge realized feasibility study for implementing ISO Standards and standards for food safety in Zito Vardar.
T&P realized the ISO 9000 segment and provided project management assistance.

Zito Vardar

2005

Business Process Reengineering - ENC and implementation of QMS based on ISO 9001

Business Process Reengineering through defining optimized business process model of MBS and preparation for implementation of Quality management System based on ISO 9001. Documentation of policies and procedures according to ISO 9001 standard.

Euro Netcom

2005

Business process reengineering - MBS and implementation of QMS based on ISO 9001

Business Process Reengineering through Defining optimized business process model of MBS and preparation for implementation of Quality management System based on ISO 9001. Documentation of policies and procedures according to ISO 9001 standard.

MBS

2004

Study for development of Science Institutes in Croatia

The BPR - GLOCKOM' team has made an analysis of the Science Institutes' work in R.Croatia  with reengineering of the working processes and proposal for new model of organization for Ruger Boskovic–Zagreb and  Brodarski Institute–Split trough:  - analysis of the current situation in the science institutes;  
-comparison with successful world experiences;           
-defining a process model;                                              
-plan for implementation of the new organizational model
-recommendations for current improvement of the work                         

World Bank and Ministry of science in R. Croatia

2004 - 2005

SWEB

Increasing the efficiency of public services by using mobile technologies focusing on the security of the transactions. T&P is a technological partner of City of Skopje and partner in consortium.

EC FP6/Skopje

2006 -2008

ELSA Conference - Information Security Training

On the conference " Legal challenges in cyber environment" organized by the student organization ELSA, T&P Consulting  organized short trainings for information security on theme:

  • Defining and explaining the meaning of  the notion information and basic types of information
  • Security and internet security
  • Most common treats of information security
  • System for information security
  • Standards and recommendations for information security on internet

ELSA

2008

BSI Training for work continuity and information security management

Training for work continuity and information security management systems, organized by BSI on the event „BSI Communication“ in Novi Sad.

BSI

2007

Strategic workshop for ISMS in Macedonian Bank

Strategic workshop for introducing the management team with business continuity plan and information security.

Macedonian Bank

2006

BSI 7799 training

Organization and realization of BSI 7799 basic training and training for auditors.

Participants from ICT centers and civil service

2005

MASIT-  Introduction to ICT services management system

MASIT - organization of IT firms, organized a session on which T&P Consulting presented the IT service management concept. Theme: „Is “ISO/IEC  20000 IT Service Management System”  applicable in our 'firms"

MASIT

2009

МT Service Level Agreement Training (SLA)

Training for the MT management team with aim to increase the awareness of the need for using contracts for defining the level of service quality offered.

Macedonian Communication

2002

PIOM IT Strategy

Evaluation of IT current infrastructure, comparison with progressive world systems for pension funds' support.  IT Strategic Plan was proposed as a support of the current Strategic plan for PIOM' reform.

World Bank / Government of Republic of Macedonia

2003

Development of training modules for civil servants – Managing for Quality

The project funded by DFID was aimed at developing, organizing and delivering a training program for middle level managers in the public administration. The entire program was split into logical modules covering a specific topic. Trajkovski & Partners got the module for Managing for Quality. The delivery of the training modules was done over a period of 6-9 months, module after module. 

DIFID   / Agency of civil servants

2003-2004

Concept and strategy of strategically integrated information system of Ministry of labor and social policy

Define strategy for modernization and action plan for first year ICT projects.
Analyses of the current processes, BPR of the business processes, IT concept with functions and data and plan for implementation of priority projects.
Realization of information system for Market Inspection focusing on electronic document management system.

Ministry of labor and social policy / Market Inspection

1997

Prepaparation of National Project Management Methodology for developing Informational Systems and providing quality system

 The methodology is recommended for realization of IT projects financed by the budget of R.Macedonia. It describes life cycle in realization of the IT project by phases and segments, it defines activities and results, it gives documentation pattern, it defines project control book and has a special part for project organization and managing quality. The methodology was based on PMI Institute methodology.

Ministry of science, all government and state institutions

1996



Copyright © Trajkovski & Partners Management Consulting | Privacy policy