Ecosystem: datacenters.pt·centrosdedados.com·centrosdedados.pt
HomeComplementary Services

Complementary & Specialist Services

Compliance Officer as a Service across four tiers, Third-Party Risk Management under DORA/NIS2, ad-hoc audits, gap analysis, policy drafting, mock inspections, bespoke training. A catalogue of complementary services designed to configure programmes tailored to the operational reality of each client.

Compliance Officer as a Service — Four Tiers

Starter

SMEs & edge

EUR 3,000/month
  • NIS2, EED & GDPR
  • Quarterly reports
  • Reactive incident handling
  • Annual training
  • Digital compliance platform
Enquire

Growth

Mid-market (1-10 MW)

EUR 5,000 – 8,000/month
  • Full-stack regulatory coverage
  • Quarterly on-site presence
  • Monthly reports
  • Proactive incident handling
  • Policy drafting included
Enquire

Enterprise

Hyperscale

EUR 10,000 – 15,000/month
  • All Growth items plus
  • Dedicated compliance officer
  • Monthly on-site presence
  • Custom platform
  • Board reporting
  • Contractual SLA
Enquire

Public

Portuguese Public Administration

On request
  • CCP-aligned retainer
  • DL 125/2025 & public-sector GDPR
  • PNCD alignment
  • CNCS/ARTE interface
  • Continuous training
Enquire

Line D · Third-Party Risk Management (DORA / NIS2)

Structured assessment of data centers from the perspective of regulated clients. Banks, insurers, hospitals, utilities and public entities subject to NIS2 or DORA must monitor and assess critical ICT providers. DORA has designated 19 globally critical ICT third-party providers (including AWS, Microsoft Azure, Google Cloud, IBM and Bloomberg) for direct supervision.

Vendor Audit

Full assessment of the data center as critical ICT provider, controls matrix, stakeholder interviews, contract clause drafting.

EUR 8,000 – 40,000 per audit

Continuous Monitoring

Monthly retainer for continuous vendor monitoring, annual reviews, incident follow-up, regulatory clause refresh.

On request

Ad-hoc & specialist services

Gap Analysis

Initial Diagnostic

Snapshot assessment of compliance posture against the applicable regulatory framework, with prioritised gap list and remediation plan.

EUR 3,000 – 5,000

Audit

Extraordinary Audit

Ad-hoc audit triggered by incidents, material changes in operating conditions, or preparation for regulatory inspection.

EUR 5,000 – 10,000

Policy Drafting

Policies & Procedures

Drafting of internal policies (cyber, continuity, incident response, data governance, AI) tailored to the operator's reality.

EUR 10,000 – 30,000

Mock Inspection

Enforcement Simulation

Simulation of NIS2 (CNCS), DORA or AI Act inspections, assessing documentation, procedures and organisational response capability.

EUR 8,000 – 20,000

Bespoke Training

Internal Workshops

Tailored internal training, with case studies specific to the organisation and scenario rehearsals.

EUR 1,500 – 2,500 per session

Incidents

Incident Management

Support for incident handling and regulatory notification to CNCS and other authorities, within statutory deadlines.

On request

Tailored programmes for your operation

Services can be contracted individually. Integrated CoaaS programmes offer the best value and strongest defensibility.

Design Integrated Programme