IT team shifts from firefighting to delivery. More projects shipped per quarter without added staff.
🏭
−40%
Unplanned downtime
Production lines lose less time to IT incidents. Direct revenue impact for a manufacturer.
🤝
Tier-1 ready
Customer trust
Meets the security questionnaires of large customers and OEMs — unlocks enterprise contracts.
🛡️
−25%
Insurance premium
Once EDR, MFA and immutable backup are in place, cyber insurer offers improved terms.
Show full savings calculation ▼
Source
Year 1
Year 2
Steady state
IT staff hours freed (automation)
DKK 120k
DKK 240k
DKK 280k
HR / onboarding hours freed
DKK 40k
DKK 60k
DKK 60k
Cloud cost optimization
DKK 60k
DKK 90k
DKK 90k
License consolidation
DKK 30k
DKK 50k
DKK 50k
Reduced support tickets
DKK 20k
DKK 45k
DKK 60k
Insurance premium reduction
—
DKK 80k
DKK 100k
Total recurring benefit
DKK 270k
DKK 565k
DKK 640k
Hard savings only. Excludes avoided incident cost, productivity gains, and brand value.
Cash Flow View
When the money actually leaves the account — quarterly bars over 24 months.
Q3 26 220k
Q4 26 160k
Q1 27 270k
Q2 27 240k
Q3 27 180k
Q4 27 160k
Q1 28 130k
Q2 28 120k
Plus DKK 27k / month recurring service fees from Q4 2026 onwards.
🛡️
Cyber Insurance Posture
Where you stand with the insurer today vs. after Option B.
Today
Does not qualify
DKK 240k / year
Missing EDR/XDR
MFA not enforced
Backup not immutable
Asset register exists
→
After Option B
Qualifies · preferred tier
DKK 180k / year
EDR/XDR rolled out
MFA enforced everywhere
Immutable, offsite backup
Documented incident response
Direct premium saving: DKK 60k / year · plus broader coverage and lower deductible.
👥
Internal IT Effort
Time your own team needs to commit during delivery.
Stage 1 (mo 0-6)
~32 hrs/mo
Stage 2 (mo 6-12)
~22 hrs/mo
Stage 3 (mo 12-24)
~12 hrs/mo
Steady state
~7 hrs/mo
Roughly 0.2 FTE peak load, dropping to background overhead. ITM8 carries the rest.
What Changes for Each Stakeholder
👷 Employees
Single sign-on, one password
Onboarding from 2 days to 2 hours
Fewer "IT is down" disruptions
🤝 Customers & OEMs
Pass tier-1 supplier audits
Faster response to security questionnaires
Stronger SLA reliability
📜 Auditors & Insurers
NIS2 evidence ready on demand
Insurance terms improve, premium drops
Board accountability documented
Sponsor
M. Sørensen, CIO (demo persona)
Owner
IT Operations Lead
Approver
Board of Directors
Delivery partner
ITM8
Informed
CFO, HR, Production Mgr.
AI & Automation Opportunity
Defence is necessary — but here is what playing offence looks like.
3.1 / 5
AI Readiness
📑
Copilot for Finance & Reporting
Automate monthly close commentary, variance explanations and board-pack drafting. Saves ~40 hrs/month.
Ship in 60 days
📨
Automated invoice intake
AI extracts and books supplier invoices into SAP S/4HANA. Cuts manual entry by ~70%.
Ship in 90 days
🔍
Production data anomaly detection
Surface unusual machine readings before they become downtime. Pilot on one line first.
Pilot in 6 months
Board KPIs — Tracked Quarterly
What you'll see in every board pack from now on. Sets accountability post-decision.
2.5 → 4.0
Maturity score
Target Q4 2027
5 → 0
Critical risks open
Target Q2 2027
45% → 95%
Compliance readiness
Target Q4 2026
— → <24h
Mean time to detect
From SOC go-live
62% → 98%
Patched within SLA
Target Q1 2027
No → Yes
Insurance qualifies
By renewal Q3 2026
Extended Insights
Ten additional dimensions the report tracks. Cards marked conditional appear only when relevant for the customer — shown here for demo purposes.
💰
IT Spend vs. Industry
You
2.3%
Industry
2.8%
Top quartile
3.4%
Underspending vs. peers — limits transformation capacity.
📊
M365 Adoption
auto-scan
Teams
62%
SharePoint
41%
OneDrive
55%
Copilot-ready
28%
600 paid licenses — ~40% of value not realized.
🎧
Service Desk / ITSM
2.1/5
Maturity
No formal ticketing — first-call resolution and SLA blind spot.
🏗️
Project Delivery Capability
55%
On-time, last 4 projects
Risk that approved recommendations slip in delivery.
🌐
Customer-Facing Digital
2.4/5
B2B portal · no self-service order
Links IT directly to revenue and customer experience.
🌱
CSRD / ESG Reporting
conditional
In scope
From FY2027 · no data pipeline
Hidden when customer is below CSRD thresholds.
🛂
Digital Sovereignty
conditional
EU residency
OK
Vendor diversity
Low
Exit-ability
Hard
Single-vendor MS lock-in — geopolitical exposure.
🤝
M&A / Scaling Readiness
conditional
No
<90 day integration possible?
Identity, ERP and network would block. Hidden if no growth plan.
⚙️
Quantified Technical Debt
DKK 2.4M
Across 6 systems
Top item: legacy AD on Server 2016 — replace by 2027.
⏱️
IT Operational Reliability
Uptime (12 mo)
99.4%
SLA met
88%
Patched in SLA
62%
The "does it just work?" KPI — the bread & butter boards quietly assume.
🏢
Physical & Facility Resilience
UPS / battery
OK
Cooling redund.
N+0
Fire suppression
FM-200
Cabling docs
Partial
Power, cooling, fire and physical access — the part of IT nobody mentions until it fails.
🤝
Vendor & Partner Management
42 vendors
5 critical · 3 missing SLA
Top 5 carry 80% of operational risk. NIS2 requires supplier risk reviews.
🧠
Security Culture
Phishing click
18%
Industry avg.
8%
Training done
12%
Most effective prevention — investments not yet changing behavior.
Clear Wins — Free or Almost Free
These can start next week with what you already pay for.
⚡
Turn on MFA for everyone
Already in your Microsoft 365 license. Blocks 99.9% of identity attacks. Less than one week to roll out.
DKK 0 extra
🛡️
Microsoft Secure Score actions
12 recommendations from Microsoft can be enabled immediately, no new licenses needed.
DKK 0 extra
🌐
Network segmentation
Use existing switches to separate office, production and guest networks. Stops malware spread.
Existing gear
Details by Area
Click any area to expand the plain-language explanation.
1.8
🛡️ Security & Resilience
Detection, response, backup and disaster recovery
Critical
▼
In plain words: If something attacks the company today, you would likely not see it in time, and your backups may not be safe enough to recover from. This is the single biggest exposure on the report.
What's wrong
No 24/7 monitoring — threats can sit unnoticed for weeks
Backups are not immutable or properly offsite
Incident response plan exists only on paper
No regular vulnerability scanning
What we recommend
Roll out EDR/XDR endpoint protection
Move backup to immutable, offsite copy
Subscribe to managed SOC service
Run a tabletop incident-response drill
DKK 410k
Investment
~180 hrs
Effort
3 → 4.0
New score
Also covered in the full assessment: DR drill cadence · backup restore validation (not just existence) · certificate & PKI inventory · SOC tooling stack · tabletop exercise frequency
2.2
📋 Governance, Risk & Compliance
NIS2, GDPR, policies, vendor risk, insurance
Attention
▼
In plain words: NIS2 enforcement reaches your sector this year. Without basic governance documents and a named accountable owner, the company — and the board personally — carry liability.
What's wrong
No formal NIS2 readiness assessment
IT policies outdated or missing
Cyber insurance requirements not met
No vendor / supply-chain risk register
What we recommend
NIS2 compliance program (12-month plan)
Refresh and approve core IT policies
Map and close insurance requirement gaps
Implement vendor risk reviews
DKK 220k
Investment
~140 hrs
Effort
→ 3.6
New score
Also covered in the full assessment: Written IT strategy & board approval cadence · vendor & partner SLAs · supplier security assessments · segregation of duties · audit trail integrity
2.4
🔐 Identity & Access
Who can log in, how, and to what
Attention
▼
In plain words: Logins are the front door of the business. A few well-known fixes here would block almost every common attack — and most of them are free.
What's wrong
MFA not enforced for all administrators
12 stale accounts of former employees still active
Joiner / mover / leaver process is manual
No conditional access rules
What we recommend
Enforce MFA on every account (free)
Automate user lifecycle via Entra ID Governance
Roll out conditional access policies
Quarterly access review
DKK 90k
Investment
~70 hrs
Effort
→ 3.7
New score
Also covered in the full assessment: Service account governance · PAM tooling · certificate-based auth · B2B / guest lifecycle · emergency break-glass accounts
2.4
🤖 Digital Readiness & AI
Automation, AI, innovation capacity
Developing
▼
In plain words: The company is well placed to benefit from automation and AI but currently runs many tasks manually. Easy wins are available once the security base is in place.
What's wrong
No structured automation backlog
AI use is ad-hoc, no governance
Reporting is spreadsheet-based
What we recommend
Identify top 5 automation candidates
Adopt Microsoft Copilot with guardrails
Power BI for board KPI reporting
DKK 160k
Investment
~110 hrs
Effort
→ 3.5
New score
Also covered in the full assessment: IT staffing maturity & training budget · service desk / ITSM maturity · knowledge management · tribal knowledge bus-factor
2.6
☁️ Cloud & Infrastructure
Azure, networks, hybrid setup
Developing
▼
In plain words: The hybrid setup works but lacks structure. With small architectural decisions you would cut cloud costs and improve resilience.
What's wrong
No cloud cost monitoring
Flat network — no segmentation
Full-tunnel VPN, no Zero Trust access
What we recommend
Network segmentation (existing equipment)
Azure landing zone & cost governance
Replace VPN with ZTNA
DKK 280k
Investment
~190 hrs
Effort
→ 3.8
New score
Also covered in the full assessment: Physical facility security · power & cooling redundancy (UPS, fire suppression) · network cabling documentation · telephony & Teams Voice · hardware lifecycle & EOL planning
2.8
💻 Endpoint & Workplace
Devices, patching, mobile, employee experience
Developing
▼
In plain words: Devices are functional but unprotected at the modern level. Adding endpoint protection and automated patching closes the most exploited attack route.
What's wrong
No EDR/XDR — only legacy antivirus
Patching is mostly manual
Asset inventory incomplete
What we recommend
Defender for Endpoint Plan 2 across the fleet
Automated patch & compliance via Intune
Single source of truth for assets
DKK 220k
Investment
~150 hrs
Effort
→ 3.9
New score
Also covered in the full assessment: Print management & secure scan · mobile device management depth · macOS / Linux fleet coverage · asset register completeness · decommissioning process
3.2
📊 Data & Applications
ERP, CRM, SaaS, files, databases
Healthy
▼
In plain words: Your business applications are in good shape. The remaining work is mostly housekeeping — data classification and SaaS oversight.
What's wrong
No data classification scheme
SaaS apps purchased without IT oversight
Some certificates near expiry
What we recommend
Introduce simple 4-tier data classification
SaaS register and approval flow
Centralized certificate management
DKK 130k
Investment
~90 hrs
Effort
→ 4.1
New score
Also covered in the full assessment: Application portfolio rationalization · database backup & restore testing · SaaS shadow-IT register · data classification scheme · certificate expiry monitoring
Board Decision
Pick one path. The recommended option is the safest balance of cost, risk and timing.
Option A — Defer
DKK 0
No action this year
Carries DKK 4–8M ransomware exposure
NIS2 non-compliance from Oct 2026
Personal liability for board members
No improvement in score
Option B — Phased Plan
DKK 1.48M
Over 24 months
Stops the bleeding in 6 months
Score 2.5 → 4.0 in 24 months
NIS2 compliant by Oct 2026
3–5× ROI vs. one major incident
Option C — Accelerated
DKK 1.95M
All within 12 months
All gaps closed within one year
Higher peak load on IT and consultants
Score 2.5 → 4.2 in 12 months
Best fit if M&A or audit pending
Need the full detail?
Scan for the complete technical report
All 7 domains, 40+ sub-areas, raw findings, recommendations and evidence — for IT, audit and insurance reviewers.
insight.itm8.com/report/INS-2026-0042
Decision needed by 30 April 2026 · Stage 1 must start before summer to meet NIS2 timeline.
Sponsor: CTO · Approver: Board
📌 Assumptions & dependencies ▼
Existing Microsoft 365 E3 licensing remains in place
No major M&A or headcount change in next 18 months
Production downtime windows available monthly
ITM8 acts as delivery partner; internal IT retains ownership
Currency stable; prices in DKK exclude VAT
🚫 Decisions not on the table today ▼
ERP replacement (SAP S/4HANA stays)
Office or plant consolidation
Outsourcing the IT department
Custom AI development beyond Copilot
🎯 Confidence in numbers ▼
High — one-time investment, license costs, NIS2 timeline
Medium — annual savings, FTE hours freed, ROI multiple
Lower — incident exposure (industry averages, not company-specific)
📖 Glossary ▼
MFA — Multi-factor authentication. A second proof of identity beyond a password.
EDR / XDR — Modern endpoint protection that detects and contains attacks automatically.
SOC — Security Operations Centre. 24/7 monitoring of security events.
ZTNA — Zero Trust Network Access. Modern replacement for traditional VPN.
NIS2 — EU directive on cyber security for critical & manufacturing sectors.
Immutable backup — A backup that cannot be altered or deleted, even by an attacker.