Reichenburg, Schwyz, Switzerland
Technology risk has moved to the top of the agenda, and most boards don't have someone who can read it. That is the gap I fill. I'm a board and C-level advisor on cyber security, AI governance and EU regulatory readiness, and the founder of rameus solutions ag, a Swiss technology consultancy built on scaled precision technology. I help boards, executive teams and founders make confident decisions on the EU AI Act, the Cyber Resilience Act (CRA), NIS2 and DORA, and on the management systems beneath them: principally ISO 27001 for information security and ISO 42001 for AI governance. What makes my perspective unusual is that I work both sides of the table. Each year I conduct around 70 audits and engage at C-level with up to 90 organisations, so I see how security, AI and quality are really managed across industries rather than in theory. I have held board, advisory and foundation board mandates since 2017 across Switzerland, Europe and the US. Where I focus: • Information security and cyber: ISO 27001/27701, TISAX, and EU cyber regulation (NIS2, CRA, DORA, EASA Part-IS), plus interim CISO and board oversight. • AI governance: ISO 42001 and EU AI Act readiness, from strategy to working controls. • Medical devices and SaMD: ISO 13485, MDR/IVDR and software validation. I contributed to bringing two in-vitro diagnostic instruments to market, and my colleague Lars Brunner leads our medical and pharma work. Background: freelance since 2013, with around 40 projects and some 30 management systems implemented. I am a certified auditor (ISO 27001, 22301, 9001, 14001 and ISO 13485) with a Harvard credential in cyber risk management. I work in English, German and French, internationally across Europe, Asia, Africa and North America. If your board or leadership team needs technology, security and regulation translated into decisions you can own and implemented properly, let's talk.
Independent Board Member with extensive expertise in strategic leadership, information security, cyber strategy, business continuity, risk assessment, mitigation and treatment, and technology leadership. Advises organisations on building resilience, enhancing governance, and securing long-term strategic positioning in an increasingly complex and interconnected risk environment. Acts as a trusted sparring partner for C-level executives, challenging and refining strategic thinking to ensure robust decision-making and alignment between operational realities and corporate vision. Possesses proven experience in strategy development and general management, collaborating with leaders across SMEs, multinational corporations, and non-profit/charity organisations in multiple industries throughout Europe and North America. Adept at translating complex technical, operational, and market considerations into clear, actionable strategies that balance innovation, growth, and risk control while driving sustainable competitive advantage. Holds key industry knowledge in technology, IT security, medical devices, and real estate investment and management, enabling targeted governance and strategic oversight across diverse markets. Recognised for bridging the gap between technological capability and business priorities, fostering cross-functional collaboration at the highest levels. Demonstrates a strong record of delivering operational stability, governance excellence, and successful digital transformation in dynamic and regulated environments. Multilingual in German, English, Spanish, French, and Swiss German, with a professional footprint extending to Southern Africa, enabling effective engagement, representation, and influence across cultures and geographies. Respected as an independent and insightful board presence, contributing strategic foresight, operational oversight, and pragmatic solutions that deliver measurable, long-term impact.
As an independent Management System Specialist, I conduct audits for auditing companies in the norms ISO 9001, ISO 13485, ISO 14001 and ISO 27001 (ISMS). These audits ensure adherence to the QMS standards of the respective ISO norms. ISO 13485: Audits for Medical Devices focus mostly on supply chain, the medical device file, product design and development, training records and cleanliness of the work area. ISO 27001 (ISMS): In Information Security Audits, the focus is on the defined information security assets of an organisation. Combined with the controls of ISO 27001 Annex A, an information security management system (ISMS) has a solid base. All audits are risk based, meaning the highest risk work areas and processes will be audited in more depth and detail. Within ISO 13485 (Medical Devices) the risks are mainly in the design and development or the supply chain sections. In ISO 27001 (Information Security) these risks range from physical access control to password policies.
Management of various types of assets. Investments focus on real estate and physical value, securities and startup financing.
As an independent Enabler and Facilitator, I support the introduction of new Management Methods or assess the ones which already exist. The goal of any Management Technique or System is to be aligned with the client’s vision, mission, strategy and goals. Medical Device Industry: Within the Medical Device industry, the Management Method requirements are particularly strict. By applying the experience gained over the years, successful Management Systems for market access around the world are at your fingertips. Information Security Management: The Security of Information is one of my key strengths. By implementing a streamlined Information Management System which follows the existing company values and goals, the ideal result of both worlds can be achieved. Business Continuity Management: Business Continuity incidents can happen to any business at any time. Thanks to a risk-based Management approach, I can help you leverage this into a successful Business Continuity strategy. Impacts on all aspects of a business are assessed, rated and treated according to their priorities. This is how an organisation survives challenging and uncertain times.
My key strength is to support organisations in unleashing their full potential. As moderator and facilitator, I support organisations in redefining their vision, mission and strategy down to their goals in the daily business.
- Elicitation and digitalisation of process landscape - Structured qualitative and quantitative process interviews - Analysis and improvement of existing KPIs in processes - Support in Business Process Modelling (BPM) methodology - Assessment of service maturity with regards to Business Process Management (BPM) - Transformation of process documentation - Root cause analysis to improve quality and efficiency of process outputs Results: - Comprehensive service process landscape of services provided - Layered process landscape streamlined with Business Process Management (BPM) Trained in: - BPMN 2.0 for service processes - Process Modelling for Diagnostic and Life Science processes in BPMN 2.0 - Continuous Improvement within Life Science Quality Management Systems Methods: Business Process Modelling (BPM), BPMN 2.0,SIPOC, RACIS, Process Interviews, Process simulation, KPI analysis, Process Benchmarking, Continuous Improvement
As part of a project management team, it is our responsibility to deliver a new coagulation medical device. With regards to this coagulation medical device my role included: - Project Manager for diagnostics instruments development (HW/SW/V&V/Operations) - Quality Auditor for regulatory relevant documents - Project Management aligned with regulatory demands (ISO 13485), ready for audit by respective bodies (FDA, MHRA, Health Canada, Swissmedic, CE) - Ensure adherence to Good Manufacturing Practice (GMP) throughout the supply chain - Author of regulatory relevant documents for the diagnostic coagulation instrument according to regulatory standards (FDA, MHRA, NIHS Japan, swissmedic, CE, ISO 13485) - Multi project management within the team: Having the whole instrument planning aligned and updated to be up to reporting guidelines This role involved the following trainings: - Compliance of Diagnostic processes with regulatory bodies (FDA, swissmedic, CE, ISO 13485) - Document management compliant with regulatory standards (FDA, MHRA, NIHS Japan, swissmedic, CE, ISO 13485) - Good Manufacturing Practice (GMP), ISO 13485 - SAP Document Management - SAP Workflow setup/maintenance - Diagnostics (Coagulation) instrument Product Development Process - Diagnostics (Coagulation) instrument Risk and Incident Management - Diagnostics (Coagulation) instrument Configuration Management - Multi project management for international Diagnostics/Lifescience instrument program - Laboratory safety (Biosafety, biosecurity, hygiene, environmental security) Lab classification BSL 1 and BSL 2 (WHO Classification) Achievements: - Successful development of various stages of pilot coagulation instruments as preparation for final milestones - CE and FDA audit readiness - Budget within 2% of target, Scope fully reached within timeline
In my role as Project Manager in Prince2, Scrum, PMP and ITIL environments I was responsible for the setup of a near- and offshoring project team, as well as the whole software delivery lifecycle (SDLC) to deliver .NET and Java applications. Key skills for these positions were risk management, stakeholder management and budget management. My role involved: - Project Management/Scrum Product Owner and in regulated environment with Prince2, Scrum and PMP frameworks - Project Management/Scrum enabling of globally distributed project teams - Project Manager/Scrum Product Owner in .NET and Java development teams - Management of complete Software development lifecycles (SDLC) according to PMP and DSDM - PMP, Prince2, Scrum and ITIL compliant project management - Expert in stakeholder management, scope management - Cost management, Scope management, Project planning, Risk management - Multi Project Management and Project controlling in compliance with PMP - Workshop moderation to facilitate scope management - Consulting, coaching and enabling of clients in methodology and models During my employment I was involved in the following projects: - Project Manager Scrum enabler (near-/offshore), SDLC Leader .NET and Java applications - Project Manager infrastructure and IT projects (PMP, Prince2, Scrum) - Change Management process introduction Industries: Banking, Insurance, Investment Banking, Medical Engineering, Medical devices, Pharmaceuticals, Administration, Education, Hospitals, Care Services, Public Services, Automotive, Production, NHS, Telecom Skill snapshot: Project Manager, Scrum Product Owner, Scrum Master, Scrum Enabler, Agile Coaching, Project Planning, Scope Management, Change Management, Budget Management, Stakeholder Management, Time Management, Configuration Management, Risk Management, Workshop Moderation, Prince2, Scrum, ITIL, PMP, V-Modell, BPMN, TFS, JIRA, Confluence, Greenhopper, SharePoint, Jira, HP Quality-Center, SAP, Basel II, Basel III
As part of a medical device development team, I am responsible for the Release and Configuration Management for hardware items and act as deputy on the software- and instrument-level. With regards to the diagnostic coagulation medical device, my role includes: - Configuration Management for diagnostic coagulation instrument - Hardware and instrument (deputy) - Base lining of rolled out diagnostic coagulation instruments - Coordination of updates for all the diagnostic medical device - Release Manager for diagnostic coagulation instrument parts - Supply Chain verification as part of Release and Configuration Management for diagnostic medical device - Author of regulatory relevant documents for the diagnostic coagulation instrument according to regulatory standards (FDA, MHRA, NIHS Japan, swissmedic, CE, ISO 13485) - Overlook configuration changes and ensure compliance with GMP, ISO 13485 - Review and improvement of the medical device related supply chain questions (qualification of criticality for hardware parts for the diagnostic coagulation instrument) This role involved the following trainings: - Compliance of Diagnostic processes with regulatory bodies (FDA, swissmedic, CE, ISO 13485) - Document management compliant with regulatory standards (FDA, MHRA, NIHS Japan, swissmedic, CE, ISO 13485) - Good Manufacturing Practice (GMP), ISO 13485 - SAP Material Management - SAP Document Management - SAP Workflow setup/maintenance - Diagnostics (Coagulation) instrument Product Development Process - Diagnostics (Coagulation) instrument Risk and Incident Management, - Diagnostics (Coagulation) instrument Configuration Management - Multi project management for international Diagnostics/Lifescience instrument program - SAP Business Warehouse Reporting System - Global Diagnostics/Lifescience instrument Project Controlling - Laboratory safety (Biosafety, biosecurity, hygiene, environmental security) Lab classification BSL 1 and BSL 2 (WHO Classification)