We set up a practical, lightweight security program for SMEs. It follows ISO/IEC 27001 for an information-security management system (ISMS) and uses ISO/IEC 27005 to run the risk process. Results are shown in the NIST Cybersecurity Framework 2.0 view so leaders can see posture across the six functions: Govern, Identify, Protect, Detect, Respond, Recover.
When helpful, we bring research-grade tools into operations - e.g., open-source risk modelling such as Spyderisk - to quantify current and future risk and to prioritise treatment with a clear rationale.
We deliver complex, data-intensive software by combining applied maths/statistics with solid engineering. Our role is hands-on: we assemble cost-effective professional teams, lead delivery (project/program), and keep solutions aligned to business goals through frequent validation.
When clients use ERP/CRM, we augment their stack (not replace it) with practical GenAI add-ons—assistants with citations, document intelligence in workflows, policy-as-code checks, and change-impact analytics. AI features remain explainable and auditable under ISO/IEC 42001 and the NIST AI RMF.
To make delivery repeatable, we use industry tooling only where it adds value: SBOMs (CycloneDX/SPDX) for supply-chain visibility, optional OSCAL evidence for audits, and policy engines (OPA in CI/services; Kyverno for Kubernetes admission) to keep environments consistent.
We use Gen-AI where it is useful and defensible: to speed up research, reduce routine work, and keep decisions traceable. Our team blends applied maths/ML with domain context and documents every AI step for audit and handover.
Patents. Gen-AI–assisted prior-art search and technical-effect mapping aligned with EPO practice on computer-implemented and AI inventions (focus on “further technical effect”/technical contribution). We collaborate with selected patent counsel to shape protectable claims.
Music & media. Simple tooling that streamlines rights clearance (sync/master/publishing) so usage is licensed rather than risky, with an audit trail by default.
Enterprise/ERP. Agentic Gen-AI helpers and workflow automations that respect regulatory constraints and remain explainable and auditable under ISO/IEC 42001 and the NIST AI RMF. Where needed, evidence can be exported via OSCAL and SBOM standards for supplier assurance.
We help organisations turn questions into clear, defensible answers using modern statistics and data analysis. Our focus is on careful study design, correct methods, and transparent reporting, so that decisions based on data are both practical and trustworthy.
Every good analysis starts with a well-posed question. We work with you to:
A powerful analysis depends on good data. We support you with:
Depending on the problem, we combine classical statistical techniques with modern methods for large and complex datasets, such as:
The goal is not “AI for its own sake”, but choosing the simplest method that answers the question well, and explaining clearly how it works and what its limitations are.
We place strong emphasis on readable, reproducible results. This includes:
We have experience with both theoretical and applied statistical problems in areas such as:
In all of these fields, our role is the same: to build a bridge between the domain experts and the mathematics behind the data, so that decisions are based on solid evidence rather than intuition alone.
Whether you need help designing a new study, rescuing a difficult dataset, or validating an existing analysis, we offer pragmatic, mathematically sound support tailored to your project and budget.
Client. Wideresearch GmbH — German active-sourcing / executive-research agency.
What we built. A respectful automation pipeline that simulates human navigation to collect candidate signals from professional networks and normalises them into the client database for faster screening. Added statistical analysis across large, mixed-format datasets.
How we ran it. Light governance (ISO/IEC 42001; NIST AI RMF), supply-chain evidence via SBOMs (CycloneDX/SPDX), optional OSCAL bundles for audits; policy-as-code in CI (OPA) and at deploy (Kyverno). For de-duplication, optional pgvector similarity inside PostgreSQL.
Client. LEGION Services GmbH — security services for events and offices.
What we delivered. Corporate website and ongoing managed IT: hardening, monitoring, and controlled change.
How we ran it. Policy-first ops with Kyverno (cluster admission) and OPA (CI checks) to enforce baselines and prevent drift. Traceable releases with SBOMs (CycloneDX/SPDX) and deployment logs; OSCAL evidence available on request.
Client. Winoffice AG — a Swiss vendor of SME business software/ERP.
Our role. Long-term partner for sourcing, onboarding, and leading engineering squads; we co-develop ERP modules and integrations under the client’s roadmap and coding standards.
How we run it. Delivery practices align with ISO/IEC 42001 and the NIST AI RMF where AI features are involved; we keep releases traceable with SBOMs (CycloneDX/SPDX) and, when requested, machine-readable control evidence (NIST OSCAL). For repeatable deploys we use policy-as-code guardrails (OPA in CI/services; Kyverno for Kubernetes admission).
Client. WOM Security & Service GmbH (Germany).
What we do. Specification and phased rollout of a practical SME stack: identity & access, network segmentation, backup & recovery, monitoring, and change control — with policy-as-code guardrails for consistent operations.
How we evidence it. Optional SBOMs (CycloneDX/SPDX) and OSCAL bundles for audits; OPA in CI/services and Kyverno at cluster admission to enforce baselines.
Our goal is to develop expert systems configured to solve scientific problems such as understanding the mechanisms of physical effects and phenomena, optimising business processes such as ERP and CRM, and developing intellectual property such as obtaining standard essential patents and seminal patents.
Although publicly available AI systems process high volumes of data, their performance may be marginal when domain expertise is required. To address this issue, we intend to implement our experience in developing a patent portfolio that anticipates breakthrough results in science related to thermoelectric cells that are operable to generate electricity at very small temperature differences that occur in ambient environments. Our approach employs an advanced theory of inventive problem solving (TRIZ). In contrast to the general TRIZ framework, we use advanced ontology-based problem generalisation employing a borderline approach between semantics and pragmatics. An approach based solely on pragmatics for problem generalisation can lead to possible solutions to the generalised problem being restricted to a narrow scope, whereas an approach based solely on semantics can lead to a broad spectrum of possible solutions to the generalised problem being identified, including implausible solutions.
The algorithms for the expert system will be developed in the course of further development of said patent portfolio and physical implementation of the devices claimed in the portfolio. In other words, the algorithms will be further developed using real-life cases of product development.
The second goal of this tandem project is to implement said thermoelectric elements for applications in the field of wearable sensors. 6G ambient sensors, etc. The project aims not only to implement technology using existing materials but also to develop novel materials providing better industrialisation potential. This broad spectrum of objectives will provide a broad spectrum of proven scientific, engineering and technical solutions which can be used for development and optimisation of algorithms of the expert systems mentioned as the other objective of this tandem project.
“A reliable partner in our ERP roadmap: they source and lead focused squads, ship traceable releases (SBOMs, clear tests), and keep velocity predictable—without cutting corners.” — Product Lead, Winoffice AG
“A focused partner for modernising our IT. The team delivered a clear specification and a phased rollout, kept environments consistent with OPA/Kyverno, and provided release evidence (SBOMs/OSCAL) whenever needed. Pragmatic, reliable, and easy to work with.” — Management, WOM Security & Service GmbH
Rödelheimer Weg 24, 65843 Sulzbach (Taunus), Germany
info@tet-service.com
+4961967730645
© TET-Service 2025
