Company Profile

Gerico Security is a Company specialized in providing expert advice and integrated support in the sector of Information & Cyber Security, Business Continuity and Risk Management, also providing services for business process certifications and Governance Risk & Compliance turnkey projects.

It is formed by professionals, committed to meeting the Security demand by making use of the experience gained over the years. It is provided by carrying out real time system development (Space and Telecommunication sectors), and  providing support to large Critical infrastructures (Gas Transportation and  Telecommunication companies), manufacturing companies, medium and small companies of value-added services.

In addition to being active in the field of standards and ISO certifications (e.g.ISO27001), Gerico focuses on innovation and niche services:

- Cybersecurity requirements of US Federal agencies compliant with the NIST:

Gerico is one of the first Italian reality supporting Italian and European DoD suppliers in compliance with DFARS 7012/7019/7020 in accordance with NIST SP800-171r2. Since the end of 2020, it has been taken as the Italian point of reference of CMMC - Cybersecurity Maturity Model Certification by signing a MoU with USA CMMC-CoE and with UK CMMC-CoE.

-The new Accredited ISO17020 Inspection Body of Gerico

The Cybersecurity Inspection Body is the first of its kind in Italy and Europe with which it can officially attest the Cybersecurity maturity level of the inspected organizations or of the providers. The Cybersecurity inspections are meant to be an important element to demonstrate the maturity level required by the Italian Ministry to all companies falling within the so-called National Cyber Perimeter or to the NIS EU Directive.


The Company is certified ISO/IEC 27001 (CSQA Cert.57112 ) and ISO 9001 (IMQ Cert.0647.2021 - EA 33, EA 35, EA 37)

Consulting, training, audit, inspections and verification services on:
• Information and cyber security
• Business continuity
• IT service Management
• Risk Management
• Payment card management (PCI DSS)
Planning of related models, methods of risk analysis and risk management.


Via Antonio Gambacorti Passerini 2, 20900 Monza Monza and Brianza, Italy

Follow us
Contact business

    Contact Information
    • Address

      Via Antonio Gambacorti Passerini 2, 20900 Monza Monza and Brianza, Italy

    • Manager

      Giustino Fumagalli

    • Phone number


    • Email of contact person

    • Company Email

    • Website

    • Date of birth


    Our Offices in Italy
    Other Offices in Italy

    Via Val della Torre 39, Torino; Via Montello 4 Gallarate;

    Products | Services | Applications |Technologies

    Our services are structured as follows:

    • Advisory

    Gerico provides the client with ad-hoc services bringing its experience to set out or manage appropriate models of risk management and information security governance processe. It protects your information assets, manages crises and maintains operational and business continuity.

    • Inspection Body

    Gerico has the first Inspection Body compliant with the ISO17020 standard in Italy and in Europe. It carries out Cybersecurity inspections and formally attests the current “cybersecurity posture” of an organization.

    • Audit

    Gerico ensures 1° and 2°- party Audits of Management Systems  or audit activities needed after a cyber incident.

    • Academy

    Upon request, Gerico Academy provides specialised training courses in Information Security, Cybersecurity, Business Continuity and Risk Management in a classroom setting or remotely

    The services provided concern the main international best practices and standards on Cybersecurity and Business Continuity. In particular, Advisory, Audit services, Training courses and certification services compliant with:

    • Cybersecurity ICT and ISMS

    ISO/IEC27001, ISO27701, ISO27017, ISO27018, TISAX, PCI-DSS

    • U.S. DoD Cybersecurity  and Federal Agencies Compliance

    NIST SP800-171r2, CSF – Cyber Security Framework, CMMC - Cybersecurity Maturity Model Certification

    • Cybersecurity OT/SCADA and control systems

    ISA62443, NIST SP800-82, EUROCAE ED202A

    • Business Continuity


    • Risk Management

    ISO31000, ISO27005, NIST SP800-30, EUROCAE ED203A

    Our management consulting services enable the creation of a management system for information security and provide a clear vision of a company’s Cyber exposure

    In addition, should an organization need a responsible person for Security Governance, who guides the activities and choices according to the business needs and strategies, we propose "CISO as a Service":    CISO - Chief Information Security Officer.

    “CISO as a Service” provides organizations with the experience of highly qualified professionals who support such companies for the time strictly necessary. CISO as a Service is all ad hoc, tailored according to the needs of the Client. Our experience is made available to the Management with the aim of carrying out the most appropriate actions for the business. Methods, services and times are decided by clients accordingly

    Our Missions & Programmes