Home Blog
Services
IT Audit
IT Budget Audit
vCIOInterim IT ManagementCounter-ExpertiseBackup Testing and Recovery ReadinessIncident RecoveryStrategic PlanningProvider Relationship ManagementExpert WitnessLaw 25 ComplianceSME OfferHuman ResourcesHR Compliance and IT PoliciesLaw 27 CompliancePay Equity and CompensationIT PlacementISO 27001 SupportCAN/DGSI 104 SupportSOC 2 Readiness SupportCPCSC SupportTGV Certification SupportQuebec Edtech ComplianceCyber Insurance SupportCrisis Tabletop ExerciseISO/IEC 42001 AI Governance
ContactSchedule a callOur TeamAbout Us
Français
HomeBlogServicesContactSchedule a callOur TeamAbout Us
Français

Independent advisory firm in IT governance and cybersecurity.

Factero supports executive teams in the structuring decisions they need to make about technology. The firm does not resell equipment, license software, or provide managed services, and receives no commission from any software vendor, MSP or integrator. Its independence rests on its judgment: recommendations answer the client's needs, never a commercial interest.

Why Factero exists

Very often, technology advice and the sale of solutions come from the same firm — the integrator, the reseller, or the managed services provider. These firms play an essential role in execution. But advising and selling follow two different logics: when they sit in the same company, a recommendation can follow the catalogue as much as the client's actual need. Factero keeps the two clearly separate: we advise, we do not sell the solution.

Factero was founded to offer another option. The firm's value doesn't lie in what gets purchased next, but in the quality of the decision the client makes. At the close of an engagement, the organization walks away with a clear picture of its situation and an action plan it can execute on its own, with its internal team, its current supplier, or any other provider it selects.

This approach applies equally to a small or mid-sized enterprise, a not-for-profit, a municipality, or a large organization. The method does not change with the size of the client.

What sets us apart

An enforceable independence charter

Many firms claim independence. We chose to make ours verifiable. Our Independence Charter is a public document in twelve articles, enforceable on every engagement. It establishes the primacy of the client's interest, the separation of decision and execution, the duty to refuse a project that should not be deployed, and the traceability of every judgment we make.

Contractual confidentiality

Each engagement begins with the signing of a formal confidentiality agreement in favour of the client, before any information is exchanged. Nothing — findings, documents, access, or even the existence of the engagement — is shared without your written authorization. That is why you will find no client logos or identifiable testimonials on this site. Trust is earned through rigour, not through displayed references.

An audited corporate certification

Factero is certified under CyberSecure Canada (CAN/DGSI 104:2021), a corporate certification audited by an independent third party and publicly verifiable in the official registries. The firm did not pursue certification as a formality, but for consistency: we apply to our own organization the standards we evaluate at our clients. This same discipline supports one of our principal services — guiding clients toward certification across a range of frameworks, including CyberSecure Canada and ISO 27001. In our view, a firm that guides clients toward certification should hold one itself. It is the only real proof that the firm has gone through the process itself.

Documented methods

Our methods don't depend on personal style. They are documented and applied the same way on every engagement, according to recognized governance and audit frameworks: NIST-CSF and ISO 27001. Our reports are written to be read directly by an executive team, a board, an auditor, or a financial partner, without rewriting or simplification.

A firm, not a consultant

Factero is an advisory firm, not a consultant. The difference is structural, not cosmetic: a written charter rather than a personal promise, a corporate certification rather than a CV, documented methods rather than a style. Founded in 2022 and based in Saint-Jean-sur-Richelieu, the firm operates in Quebec, Ontario, and New Brunswick. Engagements are conducted by a network of contractual expert partners, coordinated under a single Independence Charter and a single confidentiality commitment. Their fields cover strategic direction and governance, senior technical expertise, human resources, regulatory compliance, and recruitment. If the person you spoke with changes, the firm remains — and the engagement with it. When selecting a supplier or subcontractor, particularly in IT and cybersecurity, financial and operational due diligence matters as much as technical evaluation. A company in financial difficulty represents a real risk to continuity of service, knowledge transfer, sensitive data handling, and the ability to honour a contractual commitment over time. Before signing with anyone, ask for the proof: legal form, auditable corporate certifications, reasonable visibility on financial health, proof of insurance, and verifiable references. We apply these criteria to our own expert partners — and we expect you to apply them to us.