Recommended expert

Gabriele Bolek-Fügl

Founder and Managing Director

Gabriele Bolek-Fügl
Vienna, Austria

Experience

Apr 2024 - Present
1 year 10 months
Vienna, Austria

Founder and Managing Director

PaiperOne GmbH

  • Development, acquisition, consulting and controlling
  • Implementation of ISO 42001 certification
  • Software as a Service in AI compliance and consulting
  • AI training for the staff of two Austrian publishing groups
  • AI training for the management of the state of Lower Austria
  • AI strategy workshop for a Styrian and a Salzburg municipality
  • AI workshops for the House of Digitalization in Tulln
  • AI trainings for municipalities at the KDZ
  • Conducting “Certified AI Compliance Officer” training at the Academy for Internal Audit
  • Organizational consulting on AI governance at the Austrian Health Insurance Fund (ÖGK)
  • Project support for “homepage chatbot at the öbv”
  • Certification audits at Austrian Standards (AI Manager)
  • Design of an AI governance platform including a chatbot for EU AI Act questions
Oct 2020 - Present
5 years 4 months
Vienna, Austria

Founder and Managing Director

Compliance 2b GmbH

  • Acquisition, sales, consulting and accounting
  • Software as a Service in whistleblowing
  • Project management for an Austrian bank on regulatory matters (2021–2025)
  • Risk reporting for the bank
  • Expansion of monthly, quarterly and annual reporting
  • Automation of reporting
  • Taking on the internal audit function for Austriacard Holding AG (2022–2025)
  • Supporting internal audit in IT audits at the Federal Ministry of Justice Austria (2022–2023 and Q2 2025)
  • Conducting “Auditing AI” trainings at the Academy for Internal Audit (2023–2024)
  • Conducting data protection (GDPR) trainings
  • Conducting “Certified Whistleblowing Officer” trainings at the Academy for Internal Audit (since 2022)
  • Operating a whistleblowing platform under the EU Directive, German Whistleblower Protection Act and Austrian Whistleblower Protection Act
  • Support in implementing a whistleblowing compliance organization (2022–2024)
  • Analyses of whistleblowing reports from our clients (since 2022)
Feb 2015 - May 2020
5 years 4 months
Vienna, Austria

Director Compliance Solutions

BDO Austria GmbH

  • Authorized signatory for BDO Consulting GmbH
  • Acquisition, sales, consulting and controlling
  • Conducting IT risk assessments as part of annual audits (approx. 170 individual audits per year with a team of 7–10 staff, including 3 private banks)
  • Consulting on implementing IT standards in companies
  • Audits under IDW PS 880 and ISAE 3402
  • Supporting online betting providers with gaming compliance systems and online gaming license applications in multiple countries
  • Consulting on and implementing measures for EU GDPR
  • Trainings on data protection (GDPR) and information security
  • Various IT audits as part of internal audit engagements
  • Software evaluation of ERP systems
  • Handling fraud projects and investigations related to cyber security insurance
  • Designing a new IT environment for a medium-sized family business
  • Data protection officer for BDO Austria (2018-05–2020-03)
  • Monthly controlling
  • Staff management, annual reviews and new hires
Nov 2010 - Jan 2015
4 years 3 months
Vienna, Austria

Partner and Senior Consultant

corporate quality consulting GmbH

  • Acquisition, marketing/sales, consulting and controlling
  • Signing authority
  • Feasibility study, concept development, professional staff assessment and implementation of IT demand management including change management at a public transport company
  • Design and execution of workshops, development of an IT strategy and definition of processes for the continuous development of the IT strategy at a transport company
  • Trainings in agile project management (SCRUM)
  • Creation of an IT risk catalog for the Antares RIMIS platform
  • Design, training and implementation of a quality management system for rehabilitation clinics including change management at an Austrian rehabilitation provider
  • Support in building an efficient internal control and risk management system at a private bank in Vienna
  • Design of SAP GRC for a public administration data center
  • Annual development of short-term corporate strategy including budget planning, marketing activities, training and client analysis
  • Monthly controlling
  • Staff management and hiring
  • Risk and quality management activities (ISO 9001 certification)
Feb 2006 - Nov 2010
4 years 10 months
Vienna, Austria

Senior Manager and Authorized Signatory

Deloitte Wirtschaftsprüfungs GmbH

  • Operational management of the internal audit, risk management and IT audit department
  • Authorized signatory
  • Support for annual audits: planning, coordination, project management and conducting approx. 400 individual audits per year (IT systems, processes, internal controls, risk management) with a team of 12–18 staff, including BAWAG, ÖVAG and Constantia Bank
  • Support for internal audits of clients in Austria and Eastern Europe (review of group policy implementation, IT audits, SAP authorization audits, process and control reviews)
  • Risk management projects: building and auditing risk management systems at a UN organization, an Austrian energy provider and a large automotive company; facilitating risk management workshops at a textile firm
  • Conducting compliance audits for archiving systems
  • License audits in Austria for Microsoft
  • Support in forensic projects (data analysis, processes)
  • Annual planning of budget, resources, marketing activities, training and client analysis
  • Maintaining relationships with partner firms
  • Departmental accounting and controlling
  • Staff management, annual reviews and hiring
  • Internal quality management activities and implementation of international network standards
  • Trainings for IT auditors in the Deloitte network (SAP and IT audit)
Mar 2004 - Oct 2004
8 months
Vienna, Austria

Head of IT Security, Risk and Process Management

ARZ Allgemeines Rechenzentrum GmbH

  • Established internal risk and process management
  • Designed and introduced an efficient process management system for data center operations (project lead)
  • Designed and built an efficient risk management system (project lead)
  • Supported and coached the setup of internal audit
  • Point of contact for external auditors (statutory auditors and SAS 70 certification)
Apr 2000 - Feb 2004
3 years 11 months
Vienna, Austria

Department Head

KPMG Austria GmbH

  • Led a team of IT auditors
  • Manager of the IT department in Vienna (authorized signatory)
  • Planned, coordinated, managed projects and conducted various compliance audits as part of annual audits (Raiffeisen Bank, Bank Austria, BAWAG, Volksbanken)
  • Project leader for network security audits
  • Conducted internal audit projects in Austria
  • Planned the annual departmental resources for the audit and IT service department
  • Defined internal service level agreements and provided applications
  • Planned marketing activities for the IT audit department
  • Maintained relationships with partner and network companies
  • Locally adapted and implemented international corporate identity guidelines
Oct 1995 - Mar 2000
4 years 6 months

IT Auditor

KPMG Deutsche Treuhand Gesellschaft

  • Conducted various compliance audits as part of annual audits (including Bayerische Landesbank)
  • Led IT security audits of online home banking applications (Deutsche Bank, Bankgesellschaft Berlin, Bayerische Vereinsbank)
  • Carried out international audit projects (USA, Australia, Hong Kong, Netherlands, Austria, Russia) for the internal audit of Siemens AG
  • Internal IT auditor for the global KPMG network
  • Conducted IT security training in Germany

Summary

After earning my diploma in business mathematics, I started my professional career at KPMG. In total, I have worked for over 22 years at Big 4 firms and consulting companies in areas such as IT security product portfolios, process audits, risk management and internal audit. Between 2015 and 2020, I worked at the international audit network BDO, where I also explored new technologies like blockchain and artificial intelligence, and I served as data protection officer for BDO Austria for two years. Since May 2020, I have focused on founding the local chapter of Women in AI Austria, where I was vice president until early 2025. In October 2020, I founded my startup Compliance 2b GmbH, running an internal whistleblowing channel for companies that uses trusted AI to support the client's case handlers in analyzing reports. In April 2024, I co-founded PaiperOne GmbH with two other founders, which develops an AI compliance platform to implement the EU AI Act and offers workshops and training in AI. I am also co-author of the book "KI-VO", published in November 2024.

Languages

German
Native
English
Advanced

Education

Oct 1989 - Sep 1995

University of Ulm

Diploma in Business Mathematics · Business Mathematics · Ulm, Germany

Apollon Hochschule

Master of Health Economics · Health Economics · Bremen, Germany

Certifications & licenses

Certified AI Compliance Officer

Akademie Interne Revision

Certified Whistleblowing Officer

Akademie Interne Revision

IEEE 7000 Valuebased Engineering

IEEE.org

IEEE Zum CertifAId Assessor

IEEE.org

Need a freelancer? Find your match in seconds.
Try FRATCH GPT
More actions

Similar Freelancers

Discover other experts with similar qualifications and experience

Zoran Jovanovic
Zoran Jovanovic

Senior IT PM & Governance & Operational Resilience Consultant | Financial Services

View Profile
Alexander Sänn
Alexander Sänn

Owner and Managing Director

View Profile
Federico Leefhelm
Federico Leefhelm

ISO – Senior Consultant Quality & Information Security

View Profile
Michael Schwendemann
Michael Schwendemann

Compliance Consultant

View Profile
Markus Willems
Markus Willems

KRITIS Consultant

View Profile
Björn Bausch
Björn Bausch

Project Manager NIS-2

View Profile
Károly Aczél
Károly Aczél

NIS2 & Risk Strategy Consultant

View Profile
Sandra Klinkenberg
Sandra Klinkenberg

Webinar Leader - Blackout Prevention and Preparation

View Profile
Lucas Löcken
Lucas Löcken

Consultant in Information Security, Data Protection and Business Continuity Management

View Profile
Volkmar Jaekel
Volkmar Jaekel

Consultant

View Profile
Herbert Fuchs
Herbert Fuchs

Oracle Fusion Transformation Program Lead

View Profile
Michael Thiemann
Michael Thiemann

Advisor

View Profile
Burkhard Hinz
Burkhard Hinz

Consultant for Data Protection, AI, Compliance and Organizational Development

View Profile
Christine Schmitt
Christine Schmitt

Lead OT Security | Industrial Cybersecurity | Cyber Program Manager | CISO Advisor

View Profile
Michael Vogelbacher
Michael Vogelbacher

AI Project Management and Governance Setup

View Profile
Ina Rothe
Ina Rothe

Consultant

View Profile
Swetlana Liebig
Swetlana Liebig

IT Audit; Internal Control; SOX

View Profile
Christian Schmitt
Christian Schmitt

Operation Manager

View Profile
Volker Jung
Volker Jung

Interim CISO (Germany, Austria, US, APAC), Auditor

View Profile
Christine Mährle
Christine Mährle

Management Consultant

View Profile
Jörg Hoffmann
Jörg Hoffmann

Managing Director; Data Protection Officer; Information Security Officer

View Profile
Maxim Ribakowski
Maxim Ribakowski

Information Security Officer

View Profile
Patrick Von der gönna
Patrick Von der gönna

Senior Director, Retail Media

View Profile
Achim Klein
Achim Klein

Portfolio Manager, Consultant, Leadership Coach

View Profile
Christian Gebhardt
Christian Gebhardt

Deputy Chief Information Security Officer

View Profile
Nikolaus Betzler
Nikolaus Betzler

ICT Risk Management and Information Security

View Profile
Manuel Kathofer
Manuel Kathofer

Overall Project Manager for the Global Roll-Out of a Quality and Document Management System

View Profile
Stefan Radushev
Stefan Radushev

ISO27001 Certification

View Profile
Burak Gücer
Burak Gücer

Senior Consultant

View Profile
Ronald Foerster
Ronald Foerster

IT Consultant & Professional Training

View Profile