Engagement Model
Every engagement follows a structured, confidential process designed for institutional clients who require discretion, precision, and accountability at every stage.
Initial Consultation
Engagements begin with a confidential, obligation-free preliminary conversation. This initial exchange — typically conducted by phone or secure video call — allows both parties to evaluate alignment before any formal commitment. Intarmour does not require detailed disclosure of sensitive information at this stage; the purpose is to understand the nature of the requirement and determine whether our advisory capabilities are appropriate for the engagement.
During the initial consultation, we discuss the general scope of the requirement, the organizational context, any time constraints or regulatory deadlines, and the type of deliverables expected. We also outline our advisory approach, relevant experience in comparable situations, and the confidentiality framework that governs all Intarmour engagements. This conversation typically lasts 30 to 45 minutes and provides sufficient information for both parties to determine whether to proceed to the scoping phase.
Mutual NDA & Scoping
Before any substantive exchange of information takes place, Intarmour executes a mutual non-disclosure agreement with the prospective client. This is a non-negotiable prerequisite for all engagements. Our standard NDA covers bidirectional confidentiality obligations, specifies permitted use of disclosed information, and establishes clear data handling requirements for both parties.
Once the NDA is in place, we conduct a detailed scoping call. This session is designed to define the precise boundaries of the engagement: systems in scope, stakeholders involved, regulatory frameworks applicable, geographic jurisdictions, transaction timelines, and any existing security assessments or documentation that may inform the advisory work. For M&A engagements, this includes understanding the target company profile, deal structure, and Investment Committee reporting requirements.
Clients may use their own NDA if preferred. In such cases, Intarmour reviews the proposed terms and may suggest amendments to ensure reciprocal protection of both parties' confidential information.
Proposal & Scope Definition
Following the scoping call, Intarmour prepares a detailed proposal document. This is not a generic capabilities brochure — each proposal is written specifically for the engagement at hand. The proposal includes a clearly defined scope of work, methodology description, deliverable specifications, timeline with milestones, team composition, and terms of engagement.
Proposals are typically delivered within five business days of the scoping call. Complex, multi-phase engagements or those involving multiple jurisdictions may require additional scoping discussions before the proposal is finalized. We welcome questions and revisions — proposals are working documents intended to reach mutual agreement on scope and expectations before work begins.
All proposals include explicit assumptions, exclusions, and conditions. This level of specificity protects both parties by establishing clear expectations and preventing scope ambiguity. Change management procedures are defined for any scope modifications that arise during the engagement.
Engagement Structures
Project-Based
Fixed-Scope Advisory
Defined scope, deliverables, and timeline. Appropriate fortechnical due diligence, NIS2 gap assessments, pre-IPO security reviews, and post-merger integration planning. Each project engagement includes a clear statement of work, milestone schedule, and final deliverable package.
Typical duration: 2–12 weeks depending on scope
Retainer-Based
Ongoing Advisory Access
Continuous strategic advisory for organizations requiring sustained cybersecurity leadership. Virtual CISO engagements,board advisory mandates, and portfolio-level security oversight. Retainers include defined monthly advisory hours, quarterly deliverables, and priority access for emerging issues.
Typical commitment: 6–12 months minimum
Some engagements combine both structures — for example, a project-based due diligence engagement that transitions into a retainer for post-acquisition advisory support. Intarmour is flexible in structuring arrangements that align with client requirements and transaction timelines.
Deliverables & Communication
Every Intarmour engagement produces substantive, written deliverables. We do not provide verbal-only advisory; all findings, recommendations, and strategic guidance are documented in structured reports intended for executive and board-level audiences. Deliverables are designed to be actionable — clear conclusions, prioritized recommendations, and implementation guidance.
Communication protocols are established at the start of each engagement. This includes designation of primary points of contact on both sides, preferred communication channels, regular status update frequency, and escalation procedures. For transaction-related engagements, communication protocols are aligned with deal team structures and data room access procedures.
Sensitive findings are communicated through secure channels. We offer PGP-encrypted email for written communications and can accommodate client-specified secure collaboration platforms. Draft deliverables are reviewed with designated client stakeholders before finalization to ensure accuracy, completeness, and alignment with internal requirements.
Confidentiality Standards
Confidentiality is not an add-on — it is foundational to every Intarmour engagement. Client identities, engagement details, transaction information, and all findings remain strictly confidential. We do not reference client names in marketing materials, proposals to other clients, or public communications without explicit written authorization.
Information compartmentalization is standard practice. Where Intarmour conducts concurrent engagements, strict information barriers are maintained between engagement teams. Conflict of interest screening is performed before accepting any new engagement, and any potential conflicts are disclosed and resolved before work begins.
Post-engagement, all client data is handled in accordance with our Confidentiality & Discretion policy. Working files are securely disposed of according to agreed retention schedules, and final deliverables are archived under encryption with access strictly limited.
Ready for institutional-grade
cybersecurity?
Confidential assessments for qualified Private Equity and Family Office entities requiring sovereign defense infrastructure.