Aligning a Romanian ministry IT estate with NIST CSF in 90 days

A national ministry needed to align hundreds of legacy systems and processes to NIST CSF before an EU funding milestone, with no clear baseline of where they stood across Identify–Protect–Detect–Respond–Recover.

WPROIT consultants ran a structured maturity assessment, mapped each control to existing evidence, prioritised the gap-closure backlog by funding-deadline risk, and provided weekly steering-committee reporting.

The ministry reached "Tier 3 — Repeatable" maturity across all five functions ahead of the deadline, securing the next funding tranche and a clear roadmap to Tier 4.