Written by Laurent Dupont

A day in the life of Cedric Foccaert

Ever wondered what a typical day looks like for a Toreon consultant? Cedric, an expert in Governance, Risk, and Compliance, spends his day balancing tasks like developing tailored solutions for SMEs and helping clients prepare for ISO27001 audits. His days are filled with varied responsibilities, team collaborations, and ongoing learning. Follow along as he navigates a busy day, setting the tone for the rest of the week.

11/03/2025

The start of a new week!

Monday is always a very diverse day where I ensure a touchpoint with all of my projects and prioritize different tasks to be performed the rest of the week. It is the perfect day to be at the office, allowing for short syncs with different colleagues.

I started off with a project led by a colleague from the GRC (Governance, Risk, and Compliance) team. He is supporting an SME to become SOC 2 compliant and requested me, a colleague from the Data Security team, to provide a hands-on proposal to reduce the risk of data leakage by securing the BYODs (Bring Your Own Devices) and introducing sensitivity labels to documents. After the meeting last week with the customer about a draft, I can now finalise the proposal, keeping in mind their existing subscriptions, company policies, and company culture.

Toreon successfully rolled out multiple data leakage prevention implementations at larger organizations using Microsoft Purview. We noticed a growing interest in these solution from SMEs as well. Our tailored data leakage prevention offering towards SMEs is what I will contribute to next. We will definitely take Microsoft’s recent release of the 365 E5 Security add-on for Business Premium users into account!

My stomach kindly informs everyone around me that we are closing in on the lunch break. Before lunch, however, I am picking up an important project that I will be working on for most of the remainder of the day. I am helping a client prepare for their upcoming ISO27001 audit. My focus goes towards interviewing the more technical profiles and translating their knowledge into processes and procedures. By translating, by answering their questions, and by following up on their concerns, I coach them in the ways of the force ISO27001.

Providing ISO27001/2 support is uncommon for a Data Security Consultant. I, however, started as a GRC Consultant. Thanks to Toreon’s training days and budget, I was able to expand my cloud security skills and transition into Data Security. Now, I am perfectly positioned to bridge the gap between technical aspects and governance. Before wrapping up today, I will update my Personal Development Plan and send it to my Team Lead. He will provide his insights to fine-tune my development plan and better enable me to achieve the goals I set forward.

Tomorrow, I have got an on-site day planned dedicated to one client only: very different, equally impactful.