IT consulting for companies. Technology decisions with judgment, not by fashion.

The consulting that doesn't sell itself — it gets hired

The word consulting has been worn out by overuse. Too many firms promise "digital transformation" without understanding the client's business, too many decks full of colourful frameworks end up in drawers, and too many 100-page reports never get read past the executive summary. Our way of doing IT consulting is the opposite: few slides, a lot of conversation, a short roadmap, and an explicit commitment about what happens next week.

At Impulso Tecnológico we've been working with management at mid-sized companies in Spain, Portugal and other European markets for 26 years. We have active clients in 25 countries, we've lived through three complete technology cycles (client-server to cloud, cloud to applied AI), and we've seen the projects that work and the ones that fall apart in production. That experience translates into practical advice, not imported frameworks. When a company hires us for consulting, what it gets is direct access to senior practitioners, not a junior team rotating under an unreachable partner.

Technology diagnosis: start by understanding, not by proposing

Almost every consulting project that fails shares the same origin: the consultant arrived with the answer before understanding the question. Our technology diagnosis reverses that order. Before proposing anything, we spend two to four weeks (depending on company size) genuinely understanding the current situation:

• Interviews with the CEO, CFO and head of operations: what business goals are on the table for the next 18–36 months, what technological friction is slowing those goals down, what realistic budget exists.
• Conversations with the internal IT team (if there is one): state of the infrastructure, accumulated technical debt, systems that are painful to maintain, tools that no longer scale.
• Technical inventory: servers, applications, licences, current vendor contracts, renewal dates, hidden costs.
• Key-process analysis: where time is lost, what tasks could be automated, where there's operational risk concentrated in a single person.
• Security and compliance review: status against NIS2, ENS, ISO 27001 or GDPR depending on the client's sector.

The deliverable is a 20–30 page executive report, in business language, with a clear map of the current state, the three to five real priorities, the risks detected and a proposed master plan with phases, budget and dependencies. No opacity, no disguised upsell.

3-year IT master plan: the compass most companies are missing

Mid-sized companies usually live trapped in the urgent: fix what's broken, answer the customer who just called, patch the tool that stopped working. Without a medium-term plan, IT decisions are made reactively, not as deliberate capability-building. Our 3-year master plan orders priorities across three horizons:

• Horizon 1 (0–6 months): the critical — close security gaps, stabilise infrastructure at its limit, eliminate dangerous dependencies on a single vendor or person.
• Horizon 2 (6–18 months): the structural — infrastructure modernisation, cloud migration where it makes sense, consolidation of redundant tooling, automation of key processes.
• Horizon 3 (18–36 months): the strategic — new capabilities that back business growth (analytics, applied AI, integration with customers and suppliers, international expansion with consistent technology).

Each phase comes with a closed budget, dependencies, accepted risks and success metrics. The plan is reviewed quarterly with management — it doesn't get signed and shelved. Technology changes fast, business changes faster, and a master plan that doesn't get updated stops being a plan within six months.

Executive advisory: the consultant who sits next to you

A significant part of our consulting work isn't delivering reports — it's accompanying management day to day. Many CEOs and CFOs at mid-sized companies don't have a technical profile on the management committee, and they're facing technical decisions with serious financial consequences: multi-year cloud contracts, cybersecurity investments, core-system modernisations, M&A operations where IT integration is the critical factor.

For those cases we offer an executive advisory: a senior Impulso person regularly attends the management committee as virtual CIO, reviews contracts before they're signed, evaluates competing proposals, prepares the annual technology plan and helps present it to the board or shareholders. It doesn't replace the internal team — it backs it with external experience and market vision that's hard to build from within.

Virtual CISO: cybersecurity leadership without a full-time hire

NIS2, ENS, demands from corporate clients, insurers asking for technical evidence to renew the cyber policy. Mid-sized companies increasingly need a Chief Information Security Officer (CISO) — but most can't and shouldn't hire one full-time. Our virtual CISO service covers that function on demand:

• Definition and maintenance of the Information Security Management System (ISMS).
• Annual risk analysis and prioritised treatment plan.
• Internal audits and preparation for external audits (ENS, ISO 27001).
• Incident response: when there's a breach, the virtual CISO leads the response from minute one.
• Quarterly reporting to management with measurable security indicators (not smoke).
• Contract support with corporate clients who demand concrete security evidence.

Vendor selection and contract negotiation

A less glamorous but enormously profitable part of consulting is selecting and negotiating with technology vendors. Companies routinely sign cloud licensing, communications, business-software or support contracts that cost double what they should, because no one with technical judgment sat down to read the fine print. We help:

• Define functional and technical requirements before requesting quotes.
• Launch and compare RFPs / tenders against objective criteria.
• Negotiate contracts (price, SLA, exit clauses, data ownership, price-rise conditions).
• Audit billing from cloud and telecom providers — vendor-favourable errors are surprisingly frequent.

The savings detected in the first contract audit alone typically cover several years of consulting fees. It's not marketing — it's what happens in most projects.

Technology due diligence for M&A

When a company buys or merges with another, technology due diligence is one of the chapters most worth running with external judgment. A bad acquisition can hide years of technical debt, poorly documented intellectual property, non-transferable software contracts, hidden security risks, or critical dependencies on people who leave with the deal. Impulso has participated in due diligence for operations in industrial, professional-services and retail sectors, producing reports that have been used both to adjust price and to reorient the operation.

How we work

Every client enters through a free initial assessment (1–2 hours, on-site or remote) → full technology diagnosis with executive report (2–4 weeks) → master plan with phases, budget and priorities → continuous executive advisory as needed (monthly, quarterly or on demand) → quarterly review of the plan with management and adjustment of priorities.

If you need to talk to a senior consultant about an important technology decision this week, call +34 91 505 7575. The first conversation never costs anything.