eesti

Global site
Africa
Americas
Asia Pacific
Europe
Middle East

Services

Audit control is an integral part of each company’s control procedures required for gaining the trust of clients and partners as well as managing the company.

See Overview

Other audit services
We help clients with the application and use of foreign financial aid of EU and other funds and help prepare financial reports.
Audit calculator
The calculator will answer if the company's sales revenue, assets or number of employees exceed the limit of an inspection or audit.

Corporate accounting and outsourcing

We offer full range of accounting and outsourcing services tailored to your needs.

See Overview

Payroll and related services
We perform payroll accounting for companies whether they employ a few or hundreds of employees.
Tax accounting
Grant Thornton Baltic's experienced tax specialists support accountants and offer reasonable and practical solutions.
Reporting
We prepare annual reports in a timely manner. We help to prepare management reports and various mandatory reports.
Consolidation of financial statements
Our experienced accountants and advisors help you prepare consolidation tables and make the consolidation process more efficient.
Consultancy and temporary staff
Our experienced specialists advise on more complex accounting transactions, rectify poor historic accounting, and offer the temporary replacement of an accountant.
Outsourced CFO service
Our CFO service is suitable for companies of all sizes and in all industries. We offer services to our clients in the required amount and competences.
Assessment of accounting processes
We help companies to implement accounting practices that are in compliance with local and international standards.
Accounting services for small businesses
We offer affordable service for small businesses. We help organize processes as smartly and cost-effectively as possible.
Cryptocurrency accounting
We keep up with blockchain technology to serve and advise crypto companies. We are supported by a network of colleagues in 130 countries.
Trainings and seminars
Our accountants have experience in all matters related to accounting and reporting. We offer our clients professional training according to their needs.

Related insights:

Women in business Three women’s journey to the top

This International Women’s Day, we shine the spotlight on our newest female leaders—this season, Grant Thornton Baltic’s Estonian office welcomed three new women partners. How did Gaily Kuusik, Terje Liiv, and Anni Vaiksaar reach senior management, and what unique values do they believe women can bring to leadership?

Gerli Soosalu

| 9 min read | 06 Mar 2025

Payroll

We perform payroll accounting for companies whether they employ a few or hundreds of employees. We do not offer one-size-fits-all packages, but always proceed...

See Overview

Legal advisory

We provide entrepreneurs with comprehensive legal advice to contribute to their economic success.

See Overview

Business advisory
We offer legal support to both start-ups and expanding companies, making sure that all legal steps are well thought out in detail.
Fintech advisory
Our specialists advise payment institutions, virtual currency service providers and financial institutions.
Corporate advisory
We advise on legal, tax and financial matters necessary for better management of the company's legal or organizational structure.
Transaction advisory
We provide advice in all aspects of the transaction process.
Legal due diligence
We thoroughly analyze the internal documents, legal relations, and business compliance of the company to be merged or acquired.
In-house lawyer service
The service is intended for entrepreneurs who are looking for a reliable partner to solve the company's day-to-day legal issues.
The contact person service
We offer a contact person service to Estonian companies with a board located abroad.
Training
We organize both public trainings and tailor made trainings ordered by clients on current legal and tax issues.
Whistleblower channel
At Grant Thornton Baltic, we believe that a well-designed and effective reporting channel is an efficient way of achieving trustworthiness.

Related insights:

Labor law Teleworking White Book: state of the art in 15 countries

An overview of remote work developments in 15 countries before, during and after the Covid-19 pandemic.

1 min read | 25 Nov 2024

Business advisory

Whether your company is just starting out, growing rapidly or in a stable stage of life - you need expert advice from time to time to make the right decisions.

See Overview

Business model or strategy renewal
In order to be successful, every company, regardless of the size of the organization, must have a clear strategy, ie know where the whole team is heading.
Marketing and brand strategy; creation and updating of the client management system
We support you in updating your marketing and brand strategy and customer management system, so that you can adapt in this time of rapid changes.
Coaching and development support
A good organizational culture is like a trump card for a company. We guide you how to collect trump cards!
Digital services
Today, the question is not whether to digitize, but how to do it. We help you develop and implement smart digital solutions.
Sales organisation development
Our mission is to improve our customers' business results by choosing the right focuses and providing a clear and systematic path to a solution.
Business plan development
A good business plan is a guide and management tool for an entrepreneur, a source of information for financial institutions and potential investors to make financial decisions.

Financial advisory

Failure to provide sufficient attention to corporate development and financial planning may trigger difficulties.

See Overview

Due diligence
We perform due diligence so that investors can get a thorough overview of the company before the planned purchase transaction.
Mergers and acquisitions
We provide advice in all aspects of the transaction process.
Valuation services
We estimate the company's market value, asset value and other asset groups based on internationally accepted methodology.
Forensic expert services
Our experienced, nationally recognized forensic experts provide assessments in the economic and financial field.
Business plans and financial forecasts
The lack of planning and control of cash resources is the reason often given for the failure of many businesses. We help you prepare proper forecasts to reduce business risks.
Outsourced CFO service
Our CFO service is suitable for companies of all sizes and in all industries. We offer services to our clients in the required amount and competences.
Reorganization
Our experienced reorganizers offer ways to overcome the company's economic difficulties and restore liquidity in order to manage sustainably in the future.
Restructuring and reorganisation
We offer individual complete solutions for reorganizing the structure of companies.

Tax

With more than 25 years of experience, our team offers wide range of tax services in close cooperation with colleagues from the Grant Thornton network.

See Overview

Corporate taxation
We advise on all matters related to corporate taxation.
Value added tax and other indirect taxes
We have extensive knowledge in the field of VAT, excise duties and customs, both on the national and international level.
International taxation
We advise on foreign tax systems and international tax regulations, including the requirements of cross-border reporting.
Transfer pricing
We help plan and document all aspects of a company's transfer pricing strategy.
Taxation of transactions
We plan the tax consequences of a company's acquisition, transfer, refinancing, restructuring, and listing of bonds or shares.
Taxation of employees in cross-border operations
An employee of an Estonian company abroad and an employee of a foreign company in Estonia - we advise on tax rules.
Tax risk audit
We perform a risk audit that helps diagnose and limit tax risks and optimize tax obligations.
Representing the client in Tax Board
We prevent tax problems and ensure smooth communication with the Tax and Customs Board.
Taxation of private individuals
We advise individuals on personal income taxation issues and, represent the client in communication with the Tax and Customs Board.
Pan-Baltic tax system comparison
Our tax specialists have prepared a comparison of the tax systems of the Baltic countries regarding the taxation of companies and individuals.

Mergers and acquisitions

Should you wish to buy out a competitor to boost your business, or, rather, to dispose of your company, the advisers of Grant Thornton Baltic will provide you...

See Overview

Business risk services and internal audit

Our experienced specialists help your organization to regularly assess risks that threaten the fulfillment of goals.

See Overview

Internal audit
We assist you in performing the internal audit function, performing internal audits and advisory work, evaluating governance, and conducting training.
Internal Audit in the Financial Services Sector
We provide internal audit services to financial sector companies. We can support the creation of an internal audit function already when applying for a sectoral activity license.
Audit of projects
We conduct audits of projects that have received European Union funds, state aid, foreign aid, or other grants.
Prevention of money laundering
We help to prepare a money laundering risk assessment and efficient anti-money laundering procedures, conduct internal audits and training.
Risk assessment and risk management
We advise you on conducting a risk assessment and setting up a risk management system.
Custom tasks
At the request of the client, we perform audits, inspections and analyzes with a specific purpose and scope.
External Quality Assessment of the Internal Audit Activity
We conduct an external evaluation of the quality of the internal audit or provide independent assurance on the self-assessment.
Whistleblowing and reporting misconduct
We can help build the whistleblowing system, from implementation, internal repairs and staff training to the creation of a reporting channel and case management.

Information security services

Our experienced and certified experts guarantee high quality services that precisely meet the specific needs and characteristics of each client.

See Overview

Information security management
We provide you with an information security management service that will optimise resources, give you an overview of the security situation and ensure compliance with the legislation and standards.
Information security roadmap
We analyse your organisation to understand which standards or regulations apply to your activities, identify any gaps and make proposals to fix them.
Internal audit of information security
Our specialists help detect and correct information security deficiencies by verifying an organization's compliance with legislation and standards.
Third party management
Our specialists help reduce the risks associated with using services provided by third parties.
Information security training
We offer various training and awareness building programmes to ensure that all parties are well aware of the information security requirements, their responsibilities when choosing a service provider and their potential risks.
Digital Operational Resilience Act (DORA)
We will help you create a DORA implementation model that meets your company's needs and ensures that you meet the January 2025 deadline.

Related insights:

Information security services What is the Estonian information security standard, E-ITS and what approach to take?

The Estonian information security standard (E-ITS) is an Estonian-language standard compatible with the Estonian legal system and developed for ensuring protection for business processes and information systems used for fulfilling public functions.

Marika Rand

| 5 min read | 27 Mar 2025

Sustainability services

We support businesses and investors in conducting business responsibly

See Overview

ESG advisory
We help solve issues related to the environment, social capital, employees, business model and good management practices.
ESG audit
Our auditors review and certify sustainability reports in line with international standards.
Sustainable investments
We help investors conduct analysis of companies they’re interested in, examining environmental topics, corporate social responsibility and good governance practices.
Sustainable tax behaviour
Our international taxation specialists define the concept of sustainable tax behaviour and offer services for sustainable tax practices.
ESG manager service
Your company doesn’t necessarily need an in-house ESG manager. This role can also be outsourced as a service.

Related insights:

Omnibus Package Can Omnibus help us out of the bureaucratic tangle?

On 26 February, the European Commission released significant proposals for easing the European Union’s sustainability rules. Called the Omnibus Package, the proposals covers the Corporate Sustainability Reporting Directive (CSRD), the Corporate Sustainability Due Diligence Directive (CSDDD) and EU Taxonomy regulations.

Alar Urke

| 5 min read | 11 Mar 2025

Human resources and recruitment services

We offer to outsource the HR services in the exact amount and precisely in the section of work that you need.

See Overview

Recruitment services – personnel search
We help fill positions in your company with competent and dedicated employees who help realize the company's strategic goals.
Recruitment support services
Support services help to determine whether the candidates match the company's expectations. The most used support services are candidate testing and evaluation.
Implementation of human resource management processes
We either assume a full control of the launch of processes related to HR management, or we are a supportive advisory partner for the HR manager.
Audit of HR management processes
We map the HR management processes and provide an overview of how to assess the health of the organization from the HR management perspective.
HR Documentation and Operating Model Advisory Services work
We support companies in setting up HR documentation and operational processes with a necessary quality.
Employee Surveys
We help to carry out goal-oriented and high-quality employee surveys. We analyse the results, make reports, and draw conclusions.
HR Management outsourcing
We offer both temporary and permanent/long-term HR manager services to companies.

Related insights:

Company culture Experience: a working group dedicated to supporting values-based corporate culture

Where to start if your company doesn’t have a human resources director and HR policy, and on top of it, has a negative employer net promoter score? Grant Thornton Baltic’s HR director Marge Litvinova and recruiter Kätlin Treima share some valuable experience.

Helen Roots

| 7 min read | 03 May 2024

Digital services

Grant Thornton Digital helps you develop and deploy smart digital solutions that lead your business into the future.

See Overview

Digital strategy
We help assess the digital maturity of your organization, create a strategy that matches your needs and capabilities, and develop key metrics.
Intelligent automation
We aid you in determining your business’ needs and opportunities, as well as model the business processes to provide the best user experience and efficiency.
Business Intelligence
Our team of experienced business analysts will help you get a grip on your data by mapping and structuring all the data available.
Cybersecurity
A proactive cyber strategy delivers you peace of mind, allowing you to focus on realising your company’s growth potential.
Innovation as a Service
On average, one in four projects fails and one in two needs changes. We help manage the innovation of your company's digital solutions!

Related insights:

Case study We advised German company RAUMEDIC

Grant Thornton Baltic OÜ advised German company RAUMEDIC AG on the acquisition of aktsiaselts A&G. RAUMEDIC AG is a leading developer and manufacturer of systems and components and a partner to medical and pharmaceutical industries. Core business of aktsiaselts A&G is production of medical supplies.

2 min read | 13 Jan 2022

Services for crypto companies

As one of the few advisory companies in Estonia, we are competent to offer virtual currency service providers (VASP) support services, such as accounting, tax...

See Overview

Starting business in Estonia?

We know that global expansion is the natural evolution for a thriving business. Whether you’re expanding into new markets, entering Estonia or maximising the...

See Overview

Information security services

What is the Estonian information security standard, E-ITS and what approach to take?

By:

Marika Rand

27 Mar 20255 min read

Contents

E-ITS is based on the internationally recognised information security management standard ISO/IEC 27001 and the German baseline security system BSI IT-Grundschutz. The aim of the standard is to raise the level of Estonian public and private sector organisations’ information security and ensure system-wide security administration.

Along with ISO 27001, E-ITS is one of two possible information security standards that is obligatory to implement for vital service providers, public sector entities and others in the purview of the Network and Information System Security Directive (NIS) 2. They include companies engaged in providing district heat, keeping local roads passable, suppling drinking water and sewerage service and supplying medicines.

What are the steps to implementing E-ITS?

Implementation of E-ITS is a systematic process consisting of the following basic steps:

Mapping business processes

A business process is a set of actions, operations and procedures that can generate goods or services (such as payment service, heating service etc.). The goal of the step is to establish business processes that need security.
Loss analysis

Loss analysis is used to examine potential losses incurred as a result of breach of basic objectives of each business process, i.e. confidentiality, integrity or availability. Losses consist of direct damage (such as a grant forgone or penalty payment due to legal consequences) and indirect damage (such as loss of reputation). Loss analysis provides input for determining the protection needs (need arising from the value of an asset to safeguard the asset).
Defining the protection scope

Activities, services (business processes) and related assets belonging to the protection scope and which will be protected by the information security process in future are defined. The goal is to define and document the protection scope as clearly as possible.
Risk management

A suitable risk management methodology is prepared and a risk management process is carried out, consisting of identification and analysis of risks and planning of risk handling.
Compiling the basic documents for information security

In basic documents the aims and principles of information security are defined, measurable goals are set, and the information security strategy, policy and other necessary basic documents are compiled. Documents needed for implementing specific security measures are not prepared in this stage.
Determining security measures and preparing an implementation plan of information security measures

The information security measures implementation plan is a work plan used by the organisation to apply security measures. The implementation plan describes the timeframe, persons in charge, actions and resources. It is a means of managing and controlling the implementation of the entire information security process throughout the organisation. In order to prepare the information security measures implementation plan, security measures to be taken are defined taking into account the results of previous steps and risk analysis, and the current state of their implementation is established. The information security measures implementation plan is then prepared and priorities of activities are determined.
Implementation of the information security measures implementation plan

Information security measures are implemented pursuant to the implementation plan. Detailed analysis of implementing individual measures is conducted in the course of further work.

Who should implement and audit E-ITS?

E-ITS is obligatory for the following organisations (not an exhaustive list):

public sector institutions;
vital service providers;
other organisations specified in the Cyber Security Act (amendments to the legislation pending, and the list will expand).

A large share of these organisations must also commission an audit of compliance with the terms and conditions of E-ITS.

The following organisations do not have to order one:

micro-enterprise, i.e., service provider with an average of less than 10 employees and whose balance sheet total for the year is not more than 2 million euros;
state museum, museum operated by a person in public law, municipality or city government department, institution administered by municipality or city government department, municipal district or city district government department, institution administered by municipal district or city district government department and local government units’ shared authority and institution, not including cases involving a data processor or data controller for the purposes of the GDPR;
service provider that has implemented security measures conforming to the requirements of ISO/IEC 27001 and submits to the Estonian Information System Authority a certificate to that effect.

Since the Cyber Security Act is being amended, the range of persons required to implement and audit E-ITS may change.

What do I do if the standard seems complicated and I don’t know where to begin?

Take part in the training at the Digital State Academy. Introduction to and implementation of the Estonian information security standard (E-ITS): from protection needs to implementation plan.
Talk to implementers at other organisations; ask for advice.
Take part in Estonian Information System Authority information events.
Read up on the subject on the eits.ria.ee website.
Start implementing, because most of the skills and insights develop as you go.
Contact Grant Thornton Baltic. Write to us using the query form or send an email to our Head of Digital and Information Security Services Artti Aston at artti.aston@ee.gt.com.

What is the Estonian information security standard, E-ITS and what approach to take?

What are the steps to implementing E-ITS?

Who should implement and audit E-ITS?

What do I do if the standard seems complicated and I don’t know where to begin?

CONNECT

ABOUT

LEGAL

What is the Estonian information security standard, E-ITS and what approach to take?

What are the steps to implementing E-ITS?

Who should implement and audit E-ITS?

What do I do if the standard seems complicated and I don’t know where to begin?

Related Insights