Skip to main content

Hamburg Digital Check

Your information security and digitalisation, assessed in two weeks, with 50% of the fee funded by IFB Hamburg.

A fixed-fee assessment of where your Microsoft and Azure setup is exposed and where digitalisation pays back. It ends in the Realisierungskonzept the Hamburg Digital Check requires, so IFB Hamburg reimburses 50 percent of the fee, up to €7,500.

Fixed fee
€15,000
Duration
2 weeks
IFB funding
up to €7,500

At a glance

Fixed fee
€15,000
Duration
2 weeks
IFB funding
up to €7,500
Markets served
DACH and Benelux

Who it's for

  • You run a Hamburg business under 250 people, and information security and digitalisation keep losing to more urgent spending.
  • You want an independent read of where your Microsoft and Azure setup is exposed, and where moving manual work onto it pays back, not a pitch for more licences.
  • You qualify for the Hamburg Digital Check and want a partner whose deliverable is built to fit what IFB Hamburg funds.
  • You have already been turned down for other Bund or Land funding programmes and want a grant that is actually designed for a company your size.
  • Your IT is run by one internal person or an external freelancer, and you want a second, independent opinion before the next security incident forces one.

Scope and format

Two weeks, remote-first, with on-site sessions at your Hamburg office. Senior architects assess the two areas the Hamburg Digital Check funds. On information security: your identity and access setup in Entra ID, your exposure across Microsoft 365 and Azure, your backup and recovery position, and the gaps an attacker would use. On digitalisation: the manual processes that could move onto your Microsoft setup, ranked by what each one pays back. The work ends in one Realisierungskonzept that names the measures, the sequence, and the effort. You give us read-only access to the systems in scope and one point of contact.

What you get

Information security assessment

Your identity, access, data, and backup posture across Microsoft 365 and Azure, with the specific gaps named and ranked by risk. That covers Conditional Access policy gaps and privileged role assignments in Entra ID, assessed against the two outcomes that matter most: an attacker gaining access, and data that can't be recovered.

Digitalisation read

The manual processes worth moving onto your Microsoft setup, each scored on the work it removes and what it costs to build.

Implementation concept (Realisierungskonzept)

The concrete implementation concept the Hamburg Digital Check requires: every measure named, sequenced, and costed enough to act on or to commission.

Conditional Access and privileged role map

Every admin role and every Conditional Access policy in Entra ID listed against who holds it and whether that still matches who needs it.

Prioritised backlog

Every finding from both areas in one list, ranked by risk and effort, written so your team or any partner can pick it up.

Funding-ready documentation

The scope and cost breakdown structured for the IFB Hamburg eAntrag, plus a readout session to walk the findings and agree what happens first.

Pricing

A fixed fee of €15,000. The Hamburg Digital Check reimburses 50 percent of eligible consulting costs, capped at €7,500, so your net cost is about €7,500. You apply through the IFB Hamburg eAntragsportal before we start, and we provide the scope and cost breakdown the application needs. The grant is decided by IFB Hamburg, subject to eligibility and available funds. If you commission us to implement afterwards, the fee credits in full against that engagement when booked within eight weeks.

After the Hamburg Digital Check, IFB Hamburg reimburses 50 percent of the fee, up to €7,500. On a €15,000 engagement, your net cost is about €7,500.

Where your data sits

A remote-first engagement with on-site sessions in Hamburg. We work with read-only access scoped to the assessment and revoked on completion. No data leaves your environment, and we sign your data processing agreement before we start. Where data residency matters, your Microsoft workloads stay in the Germany West Central Azure region.

Governance & compliance

  • Read-only access, scoped to the assessment and revoked on completion.
  • A signed data processing agreement before kickoff.
  • GDPR Article 44 data-transfer restrictions checked as part of the security assessment.
  • The deliverable documented to the standard the IFB Hamburg application cites.
Read our governance approach

Free guide

The Hamburg Digital Check, explained

A short guide to the funding: who qualifies, how much comes back, the condition most applicants miss, and how to apply. Most rejected applications fail on timing, not eligibility, so the guide puts the apply-before-you-start rule first, not last. The PDF downloads right after the form.

  • Eligibility in plain terms: Hamburg base, size limits, and the de-minimis ceiling that catches companies who have already drawn on other Hamburg or federal grants this year.
  • The 50 percent / €7,500 math, and what counts as eligible: the licences and hardware you would have bought anyway usually do not.
  • Why you have to apply before the work starts: a contract signed or work begun ahead of the application can disqualify it.
  • The eAntragsportal steps, from application to reimbursement, including the evidence the reimbursement claim needs to hold up.

Common questions

Is my business eligible?

The Hamburg Digital Check is for legally independent SMEs, skilled-trades businesses, and liberal professions with an operational base in Hamburg, under 250 employees and within the EU SME turnover or balance-sheet limits. You also need room under the EU de-minimis ceiling. Our Hamburg Digital Check guide sets out the eligibility rules in full, so you can check where you stand before you get in touch, and we confirm it with you before you apply.

What do I actually pay?

The fee is €15,000. IFB Hamburg reimburses 50 percent, up to €7,500, so your net cost is about €7,500. The grant is approved by IFB Hamburg, subject to eligibility and available funds.

Do you handle the funding application?

You submit the application through the IFB Hamburg eAntragsportal, in your own name. We provide the scope, the deliverable description, and the cost breakdown the application needs. The Hamburg Digital Check is approved before the work begins, so we scope and quote first, you apply, and we start once it is through.

How long is the funding available?

The current funding window runs into late 2026, subject to available funds, and the budget can run out before then. Applying early is the safer move.

What if I want you to implement the measures?

The Realisierungskonzept is written to be handed to any partner. If you want us to do the work, the assessment fee credits in full against that engagement when booked within eight weeks, and the Hamburg-Kredit Digital loan programme can fund the implementation itself.

Who actually carries out the assessment?

Senior architects run the assessment, certified by Microsoft across Azure architecture, security, and identity. The same architects write the Realisierungskonzept, so the person who names a gap is the one who writes the fix, not a separate report-writing team.

Will this disrupt our day-to-day IT operations?

No. The assessment runs remote-first over the two weeks, with on-site sessions scheduled around your team, not the other way round. We work from read-only access, scoped to the systems in the assessment and revoked the moment it ends, so nothing changes in your environment while we work.

Do we have to commission the implementation to get value from this?

No. The Realisierungskonzept, the prioritised backlog, and the funding-ready documentation are yours at the end of the two weeks, regardless of what you do next. They are written to be handed to your own team or to any other partner, not only to us.

Can we combine the Hamburg Digital Check with other Hamburg or federal funding?

Often yes, subject to the EU de-minimis ceiling across all funding received. We check this specifically against your history before you apply, so the application does not get rejected on a technicality.

What happens if IFB Hamburg rejects the application?

You keep the assessment, the Realisierungskonzept, and the backlog regardless. The fee itself is due either way; the funding only affects your net cost, not whether the work happens.

Do you work with businesses outside Hamburg too?

Yes, under the Azure Architecture Review or the Microsoft Landscape Assessment. The Hamburg Digital Check itself is only open to businesses with an operational base in Hamburg, per the funding rules.

Does the assessment cover on-premises IT, or only Microsoft cloud services?

Both, where they interact. The information security half looks at how on-premises systems connect into Microsoft 365 and Azure, since that boundary is usually where the exposure sits, not the licensing tier.

What language is the Realisierungskonzept delivered in?

German, since that is what the IFB Hamburg application and your own team need. We can provide an English summary alongside it on request.

Can we apply for the Hamburg Digital Check more than once?

The programme is designed around one assessment per eligible period; check the current terms with IFB Hamburg for your specific case. If you have already used it, the Azure Architecture Review or the Cloud Security & Identity Review cover the same ground without the funding step.

Request the assessment