About our company

Who We Are / What We Do

Who We Are

FACT Technologies is an independent entity which specialises in information systems assurance and information security.


Our aim is to assist companies which are looking at improving their operations, processes, and standards when it comes to the use of IT in their businesses. This can vary from more simple engagements such as documentation reviews and process analysis to full information security assessments or business process reengineering.


We are a boutique firm which employs experienced professionals and offer tailor made services to a variety of different sized companies depending on their requirements, expertise and resources.

What We Do

Our main services consist of IT advisory and auditing, project management, policy writing and implementation, gap analysis with respect to ISO27001 guidelines and related ISO best practice standards, risk and security assessment, IT controls assessment, business continuity planning, IT Governance, penetration testing, information security health checks, and other information security related services.


We also offer specialized regulatory related services within the remote gambling and blockchain industries. We have several years of experience in carrying out Systems and Compliance audits on behalf of the Malta Gaming Authority (MGA), and RTS audits for the United Kingdom Gambling Commission (UKGC). We are also able to manage the licensing application process in order to be granted a license both by the MGA and UKGC.


FACT Technologies is also a one stop shop for companies which are looking at achieving the ISO27001 certification, as we are able to assist clients in achieving all the framework’s requirements and work closely with a number of renown accreditation companies which would then carry out the auditing process and provide the official certification.

John Micallef

IT Partner

John is a seasoned IT auditor and well-known name in the Maltese Remote Gambling Industry. He is a BSc Honours graduate in Computing and Information Systems from the Goldsmiths University of London and is also a Certified Information Systems Auditor (CISA).


John has more than ten years of experience in conducting IT audits and IT consultancy work, in particular Systems and Compliance audits on behalf of the Malta Gaming Authority. He has also worked directly for one of the largest locally based remote gambling companies managing their license applications and ongoing compliance requirements in Belgium, Denmark, Italy and Malta. Previously, he was also seconded directly with the MGA to carry out System Documentation Reviews on behalf of the Authority.


He has also carried out various engagements related to the ISO27001 standard, by either carrying out a gap analysis on clients, or by preparing clients in the documentation and implementation of the standard’s requirements, in preparation to undergo the ISO27001 audit. He has also carried out various IT advisory assignments including project management, risk assessment as well as writing of policies and procedures and managing their implementation.

Ryan Cachia

Information Assurance Manager

Ryan is a BSc Honours graduate in Business and Information Technology from the University of Malta and is also a Certified Information Systems Auditor (CISA) and Certified in Risk and Information Systems Control (CRISC).


Ryan specializes in Information Security Management Systems, Information Security Policy, IT Controls, Network Security, IT Risk Mitigation and Vulnerability Assessments. He was previously employed with a leading B2B gaming company where he was responsible for the ISMS framework and the company’s information security.


He has also carried out various audits on gaming and finance companies, as well as on blockchain exchanges and ICOs, and his experience and expertise in identifying weaknesses and areas of improvement has provided significant input to several companies.

Loc Phan Van

Information Security Manager

Loc is a B.E. graduate in Cyber Security Engineering from the Tallinn University of Technology and is also an Offensive Security Certified Professional (OSCP).


He is a Cyber Security professional with over 5 years of experience in Banking Identity, Blockchain Security, Web Application & Mobile Application Pentesting/Audit, Smart Contract Audit, and Code Review. He has carried out various security engagements for large organisations identifying key vulnerability issues and other areas of weakness.


Loc is also a top 25 contributor of OWASP (MSTG project) and an author of several security research papers.

Language »