Through transformation work, I help organisations turn strategy into working change once it meets people, habits, history, delivery constraints, governance, and operating reality.
Through governance and InfoSec work, I help build practical management systems for information security, risk, assurance, and change.
Alongside these core areas, I also take on selected Due Diligence & Risk work where leadership needs a more grounded view of technology, delivery, and operational exposure.
Transformation
This work focuses on making change happen in the real organisation, not in programme documents alone. It connects strategy, delivery, feedback, measurement, and improvement.
It’s for organisations that need strategy to survive contact with delivery, governance, and operating reality rather than stay trapped in programme language.
Governance & InfoSec
Governance and InfoSec work helps organisations build practical management systems for information security, risk, assurance, and change.
The work often includes ISO 27001 and related governance across risk assessment, policies and procedures, technical controls, evidence, monitoring, audit readiness, and improvement — with the emphasis on systems that can actually be used.
Due Diligence & Risk
Due Diligence and Risk work helps leadership understand risk in context when technology, operating models, and delivery assumptions need closer scrutiny.
It is useful where the question is not just whether something looks plausible, but how it actually works, what it depends on, and where the meaningful risks sit across technology, governance, and delivery.