About Me

I am an Information Security Analyst and ISMS Manager specializing in Governance, Risk, and Compliance (GRC) for startups, SMEs, and regulated industries. My work focuses on helping organizations securely adopt AI technologies while aligning with global standards such as ISO 42001, EU AI Act, NIST AI RMF, GDPR, and NDPR. I provide frameworks, policies, and risk-based oversight to ensure AI systems are ethical, transparent, and secure.

Featured Case Studies (On-going)

AI GOVERNANCE SAMPLE DOCUMENT

AI Guiding Principles

My approach to AI governance is built on key principles:

• Fairness & Bias Mitigation: Actively identifying and addressing bias in datasets and models.
• Transparency: Clear documentation of AI functionality, data usage, and decision-making logic.
• Accountability: Defined roles for all AI lifecycle stages to ensure traceability.
• Privacy & Security: Applying privacy-by-design, encryption, and security controls from concept to deployment.
• Human Oversight: Maintaining meaningful human control over AI-assisted decisions.

Governance Structure

• Roles & Oversight: AI oversight embedded in GRC and Security Governance teams. Clear accountability for developers, risk managers, and compliance officers.
• Committees: A lightweight AI Ethics and Compliance committee to review projects, vendor risks, and deployment approvals.
• Integration with ISMS: AI governance is an extension of existing ISO 27001-aligned security frameworks.

Model Inventory Process