Orbit is a small Devon-based consultancy driven by the genuine enthusiasm and desire of its staff to help small and medium-sized businesses improve their security and overall resilience.
One way or another, ISO management systems have been part of my life for the last 15 years. I implemented systems at my own manufacturing companies and then as principal consultant for Orbit I’ve been implementing ISO 27001 systems for clients and delivering ISO 27001 training and ISO 27001 lead auditor services.
My whole career has been dominated by IT, Security and ISO management systems so a move towards Information Security and ISO 27001 was, in retrospect, inevitable. For the last 7 years I’ve been focused on implementing new information security management systems, acting as ISO 27001 lead auditor for UKAS accredited certification bodies and providing ISO 27001 internal audit, information security and data protection training.
Yeh, I’m an information security and ISO 27001 geek.
A natural interest in taking things apart and trying to make them better inspired me to follow a science-based approach to work. Early in my career I specialised in IT systems design and worked for major financial institutions implementing and supporting the latest resilient technology solutions before jumping into the world of Information Security in early 2001.
I have been an Information Security Officer for several organisations across different sectors and I maintain my status as a certified information systems security professional (CISSP). I have been implementing ISO 27001 with clients for the last 4 years as part of Orbit and I also keep my knowledge current by acting as a ISO 27001 lead auditor for a UKAS accredited certification body.
My philosophy for a successful ISO 27001 ISMS is to concentrate on the fundamentals and keep it simple. As an ISMS matures most organisations gain additional benefits as they understand the nuances and how to make it work for their organisation.
Starting my career in Information Security for a large multi-national IT Corporation led me to quickly understand the key benefits of ISO 27001. The flexibility this Standard offers across a spectrum of industries and companies of all sizes has become more and more apparent within my role as a Lead Auditor for UKAS accredited certification bodies. This role has offered me a wealth of experience and enabled cross-sectional learning of ISO 27001 audit requirements as well as different implementation approaches and methods.
As a result, I have started focusing my career on implementing ISO 27001 as a consultant, whilst continuing my role as Lead Auditor. This combination enables me to learn industry trends, best practices and things that do not work, which in turn provides a strong tool in ensuring successful ISO 27001 implementation projects as a Consultant – essentially avoiding the pitfalls.
It’s an area that excites me as it is so relevant to the world of work we all live in.