Hi everyone, I'm thrilled to share a bit about my professional journey and how it has evolved over the years. My foundation is a Master's Degree in Law, with a major in Information Security – specifically, applicable law for internet services security back in 1998. At the time, my choice of specialization was seen as unconventional—some even called it a bit crazy. But looking at where we are today in the digital and AI-driven world, it turned out to be incredibly foresighted!
I’m proud to be the first qualified ISO 42001 trainer for both North and South America, helping organizations lead the way in responsible AI implementation. As an ICT Technical Manager, I don’t just audit—I recruit, mentor, and train ISO auditors and trainers, ensuring they’re ready to tackle the challenges of today's dynamic digital and regulatory landscape.
My expertise spans far beyond one standard. I’m a Certified ISO 27001:2022 Lead Auditor, Implementor, and Consultant, specializing in integrated management systems (IMS). I help companies streamline multiple ISO standards into one cohesive system, covering everything from quality and safety to information security and privacy.
Some key certifications and specialties include:
- TISAX Level 3 Certified Lead Auditor
- ISO 27001:2022 and the full ISO 27000 Series
- ISO 27701 Data Privacy, ISO 27017 & 27018 Cloud Security, ISO 29100 Privacy Framework
- ISO 20000 IT Service Management, ISO 22301 Business Continuity
- GDPR, TISAX, SOC 2, and SOX 404 compliance
- ISO 9001 Quality, ISO 14001 Environmental, and ISO 45001 Safety
What makes my work unique? I have the practical experience and system thinking to implement or audit all these standards under one integrated system. With over 20 years in compliance and more than 15 years in auditing, I expand my scope every year to stay ahead.
I’m also a passionate public speaker and trainer, having delivered sessions at Black Hat AI Summit, RVA Tech Conference, internal audit symposiums, and international security and compliance events. I’ve spoken on topics like AI & security, Agentic AI risk evaluation processes, and aligning enterprise governance with evolving tech realities.
Teaching is one of my favorite roles—I love breaking down complex topics like DFMEA, PFMEA, and risk assessment in engineering and software development. Whether in a classroom, at a boardroom table, or on a global stage, I strive to make the complex both practical and empowering.
Outside of work, I live what I teach—sustainability, systems thinking, and optimization. I run a small off-grid farm that I like to call our very own Factory 4.0 in action. We care for 40 chickens, 7 ducks, a pair of geese, a few goats, and more than 4 barn cats (I stopped counting!). Every corner of the farm is a data opportunity—from egg production patterns and seasonal behavior changes to optimizing feed ratios and predator-proof shelter designs.
It’s not just a lifestyle—it’s a living laboratory where I apply the same ISO principles I use in enterprise systems: risk-based thinking, preventive action, continuous improvement, and smart use of data. Whether it’s automating temperature tracking in brooders or logging goat health data, our farm is a hands-on experiment in resilient, self-regulating, sustainable systems—and this is only the beginning.
I’m passionate about building, testing, and optimizing systems—whether it’s in a global enterprise with 10,000+ employees or in a backyard homestead. Both require structure, creativity, and a relentless curiosity about how things work and how they can work better.
What started as an unusual academic path has grown into a mission: empowering people and organizations to confidently navigate the intersection of AI, compliance, and security. Let’s connect—I'd love to see how we can collaborate!
