By day I work in information security — risk management, governance and compliance. The rest of the time I build things that make that work easier, and keep a growing library of everything worth keeping. This site is both.
Open the resource library Read the blog
Skills, prompts and small automations that make security work easier — starting with risk assessment.
Checklists, document inventories, control mappings, responsibility matrices and evidence examples.
Information security in a regulated world — risk, governance and compliance. More on the about page.
Finished artefacts, end to end — see what good looks like before you build your own.
New resources and notes as they land — a concept, a short post, and a video explaining it.