Diese Website verwendet Cookies. Sehen Sie unsere Cookie-Richtlinie

Management team


Alan Calder, Founder and Executive Chairman

Alan Calder is an acknowledged international cyber security guru and a leading author on information security and IT governance issues.

Alan co-wrote (with Steve Watkins) the definitive compliance guide, IT Governance: An International Guide to Data Security and ISO27001/ISO27002 (now in its sixth edition), which is the basis for the UK Open University’s postgraduate course on information security. This work draws on his experience leading the world’s first successful implementation of BS 7799 (now ISO 27001).

Alan has been involved in the development of a wide range of information security management training courses that have been accredited by the International Board for IT Governance Qualifications (IBITGQ). He also teaches the IT Governance: Foundations and Principles course (also accredited by IBITGQ).

Alan has consulted for clients in the UK and abroad, and is a regular media commentator and speaker.



Steve Watkins, Director

Steve is an authority on information security management and ISO 27001 implementation, and is co-author (with Alan Calder) of the definitive compliance guide, IT Governance: An International Guide to Data Security and ISO27001/ISO27002 (now in its sixth edition).

He is Chair of the ISO/IEC 27001 User Group – the UK Chapter of the ISMS International User Group – and is an ISMS Technical Assessor for UKAS, advising on its assessments of certification bodies offering accredited certification. Steve sits on the IST/33 committee responsible for the UK’s contributions to the revisions of the ISO 27000 series of standards and on RM/1, the committee responsible for BS 31100 – the British standard for risk management – and for the UK’s contributions to ISO 31000.



Neil Acworth, CIO

Neil is IT Governance’s chief information officer and leads our IT team. He looks after IT Governance’s software development business, which provides internal solutions and enterprise software products. He also oversees the management of information security risk at IT Governance and ensures that we maintain compliance with the PCI DSS, ISO 27001 and ISO 9001.

Neil is responsible for improving business productivity through automation, integration and better use of software, and for managing our infrastructure and helpdesk function. He holds a BEng and MSc, as well as TOGAF certification.



Chris Hanwell, Head of Global Sales and Support

Chris manages our multi-channel e-commerce operations and international sales. He previously managed our training and operations departments, accruing a wealth of knowledge across diverse working environments. Chris understands that no two organisations are identical, each having different drivers, internal skill levels and appetites, so he aims to help our customers identify the best-fit solutions for all their governance, risk and compliance requirements.

Following an undergraduate degree in business management with the University of Nottingham, Chris worked with Siemens Communications in their operations division, and at Anglia Ruskin University Cambridge on postgraduate programme accreditation. He has also spent a great deal of time working in various roles relating to the ISO 27001 information security standard, delivering consultancy, auditing and training, and helping to develop risk assessment software.



Tony Drewitt, MBCI; Managing Director at IT Governance

Tony Drewitt has been an operational risk and business continuity management practitioner since 2001, delivering risk management and BCM systems for a wide range of organisations in the private, public and voluntary sectors.

He was one of the first BCM consultants to support a client in achieving registration under BS25999-2, the former business continuity management standard. Tony has also written two books on this standard and delivered the IT Governance BS25999 Masterclass and Foundation courses, helping a wide variety of organisations to understand the standard and develop BCM systems that meet its requirements.

More recently, Tony has worked on developing BCM systems designed to meet the requirements of the new international standard for business continuity management - ISO22301. He is the author of the books: A manager’s Guide to ISO22301, ISO22301: A Pocket Guide and Everything You Want to Know About Business Continuity.

Tony is a member of the Business Continuity Institute (MBCI) and has acted as the technical expert on BS25999 for a UKAS accredited certification body.