Andrew is a distinguished consultant with almost three decades of experience in governance, risk and compliance. His background includes pivotal roles such as Head of ICT at a large health trust in Northern Ireland and information security manager for a specialist telehealth supplier. An active member of ISACA®, Andrew’s expertise spans information security, business continuity and risk. His qualifications include an MSc in information systems management, CISM and CRISC, and qualifications in audit and business continuity.
As IT Governance global lead on DORA, Andrew has been guiding investment firms, financial institutions and insurance companies to navigate the requirements of DORA over the last twelve months. He is the author of DORA – A Guide to the EU Digital Operational Resilience Act. He is also the organisation’s subject matter expert on ISO 27001, ISO 22301, the NIST cybersecurity framework (CSF), and both NIS and NIS 2 Directives.