The photographer is on his way
ISO27005 Risk Manager – Praxis42 GDPR and Data Protection + Data and Personal Information Security – Prince 2
ISMS, Risk Management and strong project management
Effective information security is created when requirements, risk understanding and business are linked together in practical Solutions. I work with end-to-end value creation and help organizations translate regulatory requirements and standards into manageable and value-creating initiatives.
With experience from both internal roles and external consulting, I have a holistic view of how information security is implemented and embedded in the organization. I have a particular focus on IT project management, where I drive security initiatives from analysis and design to implementation and compliance – often in complex environments with many stakeholders.
Among other things, I work with NIS 2 compliance, ensuring compliance with the requirements and supporting organizations in integrating NIS 2 into their existing governance and security structure. With experience from the energy industry, I also advise on information security legislation, including the Act on Enhanced Preparedness in the Energy Sector, where robustness, risk management and preparedness are central focal points.
I have solid experience with implementing the ISO 2700X standards, including establishing and further developing ISMS according to ISO standards, and working structured with Governance, Risk & Compliance (GRC). As an ISO 27005 certified, I have a strong focus on risk management as a foundation for both decision-making and prioritizing security measures.
My goal is for information security to become an integrated part of the organization's way of working – managed through clear processes, management commitment and effective project management, so that security becomes a strength rather than a burden.