Why This Site Exists

This isn’t a consulting sales page. It’s a space to think out loud about the work I do, implementing standards, navigating compliance frameworks, and trying to understand the human systems that make (or break) ISO certifications.

What You’ll Find Here

I write about ISO 9001, ISO 14001, ISO 45001. What I’m passionate about is ISO 27001 and ISO 42001 (AI management systems), cybersecurity governance, and the practical realities of implementing frameworks in actual organizations. Less theory, more “here’s what I learned when this didn’t go as planned.”

My Background

I’ve worked as an ISMS Scheme Manager at TÜV NORD, delivered agile IT solutions at Raiffeisen Bank International, and spent time across various compliance roles in the EMEA region. I’ve achieved zero nonconformities implementing ISO/IEC 27006:2024, built audit time calculation tools, and mentored new auditors in cybersecurity and ISO implementation.

But credentials only tell you so much. What interests me more is the gap between “what the standard says” and “how it actually works”. That’s what I’ll be exploring here.

Why Knowledge Sharing?

Because standards aren’t just about certification. They’re about building systems that work. And the best way to understand them is to question them, discuss them, and learn from others who are doing the same work.

If you’re working in compliance, cybersecurity, or AI governance or just curious about how these worlds intersect. Let’s figure this out together.