Andrew Pattison is the head of GRC consultancy at IT Governance Europe. He has been working in information security, risk management, and business continuity since the mid-1990s, helping large international organizations across many sectors. Andrew is a certified auditor, as well as holding CISM® and CRISC® certifications. He has provided extensive training in multiple GRC fields and is an approved APMG trainer.