Andrew Pattison is the head of GRC consultancy at IT Governance Europe. He has been working in information security, risk management and business continuity since the mid-1990s, helping large international organisations across many sectors. Andrew is a certified auditor, as well as holding CISM(R) and CRISC(R) certifications. He has provided extensive training in multiple GRC fields and is an approved APMG trainer.