Information Governance Director
Des has been working in the Information Risk Management industry for over 20 years. His background and skillset ranges from the technical to the non-technical through forensics and pen-testing to risk assessment and corporate governance. This allows him to interface between the technologists and the business to facilitate effective communication and understanding between them; achieving compliance in line with business goals.
Previous experience encompasses compliance programmes for HMG and FTSE 100 companies relating to the majority of legislation and regulation; including the PSN Codes of Practice, IA Maturity Model, Security Policy Framework, Hannigan Review, Data Protection Act 1998, FSA guidelines, Payment Card Data Industry Data Security Standard (PCI-DSS) and the ISO 27000 series of standards and guidelines.
Des’s goals are to build on his wide-ranging experience across different vertical industry sectors to drive a common understanding; where the benefits from effective information risk management can be understood, measured and valued.
More recently, Des has been engaged as the Head of Framework Development within the Common Assurance Maturity Model programme on a voluntary basis; which has entailed the creation of the operating model for the framework itself, and the creation and management of subject matter expert teams to ensure the delivery of the controls for the framework to the review teams within the programme.
Des has a distinction pass in the MSc in IT security from the University of Westminster, where he has also been a visiting lecturer. As well as being a former member of the CESG Listed Adviser Scheme (CLAS) he has also lectured at the University of Bath, has presented on Internet Security Threats to the Whitehats Information Security interest group and on Changing the business perception of Security to the 2007 Gartner Security Summit, the BCS, the Whitehats group and the Information Security Forum.
Message for Des Ward
Posts by Des
The European Union (EU) General Data Protection Regulation (GDPR) is entering the end of its two-year implementation period, and guidance on specific areas is still being published.
The latest development in the Cloud strategy was announced by the Government Digital Service confirming a move from ‘Cloud First’ to ‘Cloud Native’.
This white paper by The Common Framework, provides a briefing for public sector executives on how to respond to the changing policy environment.