About Us

Built by people who know risk management.

The team behind RiskRocket come from a long-standing background of information security and cybersecurity consultancy, alongside software development.

Andy

With 20 years in information security, I've helped organisations of every size from banks and healthcare providers to law firms and small software businesses build risk management systems that actually work.

I'm ISO 27001 Lead Auditor certified, and I've worked hands-on with most of the major frameworks out there, including PCI DSS, SOC 2, NIST 800-53, and Cyber Essentials. I've a 100% track record helping clients achieve first-time certification, on time and on budget.

I've sat on both sides of the table too, as an internal consultant and as a third-party certification auditor, which means I know what actually gets checked, not just what's written in the standard. That's the experience behind RiskRocket: a tool built by someone who's lived risk management, not just read about it.