Writing

Occasional notes on work, systems, and delivery.

This section is used sparingly. When I write here, it’s to capture lessons from real work: how systems behave under pressure, where governance helps or hinders, and what makes delivery reliable in complex environments.

There is no fixed publishing schedule. When something is worth writing down clearly, it appears here.

Insights

Digital Sovereignty is Now an Operational Resilience Problem

Why cloud concentration, cyber stability and hidden infrastructure dependencies are turning digital sovereignty into a practical resilience issue for modern financial services.

Shadow AI, Silent Pipelines, and the Future of IT Audit

Why AI driven cloud pipelines are creating compliance debt and how IT audit must evolve from periodic testing to continuous assurance.

AI Will Not Be Waiting for Audit to Catch Up

AI adoption is outpacing assurance. Why literacy first governance is the only realistic way to keep control environments credible.

Opinion: Control Management, IT Maturity and the Reality Behind Modern Governance

Why modern control management demands global IT maturity leadership, automated control expertise, and executive level reporting credibility.

Tech & Cyber Risk on the Board Agenda: Navigating AI, Cyber, and Enterprise Risk in 2026

As cyber risk and AI converge, boards must elevate technology risk governance to support resilience and strategic decision-making.

Technology Risk in Financial Services: Why Business Risk Managers Must Sit Inside the Machine

In financial services and fintech, technology risk directly shapes customer outcomes, regulatory exposure, and operational resilience.

IT Complexity Is the Real Control Risk: Why Audit and ITGC Models Must Change

IT complexity isn’t just an operational challenge—it’s now one of the biggest drivers of control and audit failure.

SOX in the Cloud: Why Traditional ITGC Models Are No Longer Fit for Purpose

Cloud adoption has quietly broken many traditional SOX ITGC models.