Management team

Alan Calder, Founder and Executive Chairman

Alan Calder is an acknowledged international cyber security guru and a leading author on information security and IT governance issues.

Alan co-wrote (with Steve Watkins) the definitive compliance guide, IT Governance: An International Guide to Data Security and ISO27001/ISO27002 (now in its sixth edition), which is the basis for the UK Open University’s postgraduate course on information security. This work draws on his experience leading the world’s first successful implementation of BS 7799 (now ISO 27001).

Alan has been involved in the development of a wide range of information security management training courses that have been accredited by the International Board for IT Governance Qualifications (IBITGQ). He also teaches the IT Governance: Foundations and Principles course (also accredited by IBITGQ).

Alan has consulted for clients in the UK and abroad, and is a regular media commentator and speaker.

Steve Watkins, Director

Steve is an authority on information security management and ISO 27001 implementation, and is co-author (with Alan Calder) of the definitive compliance guide, IT Governance: An International Guide to Data Security and ISO27001/ISO27002 (now in its sixth edition).

He is Chair of the ISO/IEC 27001 User Group – the UK Chapter of the ISMS International User Group – and is an ISMS Technical Assessor for UKAS, advising on its assessments of certification bodies offering accredited certification. Steve sits on the IST/33 committee responsible for the UK’s contributions to the revisions of the ISO 27000 series of standards and on RM/1, the committee responsible for BS 31100 – the British standard for risk management – and for the UK’s contributions to ISO 31000.

Neil Acworth, CIO

Neil is IT Governance’s chief information officer and leads our IT team. He looks after IT Governance’s software development business, which provides internal solutions and enterprise software products. He also oversees the management of information security risk at IT Governance and ensures that we maintain compliance with the PCI DSS, ISO 27001 and ISO 9001.

Neil is responsible for improving business productivity through automation, integration and better use of software, and for managing our infrastructure and helpdesk function. He holds a BEng and MSc, as well as TOGAF certification.

Chris Hanwell, Head of Global Sales and Support

Chris manages our multi-channel e-commerce operations and international sales. He previously managed our training and operations departments, accruing a wealth of knowledge across diverse working environments. Chris understands that no two organisations are identical, each having different drivers, internal skill levels and appetites, so he aims to help our customers identify the best-fit solutions for all their governance, risk and compliance requirements.

Following an undergraduate degree in business management with the University of Nottingham, Chris worked with Siemens Communications in their operations division, and at Anglia Ruskin University Cambridge on postgraduate programme accreditation. He has also spent a great deal of time working in various roles relating to the ISO 27001 information security standard, delivering consultancy, auditing and training, and helping to develop risk assessment software.

Tony Drewitt, Head of Consultancy

Tony leads our consultancy team. He works with clients to help them implement and comply with international standards such as ISO 27001 and ISO 22301. He is author of the books A manager’s Guide to ISO22301, ISO22301: A Pocket Guide and Everything You Want to Know About Business Continuity.

Tony was one of the first BCM consultants to support a client in achieving registration under BS 25999-2, the former business continuity management standard (now ISO 22301). He is a member of the Business Continuity Institute (MBCI) and delivers the IT Governance ISO 22301 Lead Auditor course.