I am a senior research engineer at the IT Innovation Centre, part of the school of Electronics and Computer Science at the University of Southampton, UK. I received my PhD in Computer Science (Artificial Intelligence) from the University of Greenwich in 1997 and have published over 40 academic papers.
The core theme of my research is computational assistance for governance and regulation, and its current focus is computational governance & risk evaluation applied to governance. I am investigating how to represent regulatory compliance requirements as threats, so as to provide decision support for practitioners, where compliance requirements are recognised, actions are recommended to enable compliance, and an audit trial to demonstrate compliance is recorded. Current domains include the EC GDPR concerning data protection and ISO 27001 concerning IT security. This work is in a wider context of risk evaluation that is the focus of a team within IT Innovation, which has led to the development of an IT system security modelling toolkit that has been developed over seven years and provides a platform for research.