← All Projects

Security & Assurance Frameworks

Live

Structured approaches to remediation and risk

Role Framework Developer
Timeline 2023-Present
Microsoft 365Power BIExcelDocumentation

What This Is

When things go wrong in IT - security incidents, failed audits, compliance gaps - you need a structured way to fix them. Not just fixing the immediate problem, but demonstrating that you’ve fixed it properly and it won’t happen again.

This work involves building frameworks for:

  • Security Remediation - Tracking and resolving security findings from audits and assessments
  • Go-Live Assurance - Structured checklists and sign-offs before major changes or launches
  • Risk Tracking - Documenting risks, mitigations, and residual risk acceptance
  • Evidence Collection - Gathering and organising proof of compliance for auditors

Why It Matters

Nobody enjoys this work. It’s not exciting. But it’s essential when:

  • External auditors need evidence of controls
  • Insurance requires proof of security measures
  • Regulators have questions
  • Leadership needs confidence that systems are safe
  • You need to prove to yourself that everything is actually sorted

The Approach

Good frameworks are:

  • Specific enough to be useful, not generic checklists
  • Trackable - you can see progress and status at a glance
  • Auditable - evidence is attached, not just claims
  • Sustainable - people actually use them, not just at audit time

The Output

This usually materialises as:

  • Remediation trackers with owners, deadlines, and status
  • Power BI dashboards showing security posture over time
  • Go-live checklists for different types of changes
  • Documentation templates that people will actually fill in