Meet The Team
Asaduz Zaman
Head Consultant and Lead Auditor for the following Standards: ISO 27001, ISO 22301, ISO 20000-1 and ISO 9001
Asaduz is Head Consultant and Responsible Person at GRC Audits and is an experienced Governance, Risk and Audit Professional, with over 10 years of Third-Party Certification Body experience. He has been delivering and leading teams for clients ranging from small to medium businesses to complex multinational corporations, across the globe. His specialisms include; ISO 27001, ISO 27017, ISO 27701, ISO 27018, ISO 9001, ISO 22301, ISO 20000-1, CSA Star CCM V3.0.1, tScheme (Registration Authorities and Public Key Infrastructure), and in the past, industry sector-specific regulations such as ND1643 and CPAS Standard 55.
Asaduz has a strong background in IT and Network Security, as well as Legal and Regulatory Compliance. His sector knowledge includes IT, Finance, Education, Utilities, Healthcare, Government (including, Cabinet Office IT Departments, Home Office Law and Order Agencies), Ministry of Justice, and Telecoms.
Graham Brookman
Lead auditor for the following standards: ISO 27001 and ISO 22301.
Graham is a highly competent and experienced professional, delivering business assurance services primarily to the information services sector. Initiating his career in IT programming and support has given Graham a strong background in information security, business continuity and IT support and good knowledge of the Information Services industry in general.
Graham has extensive international experience, with organisations of casting sizes with a global reach, which has involved international travel carrying out assessments over four continents for a five-year period.
Phillip Willoughby
Independent Management Consultant
Phil has over 35 years working experience in industry, specialising in audit and compliance. Phil’s strengths lie in the effective application and governance of information security and other management systems.
His experience has been acquired largely in the private sector, but has also worked in the public sector as a consultant and in an auditing/assurance role. This includes both in large multinational companies and small businesses, primarily in the IT sector, interacting with people in both managerial and technical positions.
Phil performs assessments of company management systems against the requirements of ISO 9001, ISO 27001, ISO 20000-1, ISO 22301 and in the past a number of industry sector specific regulations such as CAS(T) and CAS(S) and TickITplus.
Divya Morjaria
Lead auditor for the following standards: ISO 27001, ISO 22301, ISO 9001
Divya is an experienced information security and compliance professional, with over 8 years of experience in carrying out independent audits for UKAS Accredited Certification Bodies. Divya has highly developed research, analysis and communication skills and now provides consultation and support to businesses of all sizes in the implementation of new information security management systems. Sector experience ranges from Healthcare, IT, Travel industries and Creative Markets. Divya has a good of understanding of legal aspects, having worked as a Paralegal earlier in her career.
Dilraj Sagoo
Lead auditor for the following standards: ISO 27001, ISO 22301, ISO 27701 and ISO 9001.
Dilraj is a highly experienced professional, with overs18 years of experience delivering third party certification audits across the globe to International blue-chip companies. His earlier career includes being Head of Compliance for a major IT organisation developing patient administration systems for the National Health Service, and Quality/Security lead for products being developed to maintain HR and Payroll services for NHS England and Scotland. He currently provides audit, risk and consultancy services to the IT Industry in general and supports pharmaceutical organisations and medical practices regulated by the MHRA.
