Steve Watkins is a director at IT Governance. As well as being a member of ISO/IEC JTC 1/SC 27, the international technical committee responsible for the ISO 27000 family of standards, he holds a number of high-profile roles in the world of cyber security standards and certification, including chair of the UK ISO 27001 User Group and technical assessor for UKAS: conducting assessments of certification bodies offering ISMS/ISO 27001 and ITSMS/ISO 20000-1 accredited certification. He also undertakes information security assessments of forensic science laboratories seeking accreditation to the Forensic Science Regulator’s Code of Practice and Conduct, and is chair of the UK National Standards Body’s technical committee IST/33 (Information technology – Security techniques) that mirrors SC 27.
Steve is also involved with the UK standards technical committees RM/1 (risk management) and RM/1/-/3 (responsible for BS 31111, providing guidance for boards and senior management on cyber risk and resilience), IST/060/02 (IT service management) and IDT/001/0-/04 (data protection).
Steve is co-author (with Alan Calder) of the definitive compliance guide, IT Governance: An International Guide to Data Security and ISO27001/ISO27002 (now in its seventh edition), in addition to other publications.