Skip to content
View neviarrawlinson's full-sized avatar
4 followers · 4 following

Block or report neviarrawlinson

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
neviarrawlinson/README.md

πŸ‘‹ Hi, I’m Neviar Rawlinson

IT Governance Manager | GRC Engineer | Cloud Compliance Strategist

I turn complex governance challenges into clear, workable systems.

From change management to enterprise risk programs and audit readiness, I design governance frameworks that help teams stay secure, compliant, and able to move quickly with confidence. My work bridges engineering and leadership by translating standards like ISO 27001, ITIL, COBIT, and SOC 2 into practical workflows, controls, and reporting structures that teams actually use.

With a background in Computer Science and an MBA in IT Management, I focus on building governance that is structured, scalable, and calm under pressure.

πŸš€ Featured Projects

πŸ”Ή Enterprise Risk Acceptance Model

A structured governance model that formalizes how organizations evaluate, document, and approve risk acceptance decisions. Designed to improve transparency, executive visibility, and audit defensibility across enterprise environments.

πŸ”Ή Internal Security Audit Framework

A practical internal audit toolkit for evaluating security controls, identifying gaps, and strengthening compliance posture. Built to support governance teams preparing for SOC 2, ISO 27001, and other regulatory assessments.

These projects reflect my focus on building governance artifacts that mirror real-world enterprise environments.

πŸŽ™ Cyber Risk, Explained (Podcast)

I host Cyber Risk, Explained, a podcast where I break down cybersecurity, governance, and risk topics into practical insights for professionals and career changers.

🎧 Listen on Spotify:
Cyber Risk, Explained – Spotify

πŸ“° Newsletter: Governance, Explained

I publish Governance, Explained, a LinkedIn newsletter focused on practical IT governance, GRC engineering, cybersecurity risk, and real-world implementation strategies.

πŸ”” Subscribe here:
Follow Governance, Explained on LinkedIn

✍🏽 Writing & Thought Leadership

I regularly publish content on governance, GRC careers, cybersecurity, and process design:

My writing focuses on practical implementation β€” not theory alone.

🧠 Core Focus Areas

  • IT Governance & Control Design
  • Enterprise Risk Management
  • Internal Audit & Compliance Readiness
  • Change Management & CAB Operations
  • SOC 2 & ISO 27001 Alignment
  • Cloud & SaaS Governance
  • GRC Career Enablement

πŸŽ“ Background

  • Bachelor’s in Computer Science
  • MBA in IT Management
  • Certified ScrumMaster (CSM)
  • Certified Scrum Product Owner (CSPO)
  • Deep interest in Information Security

🌟 Beyond Governance

  • β˜• Coffee enthusiast
  • πŸŽ₯ Anime fan
  • 🐾 Dog mom
  • πŸŽ™ Podcast host
  • πŸ“š Lifelong learner

πŸ“« Let’s Connect

If you’re building governance programs, navigating cybersecurity risk, or transitioning into GRC, I’d love to connect and collaborate.

Explore my projects, follow my writing, or reach out through any of the platforms above.

Pinned Loading

  1. grc-tracker-pro grc-tracker-pro Public

    Python 1 1

  2. risk-assessment-matrix risk-assessment-matrix Public

    Python 3

  3. change-management-tracker change-management-tracker Public

    Python 1 1

  4. stakeholder-analysis-tool stakeholder-analysis-tool Public

    Python

  5. automated-status-report automated-status-report Public

    Python

  6. iso-27001-readiness iso-27001-readiness Public

    Practical ISO 27001 Certification Preparation Guide | Risk Management | GRC Strategy

    1