Nick Woodley
CISSP, CCSP, ACIIS AND ISO Auditor
Oakham, United Kingdom
Actions
Nick Woodley is an ISO 42001 Lead Auditor with over 25 years of enterprise technology experience, uniquely positioned to bridge the gap between AI innovation and governance requirements. As a Microsoft Certified Trainer and Cybersecurity Architect Expert, Nick combines deep Microsoft platform knowledge with practical AI governance implementation experience.
Relevant Credentials:
ISO 42001 Lead Auditor (AI Management Systems)
Microsoft Cybersecurity Architect Expert
Azure Solutions Architect Expert
CISSP & CCSP (ISC2)
Chartered Institute of Information Security (CIISec) Associate Member
Current AI Governance Experience:
As Cyber Security and Power Platform Principal at Ascent, Nick has developed AI compliance offerings incorporating DORA and NIST frameworks for European financial institutions. His recent work includes conducting AI risk assessments for global engineering companies and implementing AI governance frameworks that strike a balance between innovation and regulatory compliance.
Practical Audit Insight:
Nick's experience as an active ISO 42001 Lead Auditor provides unique insights into what actually works during audits, as opposed to theoretical compliance. His background spanning regulated industries (banking, government, insurance) gives him a practical understanding of how AI governance requirements vary across different regulatory environments and organisational contexts.
As an ISC2 East Midlands Chapter Officer, Nick actively contributes to the cybersecurity community's understanding of emerging AI security and governance challenges, making him well-positioned to share practical, implementable strategies with conference attendees.
Links
Area of Expertise
Topics
From Chaos to Control: Mastering Microsoft Enterprise Identity in Hybrid Environments
Organizations struggle with identity sprawl, security gaps, and compliance challenges when managing users across hybrid environments. Poor identity governance leads to security breaches, failed audits, and frustrated users. These critical pain points demand proven strategies for creating a unified, secure, and compliant identity infrastructure.
This session provides a comprehensive roadmap for implementing robust Microsoft-based enterprise identity solutions that seamlessly bridge on-premises and cloud environments. We'll explore Azure AD (Entra ID) hybrid scenarios, automated user provisioning strategies, and governance frameworks that ensure compliance while maintaining user productivity.
Through real-world scenarios and practical demonstrations, attendees will learn to design hybrid identity architectures using Azure AD Connect and Azure AD Connect Cloud Sync, implement automated provisioning workflows with SCIM and custom connectors, and establish governance policies using access reviews, privileged identity management, and lifecycle workflows. The session includes troubleshooting common hybrid identity challenges, performance optimization techniques, and building effective compliance reporting and monitoring strategies.
This session is ideal for IT professionals, identity architects, security administrators, and anyone responsible for managing enterprise identity infrastructure. Attendees should have basic familiarity with Active Directory and Azure concepts, but specific hybrid identity experience is not required.
Key Takeaways - By the end of this session, attendees will have:
A clear understanding of hybrid identity architecture best practices
Practical knowledge of provisioning automation techniques
Governance strategies that balance security with user experience
Troubleshooting skills for common hybrid scenarios
A roadmap for implementing these solutions in their own environments
AI Governance Reality Check: ISO 42001 Implementation Strategies for AI Solutions
With the EU AI Act entering force and creating mandatory compliance requirements for high-risk AI systems, European organizations urgently need robust AI governance frameworks. Without proper AI management systems, companies risk significant fines (up to 7% of global turnover), compliance failures, and operational incidents. While ISO 42001 provides the international framework that aligns with EU AI Act requirements, most organizations struggle with practical implementation, especially in Microsoft ecosystems where AI capabilities are rapidly expanding.
This session provides a practical roadmap for implementing ISO 42001 AI Management Systems within Microsoft environments, covering Azure AI services, Copilot deployments, and custom AI solutions. Led by an ISO 42001 Lead Auditor, you'll learn how to establish governance frameworks that satisfy regulatory requirements while enabling AI innovation.
Through real-world audit experiences and practical implementation guidance, attendees will discover how to map ISO 42001 requirements to Microsoft AI services, align AI management systems with EU AI Act compliance obligations, and implement effective risk management processes for high-risk AI systems. The session covers establishing data governance for AI pipelines, creating audit trails that satisfy EU regulatory requirements, and building continuous monitoring and improvement processes. You'll gain practical insights from actual ISO 42001 audits and EU AI Act gap analyses, along with actionable templates and frameworks.
This session targets IT leaders, compliance officers, AI project managers, and security professionals responsible for AI governance. Basic familiarity with AI concepts and Microsoft AI services is helpful, but specific ISO 42001 knowledge is not required - we'll build that foundation together.
Key Takeaways - By the end of this session, attendees will have:
Clear understanding of ISO 42001 requirements and EU AI Act alignment for Microsoft AI solutions
Practical implementation templates and checklists for AI governance compliance
Risk assessment frameworks tailored to common Microsoft AI scenarios and EU high-risk classifications
Documentation strategies that satisfy ISO 42001 auditors and EU AI Act requirements
Action plan for implementing compliant AI management systems in their organization
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top