I am a Management Systems leader with extensive experience implementing a wide range of Management Systems—including Quality, Information Security, AI, Automotive, Document, and Learning—across multiple industries. Over the course of my career, I have frequently integrated and harmonized overlapping management systems, ensuring they work together efficiently while meeting business objectives and regulatory requirements.
With years of hands-on experience, I can “translate” regulatory and compliance requirements across diverse sectors—from life sciences (GLP, GCP, GMP, GDP, GPvP) to information security (ISO 27001, NIST 800-53), to automotive (IATF 16949), and beyond to teams that are not versed in such. I also specialize in the emerging field of AI Management Systems (AIMS), applying frameworks such as ISO/IEC 42001 and global AI regulatory guidance to ensure trustworthy, ethical, and compliant use of AI within regulated industries.
My mission is to lead companies—regardless of industry—through Quality, Security, and Digital transformations using a pragmatic “keep it simple” methodology. I believe management systems should be tailored to company size, resources, and capabilities, while always protecting customer trust, product/service quality, and data integrity.
Effective management systems don’t need to be complex—they need to be practical, scalable, and resilient. This applies equally to traditional compliance domains and the safe, compliant integration of AI.
Areas of Expertise
Electronic Systems
Veeva Quality Suite
Master Control
Compliance Wire
TrackWise
Documentum
Atlassian Confluence and JIRA
Tenable W.A.S
SafeBase (Trust Centers)
SumoLogic SIEM
TrendMicro
Apple Business Essentials
Wizer
OLLAMA
V0
Replit / Claude
Quality Management
Document Management
Exception Management (QE/CAPA) & RCA
Change Controls
GxP Training
GxP Vendor Management
GxP Auditing (Internal/External)
Product Complaints
Risk Assessments / Management
Batch Record Review
Literature Review Processes
Information Security + Privacy
Enterprise Governance, Risk and Compliance (GRC)
ISMS Implementation / Support / Guidance
ISMS Change and Risk Management / Assessment
ISMS Document Management, Training, Auditing, Gap Assessments
SOC 2 Type II Compliance and Support
Vulnerability Tracking and Management
Ai
AI Management System Implementation / Support / Guidance
EU AI Act
Ollama Installation and LLM Configuration
Systems Implementation, Validation and Security
System implementation (e.g. Veeva, MasterControl), testing and Go Live activities of Quality Systems including project management, “right-sizing” configuration, migration, roll out, administration and training activities.
Software Development Life Cycles including development and documentation of:
Agile / Waterfall Development
URS/FRS
Configuration Specifications
Traceability Matrices
Validation Protocols, IQ/OQ/PQ, and Summary Reports
Amazon Web Services
Security Controls (ISO 27001, GDPR, Penetration/Vulnerability Testing)
GxP Modalities
GLP
GCP
GMP
GPvP
Regulations/Standards
21 CFR parts 11, 210, 211, 314, 803 and 820
FDA CSA + CSV
EMA Annex 11
ERES (JP)
HIPAA - 45 CFR part 160/164
ICH Q7, Q9 and Q10
EU Ai Act
GAMP 5 (Compliance and Testing)
ISO
9001:2015
13485:2016
19011:2018
27001:2022
42001:2023
90003:2018
NIST 100-1 (Ai RMF 1.0)
NIST 800-53 (SOC2 Type II) + HIPAA
VPAT
Awards
Panels and Publications
Panelist: Veeva Quality Summit 2018:
5 June 2018 (note - original website has since been removed, link is to historical web page via Internet Archive)
Topic: “Technology Considerations and Recommendations Before Embarking on a Quality Transformation Project”
Whitepaper: “Quality Management and Validation in Pharmacovigilance Software”:
March 2018
April 2018
Note - Original Whitepaper drafted was adapted by Tessa Heffernan and submitted for publication.