A multi-tenant SaaS that runs AI and ML governance audits end to end: scoping, control assessment across eight frameworks, findings, and remediation, backed by a tamper-evident audit trail.
- AI Governance
- NIST AI RMF
- ISO 42001
- GRC
- SaaS
Projects
Work that shows what I do.
A mix of compliance artifacts, audit tooling, and engineering work that intersects with risk and controls.
An AI-assisted IT audit and compliance workpaper platform that runs the full audit lifecycle across SOX ITGC, NIST 800-53, ISO 27001, PCI DSS, and NIST CSF 2.0, with audit defensibility enforced at the database layer.
- IT Audit
- SOX ITGC
- NIST CSF
- Workpapers
- Next.js
An open-source tool that maps NIST SP 800-53 controls across overlays and baselines, links each control to its source paragraphs, and visualizes coverage against CSF 2.0.
- NIST 800-53
- OSCAL
- Compliance
- Tooling
A web app for IT auditors and GRC teams to build and manage risk registers: a guided assessment wizard, a 5x5 inherent and residual matrix, NIST CSF, ISO 27001 and SOX ITGC templates, and PDF and Excel export.
- Risk Management
- GRC
- NIST CSF
- ISO 27001
- React
A Python toolkit that automates the repetitive parts of a security audit: port and service scanning, outdated-software and misconfiguration detection, password-policy checks, log analysis, and network mapping, producing structured, workpaper-ready findings.
- Python
- Security Audit
- Vulnerability Assessment
- Automation
- ITGC
An interactive tool that turns phishing risk into a dollar figure: it scores exposure, projects three-year ROI on security awareness training, and exports a presentation-ready business case for CISOs and security leaders defending a budget.
- Security Awareness
- Risk Quantification
- ROI
- React
- CISO