About TRUSTYCYBER

Assurance experience, applied through a better process.

TRUSTYCYBER combines cyber security leadership, management system assurance, government security assessment, responsible AI and GRC technology.

AR

Founder and professional lead

Andrew Robinson

More than two decades across cyber security, governance, risk, compliance and management system assurance.

ISO/IEC 27001 Lead Auditor
ISO/IEC 42001 Lead Auditor
JASANZ Technical Expert & Assessor
ASD IRAP Assessor

Experience

Built across assurance, leadership and technology.

Security leadership

Decisions in context.

Experience with the constraints and trade-offs organisations face in practice.

Management systems

Criteria and evidence.

Assessment against defined criteria, evidence expectations and professional review.

Government assurance

Regulated environments.

Experience with Australian Government security expectations and assessment environments.

GRC technology

Structured workflows.

Designing systems that structure evidence, requirements, findings and review.

Practice principles

Five rules shape every engagement.

01

Review before meetings

Understand what already exists before asking people to explain it.

02

Asynchronous by default

Let the right people provide evidence and clarification without an unnecessary meeting programme.

03

Technology assists

Use technology to organise evidence, identify gaps and prepare preliminary analysis.

04

People decide

Qualified auditors remain responsible for evidence sufficiency, findings and final reports.

05

Traceability matters

Findings should be linked to the criteria, evidence and reasoning that support them.

Independence

Objectivity is checked before work begins.

Conflicts, previous involvement and the proposed scope are considered before an engagement is accepted. Work is not represented as independent where objectivity cannot be maintained.

Confidentiality

Evidence handling is designed in.

Evidence is held in controlled environments and retained only for the agreed engagement period.

Want independent, evidence-led assurance?

Start with the service, scope and timing. No evidence is requested at this stage.

Check your fit →