About

NoFuss Consulting is an independent consultancy specialising in risk and security governance. We help organisations build and operate management systems that enable due diligence through transparency and clarity.

Risk is a foundational concept in rational decision-making. When communicated clearly, it is the language leaders across domains need to effectively prioritise and allocate resources. Unfortunately, managing risk is often seen as an unnecessary overhead, done pro-forma to satisfy audit requirements.

Information security goes beyond securing the network. Information is among the most valuable assets organisations hold, yet security is still widely treated as a technical concern. When integrated with strategic decision-making, security governance aligns practices to objectives, enabling organisations to achieve their purpose.

Profile picture

Your consultant

LinkedIn

I’m Pece — founder and practitioner at NoFuss Consulting.

Driven by a strong interest in problem solving, I’ve spent 20+ years working across multiple IT fields, including software engineering and information security. Between my interest in understanding how things work and many years in leadership positions, I’ve been fortunate to strike a balance between deep technical knowledge and a broader business perspective. My work eventually gravitated toward security and risk management, as many technical and operational problems tend to have an organisational root cause. I value honesty, as well as open and clear communication.

PECB certificate badge
Issued by PECB
ISO/IEC 27001 Senior Lead Implementer
ISACA CISM badge
Issued by ISACA
Certified Information Security Manager® (CISM)
ISACA CRISC badge
Issued by ISACA
Certified in Risk and Information Systems Control™ (CRISC)

Our network

Icon representing partnership

We work with a small network of trusted specialists who complement our services and can engage when the scope extends beyond what we cover. These include lawyers focusing on EU privacy and data protection law, as well as IT architects, penetration testers, and security engineers experienced in cloud and application security.