About

Practitioner — strategy, risk, and the parts of compliance worth keeping.

I work in GRC, security, and data security. Day to day, I think about how strategy, risk management, and smart compliance meet the technology decisions teams actually have to make — and how to keep the program defensible without burying it in paperwork.

I'm increasingly interested in how AI changes both sides of that equation: the threat surface, and the way GRC programs themselves are built and run. This site is where I write about what works, ship small tools to test ideas, and keep notes worth re-reading.

Currently

Based in Copenhagen. _Replace this paragraph with what you're focused on right now — current role / engagement, projects in flight, what you're reading._

What I think about

  • GRC strategy and the parts of ISO 27001 / CIS18 that earn their keep
  • Risk management as a decision-support discipline, not a paperwork one
  • Data security — DLP and what's beyond it
  • How AI changes the GRC practitioner's day and the threat surface
  • CISO advisory for companies that don't have a full-time security leader

Contact

The fastest way to reach me is email: peter.trier@outlook.com. I read everything — especially happy to hear from people working on GRC, data security, or AI policy in the real world.

Elsewhere: LinkedIn ↗ · GitHub ↗ · CV (PDF) ↓