Trusted Security Advisers Register

287 Information Security Professionals have joined TSAR already! ...And we're still growing fast!

Navigation through the listings is straightforward - simply scroll down and browse, or use the fixed menu on the right to filter by credential type, and then click on a Professional's name to see more information about him/her. If you have any comments or suggestions, please contact me.

Important: By accessing these listings, you agree that you have read and accepted my disclaimer.


Peter Flack, Independent

Peter has over 28 years practical IT security consultancy, risk assessment, security policy specification, implementation and audit (certified ISO/IEC 27001 ISMS Lead Auditor), security evaluation/audit and management experience. Peter has managed a variety of teams covering the entire development and project lifecycle.

Peter provided IT security consultancy for European Commission (EC) based systems in Brussels, including Security risk analysis and production/review of subsequent ADS/ISMS material, consistent with ISO/IEC 27000 family.

Peter also provided consultancy for the European Commission (EC) Joint Research Centre (JRC) for development of a risk assessment method, consistent with existing EC Security Policy and Standards, with reference to the ISO/IEC 27000 family material.

Amongst Peter's roles he has planned and documented ISO/IEC 27001 Information Security Management System (ISMS) material for 2012 Olympic services and BT's Capital Care Alliance Care Record Service, provided on behalf of the NHS as part of the National Programme for IT - the UK's single largest secure development programme.

Previously, Peter was the Programme Manager of Datacard Platform Seven's Secure Products Group. As well as managing the teams that developed the security critical financial systems, Peter provided the guidance and technical expertise for security evaluation (Common Criteria EAL4+ and the first ever ITSEC E6 evaluation, equivalent to EAL7).

Peter also has provided consultancy on a large IT project for the RAF (£300M+). Peter authored security policy and the associated documentation set.

Peter has provided Common Criteria consultancy to customers of the BT CLEF, being a Qualified CLEF Evaluator, performing evaluations under both the Common Criteria and UK ITSEC Scheme. This work involved specification of security functional and assurance requirements for information systems/products, or audit and evaluation of information systems/products claims against the Common Criteria (ISO/IEC 15408) requirements.

Peter has been a member of the CESG Listed Advisor Scheme (CLAS) until October 2015. CLAS consultants were approved by CESG to provide Information Assurance advice on systems processing protectively marked information up to, and including, SECRET.

Specialties: IT Security Risk Assessment, ISO/IEC 2700 Family, Risk Analysis, Security Policy Specification, Implementation and Audit, Common Criteria (ISO/IEC 15408), EC Security Policy (C(2006)3602, 2001/844/EC, Reg No 45/2001, supporting 3602 security standards and guidance documentation).

Based in St Albans, able to travel to clients across the UK. Has worked regularly in London and elsewhere in the UK. Has also worked in Brussels and Italy, as well as via remote working.
Security clearance(s) held.
CLAS [CESG] from 2006-10-01 to 2015-09-30 (Expired)
CCP [IISP] Security & Information Risk Advisor Practitioner from 2012-10-12 to 2015-10-12 (Expired)
ACIIS [IISP] Associate Member of CIISec from 2009-04-01 to 2016-03-31 (Expired)