Paolo Sferlazza

Advisor, Auditor and Trainer

Advisor, auditor and trainer in the fields of information security, business continuity, IT service management and payment card security. He has guided primary corporations and Italian critical infrastructures through the ISO/IEC 27001, ISO 22301 e ISO/IEC 20000 certifications. He is a Qualified Security Assessor recognised by the PCI Council being PCI DSS payment systems certified. He has obtained the ISACA certifications: CISA, CISM, CRISC di ISACA, is a qualified auditor and teaches courses in ISO/IEC 27001, ISO 22301, ISO/IEC 27001 and ISO 9001 schemes. He is an Information security and business continuity auditor registered in the AICQ SICEV registers. He has also earned certifications in the field of information security and IT governance among which are: OPST, COBIT and ITIL. He has also planned and taught courses in Information Risk Management, ITIL military field. He has carried out internal audits, assessments and consulting activities on 17025 – accredited Va laboratories. He deals with information security in the automotive sector in compliance with the TISAX sectoral standard. He collaborates with primary certification bodies as a third-party auditor.