Lennart BredbergGet in touch →
Available for AI GRC, security and compliance engagements

AI Governance and information security that survives contact with reality.

AI Governance, IT & Information Security Consultant. Incident Response Manager and Senior Program & Project Manager with 30+ years across regulated sectors — turning NIS2, DORA, ISO 27001/42001 and the EU AI Act into operational reality.

Explore careerDownload CV (PDF) ↓le…@…com
Portrait of Lennart Bredberg, AI Governance, IT & Information Security Consultant
Currently
NIS2 · DORA · AI GRC · vCISO · DPO
30+
Years experience
15
IRT specialists led
70+
Countries (GDPR rollout)
13
Active disciplines
01 / Profile

A senior hand for regulated complexity.

For more than 30 years, the person organisations turn to when they need to untangle mixed signals and simplify confusing processes. Global experience in IT program and project management, with a strong passion for compliance, strategy, risk and security — delivering measurable results across both public and private sectors.

Specialised in identifying improvement opportunities and aligning security and compliance initiatives with commercial objectives. Recent focus expanded to AI Governance, Risk and Compliance (AI GRC) — ensuring responsible and ethical AI deployment alongside NIS2, DORA and IT/OT (IEC 62443) work in regulated industries.

Based
Sweden · Available globally
Languages
Swedish · English
02 / Expertise

A dozen disciplines, one operating system.

Frameworks, standards and methodologies routinely deployed across client engagements.

01
NIS2 / Cybersäkerhetslagen
02
DORA — Digital Operational Resilience
03
EU AI Act
04
AI Governance, Risk & Compliance
05
ISO 27001 / 9001 / 14001 / 42001
06
Incident Management & Response
07
IT/OT Integration (IEC 62443)
08
Data Protection / GDPR
09
Supply Chain Risk Management
10
Project & Program Management
11
Lean Six Sigma — Black Belt
12
Business Development & GTM Strategy
03 / Career

Four decades, one through-line: trust at scale.

  1. 2016 — Present
    Sweden · Founder
    Triple z Management AB
    Founder & Owner — Risknavigator™ & AI Risknavigator™
    • Strategic consultancy platforms for Information Security, Data Protection and AI Governance, Risk & Compliance.
    • Registered trademarks underpinning long-term advisory engagements across regulated sectors.
  2. Aug 2025 — Present
    Stockholm & Reykjavik
    Syndis (via IT-Säkerhetsbolaget)
    Compliance & Security Consultant
    • NIS2 / Cybersäkerhetslagen: GAP and risk analyses across OT, IT and IAM; roadmap and compliance tracker for important and essential entities.
    • DORA advisory and gap assessments for financial sector clients.
    • Designing incident and reporting procedures, policies and guidelines aligned with ISO 27001 and NIS2.
    • Building Integrated Management Systems (IMS) on ISO 27001 and ISO 9001, adapted for DORA requirements.
    • vCISO (CISO-as-a-Service) and external DPO across multiple clients.
    • AI GRC advisory — interaction with traditional information security and data protection frameworks.
  3. Sep 2020 — Jul 2025
    Stockholm
    Atea Sverige AB
    Chief Consultant Security, AI & Information Security · IRT Lead
    • Built Atea Sweden's national Incident Response Team from the ground up — recruited and onboarded 15 specialists.
    • Designed the strategic and operational IR framework with NIS2-aligned mandatory reporting timelines and coordinated vulnerability disclosure.
    • Authored the internal GTM playbook for IR services: pricing models, service tiers, value messaging.
    • NIS2 planning, gap assessments and implementation for public sector, municipalities, utilities (energy & water) and IT/OT manufacturers.
    • ISO/IEC 27001 ISMS advisory and GAP/risk assessments.
  4. Sep 2019 — Apr 2020
    Stockholm
    ASSA ABLOY AB
    Data Protection / GDPR Specialist — global HRIS rollout across 70+ countries.
  5. Oct 2017 — Aug 2020
    Stockholm
    Ahlsell AB
    Senior PM EU GDPR Strategy · Interim CISO · Data Protection Manager
  6. Jan 2017 — Jun 2018
    Global
    Husqvarna Group
    Information Security Consultant & Global EU GDPR Program Manager
  7. 2012 — Aug 2016
    Amsterdam
    Sandvik Mining & Rock Technology
    Strategic IT Programs · IT/OT & Supply Chain · PMO Lead
  8. 2010 — 2012
    Sweden
    Sandvik IT Global Shared Services
    Senior Project Manager — global IT programs (Agile & PROPS)
Earlier career
Risknavigator™ Ltd, London
Senior Management Consultant
2009 — 2010
Confidence International, Stockholm
Senior Security Consultant
2004 — 2009
AESP Sweden, Uppsala
Country Manager
2001 — 2004
Gefle Varv / BEAB
Founder & Business Owner
1994 — 2001
Exact Holding, Sandviken
CEO
1992 — 1994
Nordea, Sandviken
Bank Director & Branch Manager
1987 — 1992
04 / Credentials

Education & certifications.

BSc Business Administration & Marketing
Uppsala University · 1983 — 1987
Certified Lean Six Sigma — Black Belt
Sandvik Mining · 2015 — 2016
Registered Trademarks
Risknavigator™ · AI Risknavigator™ — Triple z Management AB (founded 2016)
05 / Let's talk

Have an AI GRC, NIS2, DORA or information security challenge?

Engagements range from short advisory sprints and gap analyses to multi-year program leadership and vCISO mandates.

Email
le…@…com
Phone
+46 •• ••• ••18
LinkedIn
/in/lennartbredberg
© 2026 Lennart Bredberg · Triple z Management AB
Risknavigator™ · AI Risknavigator™