Most aviation risk frameworks are two-dimensional: likelihood and consequence plotted on a matrix. They address known risks competently. But they systematically underweight frequency, create false confidence through comprehensive documentation, and leave organisations vulnerable to the events they haven't imagined.
I know this because I built and led risk functions from the inside — including creating Cebu Pacific's inaugural Chief Risk Officer role and merging their corporate and operational risk portfolios into a single enterprise framework. I've also led IOSA accreditations, redesigned safety governance structures, chaired crisis centres during real emergencies, and negotiated insurance programmes that halved premiums by demonstrating genuine risk maturity.
What I Do
- Enterprise risk framework design — Building whole-of-organisation risk functions that integrate operational risk, corporate risk, safety, security, data governance, privacy, sustainability, and major project oversight.
- Safety governance — Safety Management System implementation, Safety Board design, safety culture assessment, and board-level safety reporting.
- IOSA accreditation — Preparation, gap analysis, and programme management for IATA Operational Safety Audit certification and renewal.
- Crisis management — Emergency response centre design, crisis management protocols, and real-event crisis leadership.
- Insurance negotiation — Working with aviation insurers to achieve premium outcomes that reflect actual risk maturity, not just fleet size.
- Board risk reporting — Designing risk reporting frameworks that give boards genuine visibility rather than compliance theatre.
- Cybersecurity governance — IT governance frameworks for business continuity, disaster recovery, and cybersecurity risk oversight.
Selected Experience
- Created the inaugural Chief Risk Officer role at Cebu Pacific, establishing the Enterprise Risk department and merging corporate and operational risk into a unified framework
- Led Cebu Pacific's first IOSA accreditation and successful renewal
- Achieved 50%+ reduction in insurance premiums through demonstrated risk maturity
- Redesigned Emergency Response/Crisis Centre and chaired it during real operational events
- Led Virgin Australia's crisis management centre through volcanic ash, earthquakes, floods, and IT system failures
- Operations safety consultant for the removal of Cebu Pacific from the EU no-fly list
- Designed and implemented IT governance for cybersecurity, business continuity, and disaster recovery
Who This Is For
- Airlines establishing or maturing their enterprise risk functions
- Boards seeking independent assessment of risk governance effectiveness
- Operators preparing for IOSA accreditation or renewal
- Airlines looking to improve insurance outcomes through demonstrated risk maturity
- Organisations needing crisis management frameworks or post-incident review