Who we are

Our Team

The Common Framework Limited is created by a number of leading experts across a wide range of relevant disciplines; from the field of law, supply chain assurance, information governance and consultancy.

With the ability to understand the challenges that organisations face, from the customer through to the supplier and private sector through to the public sector, we have the ability to allow you to meet your challenges head on to take control of your organisations goals in the new Cyber age.

Lars Davies - Chairman (click to find out more)

Lars is a physicist and a lawyer by training. He co-founded The Common Framework as a result of his legal, academic, and technical experiences in order to deliver solutions that enable users to achieve regulatory compliance and evidential weight for their electronic communications. Prior to this he was a Senior Visiting Fellow to the Institute for Computer and Communications Law, Centre for Commercial Law Studies at Queen Mary, University of London (CCLS).

Lars joined the Centre for CCLS in 1995 as a full-time academic lawyer. Prior to becoming a lawyer, Lars worked in the computer industry.

Whilst at the CCLS, Lars specialized in Information Technology Law, Internet Law and Telecommunications Law, and concentrated on issues that included electronic financial services, security, authentication, and regulatory compliance. One of his first areas of research was into digital and electronic cash (he co-authored the paper ‘Digital Cash’ with Professor Chris Reed). His research delved into the limitations and risks posed by standard electronic and digital cash payment solutions.

During his time as an academic Lars also consulted to a major city law firm, where he worked closely with the firm’s IT, telecommunications, and e-commerce groups in relation to both contentious and non-contentious matters on a range of legal and regulatory issues relating to telecommunications and electronic commerce. Lars was a frequent and well-known speaker on these topics and is widely published, including past contributions to the telecommunications volume of the Encyclopædia of Forms and Precedents.

Lars subsequently held the post of Senior Visiting Fellow at the CCLS until 2005. He went on to form Kalypton in order to deliver solutions that enable users to achieve regulatory compliance and evidential weight for their electronic data, communications, and transactions. Lars created Undeniable, which is an information management policy and procedural stack that is designed to provide such a solution.

Lars is also CEO of Kalypton Ltd, specialising in addressing the challenges of the digital economy by providing innvoative solutions, and is a liveryman of the Worshipful Company of Scriveners of the City of London.

Dr Adrian Davis - advisor (click to find out more)

Adrian was both Managing Director and Director of Cybersecurity Advocacy for (ISC)² EMEA. (ISC)², an international nonprofit membership association focused on inspiring a safe and secure cyber world, is best known for the acclaimed CISSP®. Adrian created and delivered the EMEA regional strategy, resulting in double digit percentage member growth, increased member education and member satisfaction. He also managed the regional P&L, delivering year-on-year growth in revenue and margin; oversaw the development of digital marketing and education channels; and created relationships with professional bodies and governments. He also was heavily involved in internal GDPR programmes, acted as lead subject matter expert in GDPR course development and led a member-driven task force examining GDPR implementation.

A frequent speaker and contributor on cyber and information security, he is also a published author. Adrian has established varied partnerships and initiatives, most-notably in support of: accreditation guidelines referenced by computing science programmes across Europe; educational resources; and the latest edition of Europe’s eCompetence Framework (eCF), now recognised as a European Standard.

Adrian is also an editor for the International Standards Organsation, assisting in the development of several information security standards within the ISO/IEC 27000 series on supply chain security, professionalism and cyber insurance.

Before joining (ISC)2, Adrian was the Principal Research Analyst at the Information Security Forum, responsible for the delivery of practical business solutions within a commercial setting to the ISF’s global, blue-chip Membership. Adrian also provided account management services, delivered consultancy services and supported sales and sponsorship activities. His expertise covers: managing and assessing information security in supply chains and external suppliers; the governance and effectiveness of information security; the role and skills of information security professionals; assessing the possible near-term threats to organisations; and cloud computing.

Des Ward - Information Director (click to find out more)

Des has been working in the Information Risk Management industry for over 20 years. His background and skillset ranges from the technical to the non-technical through forensics and pen-testing to risk assessment and corporate governance. This allows him to interface between the technologists and the business to facilitate effective communication and understanding between them; achieving compliance in line with business goals.

Previous experience encompasses compliance programmes for HMG and FTSE 100 companies relating to the majority of legislation and regulation; including HSCN CN-SP, the PSN Codes of Practice, IA Maturity Model, Security Policy Framework, Hannigan Review, Data Protection Act 1998, FSA guidelines, Payment Card Data Industry Data Security Standard (PCI-DSS) and the ISO 27000 series of standards and guidelines.

Des’s goals are to build on his wide-ranging experience across different vertical industry sectors to drive a common understanding; where the benefits from effective information risk management can be understood, measured and valued.

More recently, Des is engaged as an advisor to the NHS Digital Compliance board for the Health and Social Care Network (HSCN), and has been heavily involved in the evolution of the HSCN compliance model itself.

Des has a distinction pass in the MSc in IT security from the University of Westminster, where he has also been a visiting lecturer. As well as being a former member of the CESG Listed Adviser Scheme (CLAS) he has also lectured at the University of Bath, has presented on Internet Security Threats to the Whitehats Information Security interest group and on Changing the business perception of Security to the Gartner Security Summit, the BCS, the Whitehats group and the Information Security Forum.

Matt Villion - Operations Director (click to find out more)

Matt Villion is a digital security and compliance consultant and the Operations Director of The Common Framework Limited, cofounded with Lars Davies and Des Ward.

Matt has over twenty years’ experience of ICT design and security and the art of Information Assurance.  This ranges from operations and commercial through to implementing Information Risk Management and governance spanning health, public and various other private sectors.  His extensive experience of managing the compliance and governance of major infrastructure programmes in the UK has led to his input into the development of the Common Assurance Maturity Model (CAMM) and the creation of The Common Framework with Lars and Des.  His passion for the use of disruptive techniques and management of suppliers led Matt to take part in the creation of the UK & Ireland chapter of the Cloud Security Alliance (CSA) with Des, presenting at many UK-wide events on the safe adoption of Cloud services.

Matt’s passion for the safe use of disruptive technologies in a manner compliant with the varied obligations is evident in his retention within central government to deliver the digital agenda currently being implemented.  A digital native, Matt ensures that he maximises all digital platforms and tools to maximise his efficiency.

Gareth Ricketts - Commercial Director (click to find out more)

Gareth started work as a Geologist in the North Sea, North Africa, and America, but looking for a different challenge closer to home, moved into the IT sector in the 90’s.

He worked for major global corporates, Unisys, MCI WorldCom, & BT, as well as small startups and the Public Sector- with Ordnance Survey. This experience gained over twenty years deploying services into the private and public sectors, has given him a comprehensive understanding of business issues.

Gareth focuses on meeting the need for secure robust co-operation within, and between organisations by employing a standard approach – a common framework.