Aona AI
CISO and security program leadership
Leads security governance, compliance readiness, vendor assurance, incident response preparation, and product security input for Aona's enterprise AI platform.
Biography
Glenn Tan serves as CISO at Aona AI, owning the security programme end to end: risk management, controls design, vendor assessments, and incident response readiness.
He led Aona through its SOC 2 Type 2 certification, establishing the policies, evidence processes, and continuous monitoring practices that underpin the trust customers place in the platform. That certification matters especially for Aona's enterprise buyers in financial services, healthcare, and legal, where auditors and procurement teams require demonstrated security controls before signing off on AI tooling.
Glenn is also CEO and Co-Founder of Zavior, a compliance and cybersecurity company focused on regulations, data protection, governance, PDPA readiness, ISO certifications, and continuous compliance. In 2026, Zavior expanded to Australia with managed services partners and reinforced AI governance work with Aona.
His background spans RegTech, compliance innovation, venture-backed SaaS, corporate innovation, and startup advisory. He has worked with professional services firms across legal, accounting, private equity, venture capital, and financial services, and has supported innovation programs involving corporates, government agencies, and startups.
At Aona, Glenn works closely with the founders on every security-sensitive product decision: data residency, access controls, encryption in transit and at rest, evidence readiness, and the evolving requirements coming from AI governance, privacy, cybersecurity, and compliance frameworks.
Customer impact
How Glenn helps customers move from intent to rollout.
Keeps Aona's security program aligned with the expectations of regulated enterprise buyers and procurement teams.
Turns compliance requirements into evidence, controls, operating processes, and certification pathways that customers can trust.
Advises on product decisions where data protection, privacy, AI governance, access control, and customer assurance intersect.
Brings practical RegTech and certification experience to help Aona customers move from AI governance intent to audit-ready implementation.
Experience at a glance
How Shashank turns cross-functional complexity into practical delivery outcomes.
Glenn brings hands-on security, compliance, certification, RegTech, SaaS solutioning, and corporate innovation experience across Singapore and Australia.
SOC 2
security and audit readiness
ISO
certification and compliance programs
RegTech
privacy, governance, and PDPA focus
Founder
startup, advisory, and community leadership
Zavior
Founder and CEO for continuous compliance
Built a compliance and cybersecurity platform focused on PDPA, data protection, ISO certification, regulatory readiness, and AI-powered continuous compliance.
RegTech
Industry and community leadership
Contributes to Singapore FinTech Association, Singapore AI Association, IIPCC Singapore, SGDCC Foundation, and Brands For Good Asia communities.
SaaS
Solutions architecture for professional services
At tessaract.io, bridged technical and business requirements for legal, accounting, private equity, venture capital, financial services, compliance, and ISO maintenance teams.
Innovation
Venture and corporate innovation programs
At TNB Ventures and CoSpace Park, drove corporate innovation programs, startup collaboration, design thinking workshops, sales operations, events, and ecosystem growth.
Previous experience includes
- Aona AI
- Zavior
- Singapore FinTech Association
- Singapore AI Association
- SGDCC Foundation
- IIPCC Singapore
- Privacy Edge
- CEO Asia
- Antler
- tessaract.io
- CoSpace Park
- TNB Ventures
Expertise
Topics Glenn is asked to speak and advise on.
- SOC 2 Type 2 compliance
- Security programme management
- Risk management and controls
- Enterprise security reviews
- Data protection and privacy
- AI security frameworks
- RegTech and continuous compliance
- ISO certification readiness
- PDPA compliance
Perspective
How this experience connects to Aona.
"Trust is built through evidence. Security, privacy, and AI governance need controls that can be operated, measured, and certified."
Compliance
How Aona maps AI adoption to security, privacy, and compliance expectations.
Workforce AI Security
How Aona protects employee AI use across tools, data, and policy workflows.
AI governance
The operating model for governing AI adoption across the workforce.
SOC 2 compliance
Resources for teams aligning AI adoption with trust and security controls.
Talk to Glenn about Aona.
Book a 15-minute walkthrough, or read more about the team and our thesis.
Back to the teamLast updated 2026-05-19