Skip to content
View davidcockson-compliance's full-sized avatar
2 followers · 7 following

Achievements

Achievement: QuickdrawAchievement: Pull Sharkx2

Achievements

Achievement: QuickdrawAchievement: Pull Sharkx2

Block or report davidcockson-compliance

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
davidcockson-compliance/README.md

David Cockson

Systems thinker focused on constraints, control, and automation.

regulation → system → constraint → control → automation

https://www.linkedin.com/in/david-cockson

Linux Docker Portainer AWS Cloudflare Prometheus Grafana Obsidian

Background

For the last 8 years I’ve worked inside complex regulatory systems, primarily in the gambling industry.

The work was rarely just policy or compliance.

It involved:

  • identifying structural weaknesses in regulatory frameworks
  • investigating systemic failures across organisations and suppliers
  • designing operational controls to stabilise complex systems

In practice this meant constantly asking:

Where is the constraint?
What breaks first?
What control stabilises the system?

That mindset translates naturally into software systems, infrastructure, and automation.

Selected Projects

AI Governance Frameworks

Exploring structured governance models for AI systems.

Sable AI Governance Framework
https://davidcockson-compliance.github.io/sable-ai-governance-framework/

Pickles GmbH AI Governance Framework
https://davidcockson-compliance.github.io/pickles-gmbh-ai-governance-framework/

These projects explore how governance frameworks can be structured, generated and maintained using AI-assisted workflows.

Regulatory & Analysis Tools

Scarlet Helix

Monitoring and analysis tool for the UK Gambling Commission licence register.

Key capabilities:

  • licence register search and analysis
  • domain and infrastructure discovery
  • corporate group identification
  • compliance monitoring views

Repository
https://github.com/davidcockson-compliance/scarlet-helix

Live instance
https://froghunter.dpdns.org/

LCCP Regulation Filter

Structured dataset and filtering tool for the UK Gambling Commission regulatory framework.

Purpose:

  • convert regulatory text into structured datasets
  • enable filtering and analysis
  • support compliance gap analysis workflows

Infrastructure & Homelab

Current experimentation environment used to practise:

  • containerisation (Docker)
  • cloud infrastructure
  • deployment workflows
  • monitoring and observability

Projects are built with the goal of creating repeatable operational systems rather than one-off builds.

Journey

My background is systems analysis inside regulatory environments.

I now apply the same mindset to software infrastructure and operational systems.

Progression of projects:

Regulatory systems analysis
        ↓
Structured regulation datasets
        ↓
Compliance tooling (React + data models)
        ↓
Automation and deployment (Docker / Cloudflare)
        ↓
Cloud infrastructure experimentation
        ↓
Monitoring and observability systems

Each step builds on the previous one.

The direction is moving from:

analysis → tooling → infrastructure → automation

How I Approach Systems

flowchart LR
A[Observe system] --> B[Find constraint]
B --> C[Map the gap]
C --> D[Design control]
D --> E[Automate solution]
E --> F[Monitor outcome]
F --> A
Loading

This loop applies whether the system is:

  • regulatory frameworks
  • operational processes
  • infrastructure platforms
  • AI workflows

Understand the system.
Remove the constraint.
Let automation keep it stable.

Current Focus

I’m currently building practical experience in:

  • Linux systems and tooling
  • Docker and container infrastructure
  • cloud deployment patterns
  • monitoring and observability
  • AI governance and multi-agent workflows

Most learning happens through hands-on builds and homelab experimentation.

Engineering Principles

Systems usually fail at the constraint.

When approaching a new system I typically start with:

  • What is the real constraint?
  • What fails first under pressure?
  • What control stabilises the system?
  • What can be automated once the system is stable?

The goal is not complexity.

The goal is stable systems that continue working when nobody is watching.

Tao of Pratchett.

Map the gap. Architect the control.

Pinned Loading

  1. pickles-gmbh-ai-governance-framework pickles-gmbh-ai-governance-framework Public

    Open-source AI governance framework for German legal AI providers. Covers EU AI Act, GDPR, BDSG, and BRAK. 22 documents across 5 stages plus a worked example. CC BY 4.0.

  2. homelab-monitoring homelab-monitoring Public

    Prometheus + Grafana monitoring stack for a home server. Host metrics and per-container visibility via Docker.

  3. scarlet-helix scarlet-helix Public

    Intelligence tool for tracking and analyzing UK Gambling Commission licenses with real-time monitoring

    JavaScript

  4. job-radar job-radar Public

    Full-stack job discovery and pipeline tracker with multi-source parsing and Docker deployment

    TypeScript

  5. homelab homelab Public

    My self-hosted infrastructure running on Proxmox and Docker.

  6. AML-Risk-Assessment-Tool AML-Risk-Assessment-Tool Public

    Python