Elmo Erasmus
Legal, Risk and Compliance Executive at Hyphen Technology (Pty) Limited- Claim this Profile
Click to upgrade to our gold package
for the full feature experience.
-
Afrikaans Native or bilingual proficiency
-
English Full professional proficiency
Topline Score
Bio
Julian du Plessis
Elmo is very conscientious IT practitioner that usually goes the extra mile to assist the business units he has been assigned to. During my working relationship with him he was a valuable member of the BCM team taking charge of the technical testing element. On IT security he was also practical in his approach find solutions for urgent issues especially when the organisation was hit with the Conficker virus. I recommend Elmo and would enjoy working with him again.
Caryn Davies
Elmo was a diligent, committed, hard working team member. He always had time for others on the team, listening attentatively and showing a genuine interest in colleagues. Elmo took feedback well, and strived to constantly improve. He left IQ in order to further focus on IT Risk and information security challenges, as the business decided to focus on other (financial) risk types before IT Risk.
Julian du Plessis
Elmo is very conscientious IT practitioner that usually goes the extra mile to assist the business units he has been assigned to. During my working relationship with him he was a valuable member of the BCM team taking charge of the technical testing element. On IT security he was also practical in his approach find solutions for urgent issues especially when the organisation was hit with the Conficker virus. I recommend Elmo and would enjoy working with him again.
Caryn Davies
Elmo was a diligent, committed, hard working team member. He always had time for others on the team, listening attentatively and showing a genuine interest in colleagues. Elmo took feedback well, and strived to constantly improve. He left IQ in order to further focus on IT Risk and information security challenges, as the business decided to focus on other (financial) risk types before IT Risk.
Julian du Plessis
Elmo is very conscientious IT practitioner that usually goes the extra mile to assist the business units he has been assigned to. During my working relationship with him he was a valuable member of the BCM team taking charge of the technical testing element. On IT security he was also practical in his approach find solutions for urgent issues especially when the organisation was hit with the Conficker virus. I recommend Elmo and would enjoy working with him again.
Caryn Davies
Elmo was a diligent, committed, hard working team member. He always had time for others on the team, listening attentatively and showing a genuine interest in colleagues. Elmo took feedback well, and strived to constantly improve. He left IQ in order to further focus on IT Risk and information security challenges, as the business decided to focus on other (financial) risk types before IT Risk.
Julian du Plessis
Elmo is very conscientious IT practitioner that usually goes the extra mile to assist the business units he has been assigned to. During my working relationship with him he was a valuable member of the BCM team taking charge of the technical testing element. On IT security he was also practical in his approach find solutions for urgent issues especially when the organisation was hit with the Conficker virus. I recommend Elmo and would enjoy working with him again.
Caryn Davies
Elmo was a diligent, committed, hard working team member. He always had time for others on the team, listening attentatively and showing a genuine interest in colleagues. Elmo took feedback well, and strived to constantly improve. He left IQ in order to further focus on IT Risk and information security challenges, as the business decided to focus on other (financial) risk types before IT Risk.
Credentials
-
CISM & CISA
ISACA
Experience
-
Hyphen Technology (Pty) Limited
-
South Africa
-
Financial Services
-
1 - 100 Employee
-
Legal, Risk and Compliance Executive
-
May 2014 - Present
Elmo is a Risk and Compliance Lead with focus in the Payment Service Provider industry. Hyphen is a FinTech business in providing tailored financial solutions to clients. • Implementation and execution of the governance risk framework. • Operational Risk, Enterprise Risk, IT & Security Risk. • Risk Management: Identification, reporting and mitigation of operational and IT risks. • Management and investigation of operational losses and fraud risks. • Advisory to business in implementing correct business processes e.g. service management. • Custodian of the Risk Treatment Plans. • Identification of the regulatory universe and risk treatment. • Custodian of the Information Security governance structure. • Implementation of Payment Card Industry (PCI) Data Security Standard (DSS). • Custodian to the Cyber Security Response Plan. • Risk assessments in customised client implementations i.e. payment portal technologies. • Implementation of other best security frameworks i.e. ISO27001 • Program manager to the Protection of Personal Information Act (POPIA). • Program manager to the Two-Factor Authentication Project. • Identification of relevant Acts impacting business and implementation of a compliance program. • Ongoing compliance monitoring and reporting. • Execution of the awareness and training programs e.g. Information Security Awareness / Ethics training. • Custodian to the company’s sub-board Audit, Risk and Compliance committee • Custodian to the company’s sub-board IT risk committee. • Ongoing Business Continuity Management and Disaster Recovery programs. • Provide guidance from a Risk and Compliance perspective on innovative solutions and disruptive ideas i.e. Blockchain solutions. • Custodian to Service Level Agreement framework and third-party vendor risk assessment process. • Ongoing service level monitoring. • Hyphen ExCo member and line manager to the Legal Advisor and Project Manager. • Main liaison contact with SARB and PASA in respect of Hyphen’s licenses. Show less
-
-
-
FNB South Africa
-
South Africa
-
Banking
-
700 & Above Employee
-
IT Risk & Information Security Manager
-
May 2009 - Apr 2014
-Enable an IT risk management framework within the Customer Contact Centres, Credit Card, Core Banking Solutions (CBS), Procurement and Cheque Processing businesses - all divisions within the Retail Banking segment at FNB. -Identification, mitigation, management and reporting of IT risks within the above mentioned businesses. -Implementation of Information Security at tactic level within the above mentioned businesses. -Build information security capability and response strategy. -Establish supporting processes to ensure maturity of information security is enriched. -Lead as program head in implementation of various Information Security initiatives and projects such as PCI & POPI compliance / encryption etc -Strategic involvement and consulting with the bank's IT objectives and goals. -Consult to various IT steerco's on best practice, standards and compliance requirements. -Implementation of Service Desk and Change processes to the CBS business. Show less
-
-
-
seda
-
Government Administration
-
400 - 500 Employee
-
IT Governance Manager
-
Oct 2008 - Jun 2009
-Governance officer for IT business unit within the group. -Implementation of various best practices, standards, policies and procedures for the IT unit. -Initiation of a proper Business Continuity strategy for the business and implementation of Disaster Recovery plans. -Review of the IT architecture of systems and networks. -Application of Risk Management framework to identify and mitgate risks within the IT business. -Regular IT audits on systems to measure compliance i.e. access management. Show less
-
-
-
IQBG Inc
-
United States
-
IT Services and IT Consulting
-
1 - 100 Employee
-
IT Risk Consultant
-
Oct 2006 - Oct 2008
-Oversee the implemetation of the Information Security service offering. -Review and implementation of the IT governance framework for a corporate bank. -Design and implementation of business processes within the IT busines that is alligned with IT governance practices -Basel II reporting business requirement specification for the small asset finance bank and for two large tier-1 retail bank. -Deliver business requirement specification in respect of the National Credit Act to a tier-1 retail bank. -Reporting of market risk conditions and process improvement for a tier-1 corporate bank. -Hands on experience with SAS reporting in delivering Basel II reports for a large tier-1 retail bank. -Number of large customers include: ABSA Capital, ABSA Group Credit, Nedbank Group Credit, Imperial Bank (now known as Nedbank), Teba Bank (now known as Ubank). Show less
-
-
-
Protiviti
-
United States
-
Business Consulting and Services
-
700 & Above Employee
-
Technology Risk Analyst
-
Jan 2006 - Sep 2006
On a contractual basis Elmo assisted on project basis as a Risk Analyst for the Protiviti offices in London. Variety of reviews and implementation projects within different industries were performed most notably: 1) IT Service Delivery framework 2) Business Continuity Management readiness 3) Data Analysis accuracy. On a contractual basis Elmo assisted on project basis as a Risk Analyst for the Protiviti offices in London. Variety of reviews and implementation projects within different industries were performed most notably: 1) IT Service Delivery framework 2) Business Continuity Management readiness 3) Data Analysis accuracy.
-
-
-
Transnet SOC Ltd
-
South Africa
-
Transportation, Logistics, Supply Chain and Storage
-
700 & Above Employee
-
Information Security Auditor
-
2001 - 2004
-Review of the group's IT infrastructure according to Information Security standards and best practice. -Systems, Database and Network audits and reviews of various business and reporting. -Consultation and implementation of the BS7799 standard, by establishing information security governance framework, standards, policies and procedures for the group. -Implementation of various in house processes and IT platforms to enhance the internal audit process reporting. -Review of the group's IT infrastructure according to Information Security standards and best practice. -Systems, Database and Network audits and reviews of various business and reporting. -Consultation and implementation of the BS7799 standard, by establishing information security governance framework, standards, policies and procedures for the group. -Implementation of various in house processes and IT platforms to enhance the internal audit process reporting.
-
-
Education
-
2009 - 2013
University of Pretoria/Universiteit van Pretoria
MCom, Informatics -
1996 - 2000
University of Johannesburg
BCom (Hons) Informatics, IT Risk & Information Security
Community
