Director - Digital Transformation & Innovation Advisory

• May 2013 - Present

- Modernisation, Digital Transformation and Cybersecurity Advisory- Board and Senior Executives Digital Transformation and Innovation Advisory and Training- Digital and Innovation Governance Advisory- Modernisation, Digital Transformation and Cybersecurity Projects Advisory- Cybersecurity Assessments and Advisory- Enterprise Risk Management including IT Risk Management - Developing IT strategies, policies and procedures- Social Media Advisory - Strategies, Policies, Structures, Processes and Procedures- COBIT Implementations and Advisory, Training and Speaking- IT Governance Implementation and Advisory- IT Auditing- CISA, CISM, CRISC, CGEIT Examination Review Training- IT Auditing Training- Automation and Business Processes Re-EngineeringProviding insights to organisations on using IT and Digital Technologies to:- Transform IT enabled investments into business value, - Leverage competition using Digital and Innovation, - Grab business opportunities and - Achieve sustainable competitive advantages- Sustain and extend enterprise strategies and objectives, Driven by an in-depth understanding of our client’s business environment and building lasting relationships with stakeholders whilst maintaining independence to provide value-add IT consulting and assurance services that provide the Board, Executives, Management and Audit Committees with deeper insights required for key enterprise decision making.Engaging closely with Board Members, Business Executives - CEOs, COOs, Director Generals, Deputy Director Generals, CFOs CIOs and CISOs.Having the boldness to advise Clients to wind IT initiatives if our assessments indicate that they are no longer in line with their business objectives.Providing Clients with relevant insights gained in various local and international engagements and being responsive to their business needs and environment.

Member of the Council of the Vaal University of Technology

• Jul 2021 - Present

- Set strategic direction and long-range vision for the University in accordance with the education act and the University Statute- Restore and maintain public confidence in the University and ensure stakeholder trust- Perform both common law duties and fiduciary duties as prescribed in the Statute- Establish and maintain high standards of academic conduct and promote a positive culture in the institution- Apply probity and independent judgement on reports and submissions by management- Support the Vice-Chancellor and Principal and his/her Management Team towards promoting the success of the University- Demonstrable experience in contributing constructively to collective decision-making processes, respecting, and listening to others and earning the respect of colleagues- A personal commitment to good governance, ethics, integrity and upholding the recognised principles of public life and a commitment to equality, diversity, and inclusion

Global Guidance Council

• Jul 2021 - Present

- Advise the strategic direction of The IIA’s guidance, thought leadership content and other content while working with the existing constructs for General Guidance, IT Guidance, Public Sector Guidance and Financial Services Guidance among other inputs.- Review and provide feedback on the guidance and thought leadership priorities and pipeline.– Participate in guidance charter approvals and fatal flaw guidance reviews prior to release.– Review and validate the new guidance constructs or suggest revisions to existing constructs as needed through work with the Professional Practices directors.– Support a new, streamlined guidance due diligence process.

Advisor Audit & Risk and Business Innovation & Technology Committees

• Aug 2015 - Present

Board Member - Immediate Past President

• Apr 2018 - Present

Serve in chapter board advisory capacity.

Board Chair - President

• Apr 2016 - Apr 2018

To direct chapter activities and efforts to ensure professional and personal growth for membership.

Board Vice Chair - Vice President

• Apr 2014 - Apr 2016

Chapter coordination, assisting board members in their activities, assuming duties of the president when the president is absent and coordinating longer (half-day or more) educational seminars and or workshops.

Board Member - Certifications Coordinator

• Mar 2012 - Apr 2014

Responsible for managing programmes to enhance the status of ISACA certifications - CISA, CISM, CGEIT, CRISC

Audit and Risk Committee Member

• Aug 2017 - Present

Audit and Performance Audit Committee Member

• Jan 2014 - Sep 2022

Audit and Risk Committee Member

• Jan 2014 - Jul 2020

Board Member

• Jun 2016 - Nov 2019

Chair Audit and Risk Committee

• Jun 2017 - Jun 2019

Assist the board in fulfilling its oversight responsibilities pertaining to the integrity of the organizations financial statements; qualifications; risk; independence and performance of the independent auditors; internal assurance functions; and compliance with applicable legal and regulatory requirements.

Vice Chair Audit and Risk Committee

• Jun 2016 - Jun 2017

Chairperson - IT Governance Committee

• Oct 2014 - Jun 2016

Member of Framework Committee

• Jun 2014 - Jul 2015

Charged with identifying and supporting activities required to appropriately define, build and maintain a globally applicable and practically useable ISACA enterprise governance and management of IT (GEIT) framework.

Member of External Advocacy Committee

• Jun 2013 - Jun 2014

Charged with identifying and supporting activities required to build, maintain and leverage a highly effective advocacy program targeted at private sector organizations.

Member of Certified in the Governance of Enterprise IT Testing Enhancement Sub Committee (CGEIT TES)

• Jun 2012 - Jun 2013

Charged with providing thought leadership in identifying and supporting activities required to create and qualify new items in the Governance of Enterprise IT for the Certified in the Governance of Enterprise IT (CGEIT) Certification Committee.

Results Management Office (RMO) - Portfolio Assurance Manager (PAM) - Africa - Group IT

• Jul 2012 - May 2013

Ensuring alignment of programmes/projects/ portfolio to appropriate governance, risk management, compliance, business strategy and objectives and financial parameters.Secretariat to Group Investment Board Committees responsible for governing change related initiatives throughout the GroupProviding independent challenge and assurance to portfolio of programmes and projects against appropriate Governance, Risk and Compliance whilst ensuring alignment to business strategies and objectivesCollaborating with Group IT, GCC and BUPP teams during IT enabled initiatives conception, execution and closure phases providing checks and guidance with the aim of ensuring effective and efficient delivery.Facilitating prioritisation, planning and budgeting processes of business portfoliosPortfolio Risk ManagementCollaborating with programme and project owners in the rescue of change initiatives in jeopardyMonitoring that governance is applied throughout the project/programme, tracking progress against key delivery milestonesTaking active ownership in driving the resolution of cross portfolio risks, issues and dependencies impacting deliveryAdvising on structure, composition and delivery models of projects, reviewing and providing challenge to projects documentation.Ensure that IT enabled initiatives benefits are sufficiently defined. Providing independent validation and measurement of benefits realised.

Portfolio Manager IT Audit - Corporate and Investment Banking International

• Sep 2011 - Jun 2012

IT audit planning, management & delivery of audit assignments, preparation of IT audit weekly and periodic Govco & MIS reports and contributing to BAC & Exco reporting.Credit card operations audit for a system provided and hosted in UK by a Global credit card Services Company based in USA (Typical ISP Public Cloud environment). Review covered 8 countries in Africa and a host data centre based in UK and change management in Cyprus it included Credit Card Process, Application Controls and IT General Controls reviews, management and coordination of Audit Managers across Africa & UK. Significant issues were noted in the report and presented to Group Exco and BAC.Market Risk audit for Capital Requirements Directive (CRD3) project required by Financial Service Authority (FSA) which included a proliferation of market risk applications such as Damas, Vespa, Front, Murex etc and review of Stress Value at Risk (SVAR) and Incremental Risk Charge (IRC) dataContinuous Audit /Watch in Brief – Performance and Capacity for Critical trading systems.Precious Metals audit covering (DGCX, COMEX, TOCOM) business processes, application controls and IT general controls for Front Office and Back Office systems. Products included Spots, Forwards, Options, Swaps and MTFs.

Portfolio Manager - Africa Information Systems Audit

• Jan 2010 - Aug 2011

Head Auditor Africa Core Banking implementation covering 16 countries. Key roles included; Reviewing programme & project Governance, Management, System peripheral integration, Business Processes (IT & Business Control Adequacy and Effectiveness Test), Testing CIT, Functional Testing, SIT, UAT & Performance Testing), Business (Organisational) readiness, data migration including data clean up, 3rd parties governance, system security, Go live – strategy, business continuity. Providing an oversight, guidance and supervising audit managers and auditors in SA, Namibia, Nigeria and Uganda. Attending, Reporting and representing internal audit in Programme Board, Manco, Exco and Steering Committees in SA, Namibia and Nigeria. Liaising and coordinating with external assurance providers – E&Y, KPMG and PWCDeveloping IT audit, risk management and governance in SA, and East and West Africa.Performing IT Applications, Infrastructure and SDLC audits in SA, East and West Africa.Maintaining relationship with business (Standard Bank Africa Personal and Business Banking (PBB) and CIB), Africa IT divisions, Risk, Operations and Audit in SA and West and East Africa.Planning and reviewing IT audits; Leading IT audit teams.Managing IT Audits and mentoring IT auditors in Standard Bank Africa.Trained in India Infosys Campus. IT General Infrastructure and General Controls Audit Stanbic – in Ghana. Namibia and Uganda audits, planning and scoping. Liaising with Africa IT , Business, Operations, Risk and Group Security Office Heads of Audit in African Countries, Directors, Head of Department, Senior Managers to understand the business environment, identify, assess & rank risks and recommending mitigating controls.Tracking risks and management risk resolutions. Participating refining and fine tuning IT audit methodology to align with business(Banking). IT risk assessment for Standard Bank East and West Africa (Nigeria, Uganda, Tanzania and Kenya ).

Manager - Africa Information Systems Audit

• Nov 2008 - Dec 2009

Managing IT Audits and mentoring IT auditors in Standard Bank Africa.Core Auditor - Group Standard Bank core banking application (Finacle from Infosys) project 2009 to 2016. Trained in India Infosys Campus. IT General Infrastructure and General Controls Audit Stanbic – in Ghana. Namibia and Uganda audits, planning and scoping. SDLC Audits - advisory and assurance - a member of IT projects Board and Steering Committees Drafting Audit Planning memorandumsDrafting Audit Programs.Performing IT audit Field work and finalising IT audit reportsAdvising auditee management on ICT Risk, Making recommendations, IT Governance, Project AdvisoryGap Analysis and Business Process mapping using IT governance frameworks e.g. COBIT, ISO 2700, TOGAF, COSO, Risk IT, Val IT, PMBOK, PRINCE2, Sarbanes Oxley, Basel II, ITIL, SABSA.Liaising with Africa IT , Business, Operations, Risk and Group Security Office Heads of Audit in African Countries, Directors, Head of Department, Senior Managers to understand the business environment, identify, assess and rank risks and recommending mitigating controls.Tracking risks and management risk resolutions.Participating in refining and fine tuning IT audit methodology to align methodology with business (Banking).

Information Communications and Technology (ICT) Consultant

• Jan 2008 - Nov 2008

Position: Consultant – Information and Communication Technology Advisory – ICTAResponsibilities and Audits Performed:Drafting Audit Planning memorandumsDrafting Audit Programs and supervising Audit AssignmentsAdvising auditee management on ICT Risk, Making recommendation, IT Governance, Project AdvisoryGap Analysis and Business Process mapping using IT governance frameworks e.g. COBIT 4.1STANLIB – Application control reviews South African Weather Service- COBIT General Computer Control Review – Follow-up Audit MTN - General Computer Control Reviews (Change Control Review and Physical and Environmental Controls Reviews )Social Security Commission of Namibia in Windhoek Namibia – Fund Management Application Control ReviewFNB – GCR (Physical Security , Backup and disaster recovery and Problem Management )Application Controls Review – PIK IT UP Industrial Development Cooperation of South Africa (IDC) – Application control ReviewERP Implementation Project Advisory South Africa Social Security Agency (SASSA)Application Controls Review – SA MintERP Implementation Project Advisory NHBRCGeneral Computer Controls Review (COBIT based) and Business Process Mapping – IDCApplication Controls Review – Denel (Pretoria Metal Pressings)Application Controls Review – Denel (Naschem) and General Computer Controls - SAMA

Junior Consultant - IT Advisory

• May 2007 - Dec 2007

Position: Junior Consultant – Information and Communication Technology Advisory – ICTAResponsibilities and Audits Performed:Assisted management in evaluating the adequacy and effectiveness of IT application (Application Control Reviews) and general (General Control Reviews) controls.Made recommendations on ways to mitigate identified risks posed by control deficiencies.Preparation of the audit engagement files Participation and taking of minutes in planning and risk assessment meetings.Change Management Review – MTNChange Management, Application Control Review - Fee Engine and Back and Recovery Procedure Review – STANLIBarivia.kom SAS70 Auditing based on COBIT 4.1 Control ObjectivesApplication Control Review – Namib Management Services (NMS) – in MozambiqueApplication Control Review and Previous Audit follow-up - First Trust a division of First National BankingPost Implementation Review – SASRIA

IT

• 2003 - 2004