Previously the RIMS Treasurer RIMS (the Risk Management Society) is a global, not for profit organisation dedicated to the advancement of the practice of risk management.

• Privacy, data protection, technology and operational risk oversight.• Ensured MRM compliance, Automate and advanced Model (Risk) Management and align with the AI ModelOps Framework.• Orchestrated the creation of an Enterprise Controls Centre of Excellence, including a comprehensive cross domain Controls Library, tools, and training to support development and alignment of internal controls.• Develop an enterprise domain-based control library based on compliance, risk, and best practices.• Provide technology, data management & governance, and technology risk consultation and advice.• Develop and provide policies, standards, guidelines, and training.• Instituted collaborative mechanisms such as workshops, MS Teams, stand-ups, and information sessions, and encouraged the uplift of technology and model risk and control.• Prioritised, developed and implemented monitoring and measurement of risk impacts (Model Risk showing a 60% compliance improvement, and the technology change programs).• Align control (and risk) outcomes with the organisation's strategic objectives.• Provide mechanisms, tools and expert advisory on implementing control frameworks and troubleshooting.• Provide thought leadership and specialised oversight, working across the organisation and offering expert advice that aligns with compliance standards (BASEL, NIST, ISO27001, COSO, BCM & DR), Legislative Compliance, and Climate Change.• Climate-related disclosures: collaborating on climate-related analysis to define risks and opportunities aligned with climate-related disclosures (XRB).• Collaborate on research-based data analysis to establish and formalise methodologies for detecting climate-related risks and opportunities.• Develop strong professional working relationships across the organisation.

• Privacy and security by Design oversight• Provide operational and technology risk and control thought leadership, oversight, challenge, advice, and review, including alignment with standards (BASEL II, NIST, ISO27001, COSO, COBIT, ISO31000), DATA governance and compliance obligations.• Provide expert DATA governance and management recommendations and consultancy services.• Fronted the Strategic Integrated Change Investment Portfolio (ICIP), focusing on technology modernisation initiatives and provided expert advice, critical challenge review and reporting.• In an Agile environment, I ensured that delivery risks and compliance obligations were met, incorporating privacy, ethics, and security by design principles into all stages of development - including privacy, ethics, and security by design.• Established and instituted the Model Risk Management governance, framework, compliance enabling tools. Provided model management advisory.• Salesforce and Oracle implementation program lifecycle, DevSecOps and CI/CD challenge and advice, and led end-to-end process control design.• Led the strategic change programme risk and quality oversight, providing guidance on design and implementation.• Furnished expertise in risk in Technology, Transformation Management and Agile implementation.• Delivered advisory services in Technology, Cyber, BCM & DR and other operational risks to clients.

Responsible for providing confidence to leadership and key stakeholders that technology risks are effectively managed and will deliver the expected outcomes aligned to the risk strategy.• 2nd Line Technology Risk advisory services as part of a cross Tasman risk maturity uplift program. • Secondary focus on key delivered, Conduct, Health and Safety and the Operational Risks.On secondment, led a team to implement controls and successfully close high-profile operational issues

• Led and project managed Technology Consulting projects, including Document Management System implementations.• Provided Governance and information management services to ensure quality and efficiency in deliverables.• Conducted Guidewire implementation data migration consultation, leading to successful project completion and client satisfaction.

Provided risk and security services to establishing the Technology Innovation Hub.As a member of the leadership team, I played a key role in setting strategic policies, frameworks and standards and overseeing comprehensive Information Risk Management. This included key areas such as Security, Logical Access Management, Information Protection, Data Governance, and Records Management (cybersecurity), ensuring compliance and driving business improvement and cost efficiency initiatives.Additionally, I redefined the Information Risk Management (IRM) strategy, team's direction, capacity, capabilities, operations, training, and support. These efforts were aligned with strategic business goals, regulatory requirements, and the eventual Barclays sell-off.Focused on delivering practical, automated solutions within an AGILE framework, I was responsible for leading Business Continuity Management (BCM), Disaster Recovery (DR), Occupational Health & Safety (OHS), and operations for the Technology Risk Function.

As a member of the Information Risk Management (IRM) leadership team, I operationalized and led IRM Core Services and assurance functions across 12 countries. I built and expanded a team of 120 professionals, directly co-establishing the core services team and overseeing an expansion restructure throughout the region. Within 24 months, these efforts successfully reduced risk to align within the organization’s risk appetite.Core Services included: Privacy, Information Security, Data Governance, Logical Access, Management (LAM), Records Management, Information Classification and Handling, governance reporting, business partnerships, and associated control environmentsKey Responsibilities & Achievements:IRM Strategy and Execution: Partnered in setting and operationalizing the IRM strategy, developing and rolling out the business model, and establishing robust core services across banking operations.Governance, Risk & Compliance (GRC): Led GRC activities, including solution implementation, scenario analysis, risk appetite alignment, monitoring toolsets, and advisory support to business units.Regulatory Compliance: Responsible for annual compliance reporting and direct engagement with relevant regulatory entities to ensure adherence to regulations.C-suite Stakeholder Management: Collaborated closely with C-suite executives, providing strategic input and updates on risk management, compliance, and business operations.COO Activities: Managed operational functions including sustainability alignment, finance and budgeting, hiring, procurement, and more.Regulatory Adherence: Ensured compliance with key regulatory frameworks, including, but not limited to BCBS239 (risk exposure aggregation), KYC, Basel, AML, King Code, FATCA, NIST, COSO, ISO27002.

Lead role - 2 Billion uplift programme - included retail banking and business banking, and new product development.Atomic (Africa Target Operating Model) Lead and Cost Efficiency Programme Africa Integration.• I steered, and influenced, the strategic and financial direction to achieve business benefit, client focused cost efficiency targets - delivered on integrated business solutions within the context of cost savings and efficiencies utilising effective stakeholder management within HR, IT, Risk, Finance, Compliance, Sourcing and CRES.Full change and integration across Africa and Absa. Included, but not limited to:• Maturity uplift; frameworks and standards• Functionalisation of the business• Spans and layers redesign• Country by country financial impact assessments based on regulatory requirements.

At EY I undertook multidisciplinary simple and complex engagements to help improve business and digital performance, improve risk and strengthen internal controls.Lead multidisciplinary teams, both on and off shore. Focuses included - Data analytics/data science, data governance & management, strategy, change, advisory, risk and controls (including technology and security risk), project management - both advisory and assurance.• Undertook strategy and business development, provided team career development & capacity planning.• Provided advisory and assurance services in organizational sustainability (with a focus on climate change impacts)• Conducted SAS Analytics engagement - data analysis, data interrogation, data quality, data cleansing, audit support,• Led and managed Privacy, Operational and IT risk and security initiatives, risk-based assessments, business improvement, and Corporate Governance initiatives.o Utilised, as appropriate, ITIL, Basel II, COSO, Cobit, ISO 27001, SOX, SSAE16 (SAS70), applicable regulatory acts, IT general and application control assurance.• Led, project managed, and performed data analytics projects which included: deep-dive data analysis for interest outcomes, fraud investigations, data interrogations, security reviews, internal & external audit support, and special projects. Also, data quality assessments, data migration reviews, and full system implementation mirror reviews. • Led multiple teams across multi-disciplinary engagements.• Senior stakeholders and audit committee attendance.• Utilised multiple skill sets, including commercial, project and program management, financial, data science, internal and external audit, risk management, change and people management, business acumen, corporate law, and governance.• Worked across several industries, including public sector, entertainment, Insurance, and banking.• Achieved annual sales targets

The nature of this company is that of software development house, developing custom and off the shelf software.• Authored and led team on software design and implementation and integration into banking industry..• Key skills - JAVA, SQL, HTML, UML