Founder & Director at Risk IT Advisory Services (2023-11 – Present)
Founder & Director of Ara Blu Enterprises Pty Ltd t/a Risk IT Advisory Services and Health IT Services (Pty) Ltd. Full-time from November 2023. Previously part-time from January 2016 to October 2023 with limited services due to trade restrictions.
- Identify and pursue business opportunities; lead client engagement planning and scoping; and develop commercially viable project budgets and delivery plans
- Structure fractional retainer models or custom agreements for virtual leadership roles including Information Security Officer, Chief Information Officer, Chief Technology Officer, IT Digital Transformation Officer/Director, IT Audit Director, and IT Audit Readiness Officer
- Co-source with Internal Audit or Internal Controls
- Lead and execute internal and external audit-aligned testing
- Manage and mentor IT audit teams; review and approve IT audit work as IT Audit Management
- Assess and enhance IT general controls (including SAP Basis), IT governance, SOX compliance, and application controls
- Conduct comprehensive IT cyber/security assessments and third-party IT risk management reviews
- Oversee IT project governance and data analytics testing
- Develop and review IT policies and documentation
- Perform IT due diligence and compliance assessments including POPI Act reviews, NIST and ISO readiness and effectiveness assessments, and PCI DSS readiness assessments
- Collaborate with clients to analyse current ('as-is') business processes and recommend optimized ('to-be') solutions
- Transform manual or inefficient processes into effective digital solutions addressing IT, operational, and financial risks
- Design and implement end-to-end custom solutions including hardware and software requirements analysis, programming and scripting, integration across server/desktop/mobile environments, quality assurance, solution setup and installations, and training/support/ongoing maintenance
Consultant (Various Contract Roles) at Risk IT Advisory Services (2016-01 – 2023-10)
Completed multiple outsourced roles and independent reviews delivering solutions across various sectors.
- Senior IT SOX Lead for an International Nasdaq listed entity (ongoing contract role)
- Digital Transformation: Subject Matter Expert – Audit delivering a project for an International Fortune 500 Tier 1 company
- Senior IT Audit Manager – Projects for previously listed JSE and Nasdaq entity
- IT Due Diligence Review for a top Retail brand in South Africa (in top 5)
- Medical practice front office and clinic process digitization replacing manual processes and paper documentation/flow for patient management. Vanilla in production since 2021 and continuously enhanced. New enhanced version rolled out to new client in 2025
- Veterinary practise digitization replacing manual hospital cards and processes. In production since 2020 with new rollout version since 2022 and continuously enhanced
- Automation of gene sequencing process for medical research reducing weeks of manual work into results in minutes. Once off development in 2022 with exploration of license for research use
Senior Audit Manager – Digital Transformation at Massmart + Walmart (2022-04 – 2023-10)
Senior Audit Manager focusing on Digital Transformation initiatives for Massmart Internal Audit Services and Walmart Global Audit Services.
- Hands-on with coding / software development, e.g. SQL scripting, Python development
- Guidance on IT requirements, assisting with translation of business requirements into technical requirements
- Guidance on the design and functionality of the solution
- Management of Big Data and related analytics for Digitization
- Engagement with Massmart IT and vendor on requirements
- Engagement with business on solution integration/impact
- SAP Basis Automation (requirements and quality review)
- Identification of automation opportunity in current audit testing
IT Audit Manager at Massmart + Walmart (2011-09 – 2022-03)
IT Audit Manager for Massmart Internal Audit Services and Walmart Global Audit Services, responsible for IT audit execution, team management, and various audit activities.
- Reached the significant milestone of 100% reliance by External Audit of all IT General controls testing done by Internal Audit IT team
- Designed and managed the implementation the first of its kind Custom Audit Automation solution within Retail Internal Audit introducing time and cost efficiencies. At proof of concept the system saved 80% of resource time on Audits executed through the new solution
- Subject matter expert for number of areas, for example, IT project assurance, IT security, etc, within Massmart Internal Audit and Global Audit
- Leadership and team management including coaching, individual and team monitoring against deliverables, and monitoring of budgets and time
- Conduct Annual and continuous Audit Risk Assessment
- Formulation of the Annual Audit Plan based on the Risk Assessment
- Execution and review of IT Audit work, including reporting
- Present IT related findings to all levels of management
- Attend business meetings, e.g. project executive steering, risk committee, etc
- Maintaining and building positive business relationships
- Provide advice and assessing controls in IT General Controls execution and review, IT Security (Windows reviews, SAP Basis, E-commerce, NIST, CSI benchmarks, etc), Application controls review, Integrated audits (finance, operations and support), IT project assurance reviews, IT Third Party Reviews (SOC2 reports, ISO27001 reliance reviews, etc), Business process reviews, and General IT Advisory
IT Audit Specialist at Massmart + Walmart (2009-03 – 2011-08)
IT Audit Specialist contributing to various audit initiatives and digitization efforts within Massmart Internal Audit.
- Involved in the Audit Digitization which includes development and ownership of Audit Digit Strategy and defined roadmap
- Product/Business Owner of Audit RPA solution
- In-house development and support
Junior to Senior Consultant at Deloitte (2006-03 – 2009-02)
Consulted on IT audits and reviews for various clients. Promoted from Consultant to Senior Consultant in six months. Managed mini client portfolio including largest external IT audit client at the time.
- Promotion from Consultant to Senior Consultant in six months
- Fulfilled and delivered according to the role of a Manager on several clients
- Completion of numerous IT External Audits supporting company financial statements
- Personal experience in many crown jewel clients e.g. Transnet, Illovo Sugar, Nedbank, thus the knowledge of key systems in the market, i.e. SAP, Windows, Linux
- Management of mini client portfolio (thus responsibilities include that of a manager) including that of the largest external IT audit client (at the time)
- Planning, scoping and budgeting of client work
- Supervision and review of work of consultants and juniors
- Execution of IT audits and reviews
- General computer reviews (GCR) and application controls review (ACR)
- Pre- and post-implementation system reviews
- Information security reviews across different platforms, i.e. Unix, Windows, AS400, Novell
- Audit on major ERP systems, i.e. SAP, JDE, significantly large customised systems
- SAP Basis reviews
- Meetings with major clients discussing planning and findings during review
- Consolidation of audit activities and issues into report
