MEET OUR LEADERSHIP TEAM

Garran is the Country Market Lead for Protiviti Australia. In this role, Garran’s focus is on driving the Australian practice forward and building a firm that helps our clients face the future with confidence.

He has over 25 years of internal audit and risk management experience in the mining, corporate and government sectors. Garran is a key member of the firm’s Global Mining, Energy and Utilities group providing extensive experience on large global projects.

As a founding director of Protiviti Australia at its formation in 2004, Garran has held various leadership roles in the firm prior to his current responsibilities. Previously, he was with Arthur Andersen and Ernst & Young.

Major Projects

• Department of Education and Training (DET): Garran leads our Internal Audit services for the DET, including reviews of audit frameworks, schools, grants and financial controls.
• Department of Education and Early Childhood Development (DEECD): Garran leads our Internal Audit services for the DEECD, including the 2010 and 2012 Quality Assurance Framework Model Review for the DEECD’s International Education Division
• Department of Health and Human Services (DHHS): Garran leads the Protiviti team that has for five years played the key role in reviewing data integrity models within the Victorian public health system. This has involved leading audits of over 40 health service providers, meetings with the Minister and advice on future direction particularly around elective surgery, outpatients and emergency departments
• Higher Education and Skills Group (HESG): Garran leads the Protiviti team as an established partner with the HESG at DET and provides policy advice on how to mitigate emerging risks through amendments to the funding model and how VET market activity affects student learning outcomes and pathways to further education
• Eastern Health: Garran leads our Internal Audit services for Eastern Health, including reviews of data integrity, IT infrastructure, workforce development, management of capital projects, performance counselling and discipline and other financial controls

Areas of Expertise

• Internal Audit and Financial Advisory
• Risk Management
• Government
• Mining and Resources
• Internal Audit and Financial Advisory
• Risk Management

Industry Experience

• Mining
• Energy & Utilities
• Government
• Health

Education

• Bachelor of Commerce, The University of Melbourne

Professional Memberships & Certifications

• Chartered Accountant
• Certified Internal Auditor
• Certified Quality Assessor
• Certified Risk Assessor
• Member, Institute of Internal Auditors (IIA)

E-mail

Ewen is a Managing Director and the Office Lead of Protiviti Sydney, working with clients in the UK, Australia, and USA. Ewen is highly experienced across multiple IT platforms as well as business engagement of IT systems. Having worked across a full spectrum of IT related issues, Ewen’s business knowledge and experience across a number of industries has exposed him to a diverse range of IT related issues. Specialising in programme/project management roles that have focused on process and technology change, Ewen has worked on a number of software development projects utilising both new and traditional development methodologies. Ewen is a Certified Information Systems Auditor and a PRINCE2 Practitioner.

Major Projects

• Advised projects on technology and security risks at a large Australian financial services institution. Ewen’s work included performing technology risk assessments and advising on appropriate controls. A number of the projects involve outsourcing and offshoring, requiring consideration of the risks inherent in these types of arrangements, as well as potential APRA notification/consultation.
• Led the pre-implementation review of an ERP system for a global client, identifying key considerations for remediation prior to completion of the project.
• Led Protiviti’s IT audit work at an Australian medical insurer including performance of an IT assessment to identify audit themes. Audits included application development, reinsurance, IT operations and information security.
• Reviewed the Project Management and Agile development practices in place at an outsourced developer of digital TV equipment software for a major UK broadcaster, presented findings and recommendations for improvement to the broadcaster’s steering committee and programme management.
• Led the programme management of a troubled IT controls remediation programme at a major global insurance company and successfully implemented changes.
• Defined the organisational structure and governance model to support the delivery of the Commercial Development & IT Programme for a global hospitality company, including defining the structure and functions of the PMO, and the communication and governance processes.
• Assisted a team that delivered an End User Application Controls project at a major global investment and retail bank, providing subject matter expertise to the client’s senior level personnel and steering groups.

Areas of Expertise

• Program/Project Management
• Project Audit/Assurance
• IT Risk Management
• IT Governance

Industry Expertise

• Insurance
• Retail Banking
• Investment Banking
• Energy Trading
• Real Estate

Education

• MEng, University of Surrey, UK

Professional Memberships & Certifications

• ISACA, Certified Information Systems Auditor
• PRINCE2 Practitioner

E-mail

Steve is a Managing Director and the Office Lead of Protiviti Canberra, and has almost 30 years’ experience, providing assurance services to a significant number of organisations, including major national companies and to major government agencies. Steve has performed and been responsible for many internal audits, IT audits and other consultancy assignments for a wide range of public sector agencies.

Major Projects

• Assurance and audit service delivery: Steve led the co-source internal audit service provision to the Department of Defence Audit and Fraud Control Division (AFCD) from October 2008 to December 2017. Steve was the Lead Partner of this service and was involved in conducting a range of audit projects that were assigned from the Audit Work Program linked to Defence’s Strategic Risk Assessment, and several Senior Management directed tasks.
• Assurance and audit service delivery: Steve led assurance and audit service delivery to IP Australia from October 2013 – December 2017 and was responsible for key assurance projects including reviews of operational, financial, ICT, cyber and program areas across the entire organisation as well as the completion of a range of management initiated tasks.
• Assurance and audit service delivery: Steve led assurance and audit service delivery to the Department of Environment and Energy as well as agencies within the portfolio including Director of National Parks from January 2015 – December 2017. He was responsible for various assurance assignments such as Performance Reporting and Evaluation Framework Review, Induction and Training Review, Detailed review of the Grant Management of NESP, Product Stewardship Review, Payroll Data Analytic Review, Regulatory Decision Making Review as well as a Review of the Consultation Process for the Commonwealth Marine Reserve.
• Compliance management framework review: Steve was lead partner on a major assignment for DIBP to assess the Compliance Management Framework. The assignment was a complex review of the existing Framework in place with a deliverable of implementing and integrating a contemporary Compliance Management Framework.

Areas of Expertise

• Internal Audit
• Enterprise Wide Risk Management
• Governance, risk and control

Industry Expertise

• Government

Education

• Bachelor of Commerce (Accounting)

Professional Memberships and Certifications

• Charted Accountant, Institute of Charted Accountants in Australia
• Registered Company Auditor
• Member, Institute of Internal Auditors in Australia

E-mail

Mike is a Managing Director and Protiviti’s National Financial Services Lead, and has over 24 years’ experience in governance, risk management and assurance, both in practice and industry.

Mike’s experience has included the design of risk management approaches, the integration of risk into the day-to-day planning and decision making activities of the business and the transformation and operation of risk and internal audit functions to increase their impact and deliver to the demanding expectations of their stakeholders.

Mike’s extensive experience in practice and industry in both Australia and the UK brings unparalleled insights, resulting in the delivery of high quality outcomes for clients.

Major Projects

• Assisted in designing and implementing a framework to support the specific needs of a private equity business and the companies operating within their fund structure. The framework mirrored the business cycle (and the specific aspects of the private equity value chain) and ensured risks were managed at a portfolio and investment level and risk expectations were defined for the operating companies to support the achievement of the investment thesis.
• Advised a major insurance company regarding their approach to operational risk management and the introduction of a technology solution to facilitate and support the process globally. This included supporting development of their strategy for operational risk, the design of the supporting framework (including risk and control assessments, internal/ external losses, key risk indicators and scenarios), the specification and selection of the technology solution and the change management activities required to support its introduction.
• Evaluated risk and assurance frameworks, including assessment, benchmarking and gap analysis activities, for two major Australian banks, to determine their position relative to peers and identify opportunities to improve their maturity. The reviews considered operating structures, roles and responsibilities, frameworks, methods and tools and culture and identified positive opportunities for the risk and internal audit functions to add more value at a reduced cost.
• Led the team in supporting the design and implementation of the operational risk framework of a major Australian Bank to support compliance with the Basel II requirements, including policies and procedures supporting internal loss data, external loss data, risk and control assessments, key risk indicators, self-assessment questionnaires, scenario analysis and capital modelling.
• Led the outsourced internal audit function for a major power generator, establishing and delivering a progressive internal audit plan that focused on key risks.
• Lead relationship manager for the co-source arrangement with a major UK bank responsible for the development of their internal audit activities, including strategy and methodology; audit planning and delivery; negotiation of contractual arrangements; performance management and knowledge sharing/exchange.
• Led the identification and prioritisation of the high risk areas within the retail bank network of an Australian bank including identification of the key controls for the high risk processes and areas of pervasive risk resulting in the development of a web-based self-assessment system, supported by an Oracle database, to support data collection and reporting across the network.
• Assisted in the evaluation, design and implementation of a new operating model for a division of a major Australian Bank to support the growth strategy of the custody business which had $70bn of funds under administration and over 300 staff.

Education

• Bachelor of Science (Physics and Electronics), Reading, UK

Professional Memberships & Certifications

• Chartered Accountant
• Member, Institute of Chartered Accountants in England and Wales
• Member, Institute of Chartered Accountants in Australia

E-mail

Lauren is a Managing Director in the Melbourne office and Protiviti’s Internal Audit and Financial Advisory Solution Lead with over 14 years' experience in governance, risk, and internal controls. Lauren specialises in enhancing organisational capabilities by reducing red tape, successfully delivering solutions across multiple industries including health, higher education, government, consumer products and energy. Lauren has a diverse background having worked across multiple markets and geographies including Australia, the United States and the Middle East.

Lauren has extensive experience working with various stakeholder groups including boards, audit committees, executive management teams and line management staff and has acted as an active member and contributor to the Institute of Internal Auditors since 2014.

Major Projects

• Internal Audit: Lauren works closely with Garran Duncan to manage and execute delivery of the reviews of the data integrity models within the Victorian public health system through the Department of Health and Human Services.
• Internal Audit: Lauren led the Internal Audit, data analytics and controls transformation program at Melbourne Health, including the Royal Melbourne Hospital, North Western Mental Health, Royal District Nursing Services (RDNS) and Rural NorthWest Health.
• Compliance: Lauren was a key contributor on a compliance project for a large disability services provider which examined the duty of care and incident management requirements from a legislative, regulatory and internal process compliance perspective.
• Risk Management: Lauren supported a VAGO review of the Victorian Government Risk Management Framework (VGRMF) which resulted in the 2015 updated version. She also provided assistance to VMIA to update its Risk Management Practice Guide and supporting processes.
• Risk Management: Lauren led the development of risk management fact sheets, tools and templates as well as guidance materials to support the Commonwealth Risk Management Policy for the Department of Finance (Comcover). Additionally, Lauren has provided technical risk management assistance to Comcover’s risk management education programs, including the development and review of content.

Areas of Expertise

• Internal Audit
• Corporate Governance
• Risk Management
• Compliance
• Controls Transformation

Industry Expertise

• Government
• Health & Life Sciences
• Consumer Business

Education

• Master’s in risk management
• Bachelor Commerce / Arts

Professional Memberships and Certifications

• Member, Institute of Internal Auditors

E-mail

Leslie is a Managing Director and Protiviti’s Technology Consulting Solution Lead, specialising in digital and technology strategy as well as transformational change. She has over 25 years experience as a senior executive across consulting, industry and government. She has extensive experience designing and delivering large-scale change initiatives across organisations in Australia, New Zealand, Asia and North America. Leslie has experience across industries including financial services, transport & aviation, utilities & energy, consumer products & retailing and telecommunications, while also being a champion for diversity and inclusion.

Before joining Protiviti, Leslie was a Partner at EY, the CIO for APRA and held senior technology management roles with ANZ Banking Group, Babcock & Brown Limited, Macquarie Group, Mars Inc. and EnergyAustralia. Prior to these, Leslie worked with Accenture in both Sydney and Toronto.

Major Projects

• Australian Energy Distributor: Leslie supported this organisation in developing its Future of Finance roadmap as well as its overall transformation program design in response to the evolving energy market disruption.
• Australian Telecommunications Network Services Provider: Leslie led a process improvement review of its order to activation process.
• Major Australian Airport: Leslie led its managed services business case development, technology cost review and application migration planning, while supporting its data strategy development. Prior to that, Leslie led its technology service management ServiceNow implementation, as well as its cloud services review, technology strategy development and operating model design to underpin Technology’s transformation of its capabilities and underlying infrastructure.
• Regional Food Manufacturer: Leslie facilitated a series of workshops to refine its technology operating model as the organisation prepares for digital transformation.
• Australian Medical Device Manufacturer: Leslie led a team that developed the manufacturing technology strategy and roadmap for its China market entry into medical device manufacturing. She has also supported this organisation with its technology planning workshops.
• State Transport Agency: Leslie supported this organisation in developing its Group IT strategy.
• Major Australian Airport: Leslie conducted a strategic sourcing review of key technology vendors.
• Major Australian Water Utility: Leslie co-led organisation change and training design for this utility’s customer and business experience platform transformation using SAP ISU and S/4 Hana to replace its aging customer / billing platform while helping it become more customer-centric.

Areas of Expertise

• Technology strategy & operations
• Transformational change
• Process improvement

Industry Expertise

• Retail and consumer products
• Telecommunication
• Financial services
• Transport and aviation
• Utilities and energy

Education

• Bachelor of Science in Electrical Engineering (Honours), Queen’s University at Kingston Ontario Canada
• Advanced Business Management Program from the Kellogg School of Management, Northwestern University

E-mail

Mark is a Managing Director and Protiviti’s Risk & Compliance Solution Lead, with over 17 years of risk and regulatory compliance experience in financial services industry. Mark commenced his career as a regulatory supervisor at APRA where he gained invaluable experience in overseeing the ongoing prudential compliance with relevant Prudential Standards and conducting onsite risk management supervisory inspections at APRA regulated institutions.

Mark has spent a significant time in professional services consulting to leading financial services organisations both locally and internationally. Mark has a proven track record delivering deep insights to his clients through leading the design and delivery of contemporary risk management, regulatory compliance and capital management framework solutions.

Major Projects

• Compliance remediation programs: Mark has led many large-scale compliance remediation projects with major and leading Australian banks including the design and delivery of the target state solution and supporting transformation plans. ​
• Risk and Compliance operating model transformation program management: Mark has led multiple client engagements to assist design and develop transformation programs that aim to uplift the risk management framework including implementing an effective three lines of defence operating models to support effective risk and compliance management outcomes. ​
• Chief Risk Officer: Mark has on several occasions been seconded as Chief Risk Officer/Head of Risk to clients for the purpose of leading the day-to-day oversight and execution of risk management and regulatory compliance frameworks. Responsibilities included leading the delivery of board and executive engagement and reporting, line 1 stakeholder engagement and leading management and implementation effort that pertains to a line 2 risk management function. ​
• CPS 220 Risk Management solutions: Mark has led over 35 client engagements assisting in the design, implementation, or independent review of client’s Risk Management Frameworks in accordance with APRA CPS 220 Risk Management requirements (including annual and comprehensive review requirements). ​
• Enterprise Risk Management (ERM) system implementation: Mark has led programme delivery of a regional enterprise risk management solution to a leading global bank. The Programme scope covered the design, piloting and implementation of Risk Control Framework operating model and ERM technology solution across the Australian and New Zealand region. The project delivered an integrated risk and compliance management way of working across the 3 lines of defence including the testing and implementation of technology solution to enable effective implementation.

Areas of Expertise​

• Internal Audit​
• Risk management​
• Regulatory compliance​
• Governance​

Industry Expertise​

• Insurance​
• Asset Management​
• Banking​
• Superannuation

Education

• Bachelor of Business Degree (Banking & Finance), Monash University​

• Honours Degree in the Bachelor of Business (Banking & Finance), Monash University

E-mail

Craig is a Managing Director and Protiviti’s Business Performance Improvement Solution Lead. He has 31 years’ specialised experience in Public Sector Business Advisory and Strategy, Strategic Procurement, Outsourcing and Probity, Organisational Reform and Business Improvement, Portfolio, Program & Project Management, Assurance and Audit and Risk Management.

Major Projects

Department of Defence: ADF Health Services Contract (2017-18). A $6Bn procurement of General Practice and Specialised Health Services, and business-critical ICT systems, including; Invoicing, Billing and Supplier Payment, Rostering and Appointment Management, as well as Health activity record and Report Management. Craig conducted regular quality reviews and audits throughout the life of the project, with particular focus on; procurement performance, ICT requirements and interoperability alignment, risk and governance, and progressive benefits realisation. 

Department of Defence: eHealth System (2015-16): Post Implementation Review (PIR) and Remediation. As Review and Remediation Lead, Craig led the PIR of the Defence eHealth System (DeHS) and the follow-on suite of business improvement remediation initiatives. DeHS was procured as the single-source health record for all permanent and reserve members of the Australian Defence Force (ADF). 

 CASG (DMO) Company ScoreCard (2001-2). Design, development and implementation of Company Scorecard system. An ICT-based Contractor Performance Assessment and Reporting system aimed at enhancing contractor performance monitoring, reporting and feedback to generate improvement and awareness of contractor capability across Defence. 

Department of Defence: Health Service Delivery Improvement Program (HSDIP) (2014-15). As Program Manager, Craig was responsible for providing strategic business advice as well as the planning and delivery of an interrelated suite of six dynamic projects designed to improve the efficiency and effectiveness of Defence's health capability. 

ACT Health System Innovation Program Management Office. Consulting to the Director General ACT Health and the Deputy Director General Innovation, Craig was responsible for the effective design, implementation and on-going management of the ACT Health reform agenda and System Innovation Program. 

Risk Capability Improvement Project (AIR9000 Programme). As Project Manager, Craig was responsible for the development and implementation of the AIR9000 Programme’s risk and opportunity management framework, including; contractor procurement, contract management and administration; establishment and management of the Programme’s integrated Risk Coordination Group (RCG) and maintenance of the risk Program. 

Education

• Advanced Dip Project Management University New England 
• Grad Cert Risk Management Griffith University
• Australian Institute of Project Management – Master Project Director

Professional Memberships & Certifications

• Prince 2 foundations and practitioner

E-mail

David is a Managing Director within the Technology Consulting business, specialising in Technology Transformation, Infrastructure & Cloud Advisory, Technology Governance and Operating Model.

David’s primary focus is to lead the Cloud and Infrastructure Advisory business in Australia, assisting clients with the transformation of their technology environments, defining the future of their technology functions and ensuring the right capabilities are in place to operate efficiently and safely.

David has over 22 years’ experience across a variety of industries and senior IT transformation roles, including: Partner at Deloitte Technology Consulting, Group Infrastructure and Operations Director at Westpac Group, Global CTO of Reckitt Benckiser, Global Director of Architecture and Services at Reckitt Benckiser, APAC Director of Cloud Services at PwC. 

David has a proven track record of implementing major transformational improvements, global infrastructure programs and strategies which have delivered a step change in each of the organisations he has been involved with.

Major Projects

• Technology Operating Model – David has led global teams and multiple client organisations through technology enabled transformation, incorporating new and advanced operating models for which to leverage the latest technology available and to achieve an improvement in delivery capability, risk position and ultimately business value through operating model design and implementation. 
• Technology Governance – David has represented a global FTSE 25 organisation in FDA reviews and has also represented the second largest banking group in APRA and Austrac related reviews, primarily focused on Infrastructure Services & Operations. David has also led multiple client engagements to assist and guide them through regulation and ensuring they achieve the right outcomes and enable change where necessary.
• Technology Strategy & Architecture – David has designed, implemented and advised on Technology Strategy at multiple organisations, in multiple industries across multiple geographies. David has also designed and led the transformation to enable the strategic outcomes through developing the right foundational structure and measures to ensure the transformation is a success and achieves business value whilst reducing operational risk for the organisation and/or clients.

Areas of Specialisation

• Technology Strategy
• Technology Governance
• Technology Regulation
• Technology Operating Model
• Vendor Management
• Negotiation, Collaboration Strategy
• Infrastructure & Cloud Architecture
• Global Program Delivery and Team Leadership

Industry Expertise

• Financial Services
• FMCG
• Government (Australia)
• Manufacturing
• Pharmaceutical 
• Transport
• Telecommunications

Education and Professional Certifications

• HDIP Computer Science
• ITIL Framework V3
• TOGAF v9
• Prince v2

E-mail

Hellen is a Managing Director working across information technology audit, internal audit, and ICT project risk and assurance engagements. Hellen has extensive experience leading and coordinating the delivery of professional risk and assurance services to a wide variety of clients to include Commonwealth departments, local government, financial institutions, universities and the private sector.

Major Projects

Department of Infrastructure, Transport, Regional Development and Communications – IT Audit Services: Hellen leads the delivery of IT audit services for the department. This includes an IT project assurance review for the implementation of a significant system that will support the management of Australian infrastructure projects.

Data Governance and Information Security: Hellen has experience conducting reviews of data governance arrangements and data risk assessments. This include knowledge of better practice framework, Data Management Body of Knowledge. Hellen led a recent review of the (former) Department of Social Services Data Governance arrangements. Hellen has an in-depth understanding of Commonwealth Government information security requirements, to include the Protective Security Policy Framework and Information Security Requirements. Hellen has conducted numerous reviews of information and cyber security across a number of Government agencies, to include the Department of Defence and the Department of Health.

Department of Health – Live Assurance and Internal Audit Services: Hellen is leading the delivery of ‘live assurance’ audit services assisting the department during the rapid implementation of Australian Government COVID-19 Health policy, measures and critical functions. Hellen also leads the delivery of internal audit activities delivered by Protiviti for the department.

Adam is a Managing Director in Protiviti's Melbourne practice and has significant experience in delivering internal audit, investigations and risk related services to a range of multinational organisations. He has also acted a Chief Audit Executive for a range of Australian Stock Exchange listed companies.

He currently serves as Protiviti’s Australian leader of Internal Audit services and is a member of the organisation’s global Internal Audit Leadership. Furthermore, Adam acts as Protiviti’s leader of services to Mining clients where he is a key member of the global Energy and Resources leadership team. 

Adam has led a range of large-scale projects for Australian and multinational organisations across multiple jurisdictions working closely with our global teams across a variety of continents, languages and cultures. He also brings extensive executive management and board level interaction.

Major Projects

State Government of Victoria: Adam lead forensic investigations on behalf of a Victorian Department with respect to funding provided to third parties. These investigations had multiple parties and includes liaison with Victoria Police and VGSO. 

Global Diversified Minerals Company: Adam has led a number of highly involved reviews at Rio Tinto including operations spanning China, Singapore, Hong Kong, Australia, USA, Canada, UK and Belgium following the incarceration of four employees for corrupt practices. 

Global Gold Miner: Adam has conducted multiple investigations with respect to procurement, contracting and conflict of interest at multiple remote site locations. 

Newcrest Mining: Adam led a global assessment of Community Relations activities at locations in Australia, Asia and Africa. As part of this project, Protiviti reviewed a number of community projects to consider fit for purpose, business case analysis, monitoring of spend and achievement of business case outcomes.

Areas of Expertise 

• Internal Audit
• Fraud and Corruption
• Public Sector
• Private Sector

Education 

• Bachelor of Commerce / Business Information Systems

Professional Memberships and Certifications 

• Member, Institute of Chartered Accountants
• Member, Institute of Internal Auditors

E-mail

Ghislaine has over fifteen years of experience in the Professional Services industry. She has undertaken a wide range of business consulting, IT consulting and IT audit assignments during this time. Ghislaine has broad experience across industries and within both the public sector and private sector. She has provided business and IT consulting and IT audit services for a number of international clients and local clients including a number of large private sector clients.

Major Projects

Five Year Strategy: Ghislaine led a consulting engagement to develop the Five Year Strategy for a Superannuation Fund, working with the executive and senior leadership team.

System Implementation Change Assurance: Ghislaine performed a change management review for a Government department’s upcoming system implementation go-live to provide assurance on the approach and activities being undertaken to set themselves up for a successful change deployment.

Capability Vision and Strategy: Ghislaine worked with the People branch executives of a Government agency to define a Capability vision and strategy as part of the start of a multi-year transformation program.

IT Strategy: Ghislaine worked with an Indonesian Bank’s leadership team to develop their IT strategy, defining the future direction of the bank, business requirements and the roadmap to achieve their strategy.

Customer Centric Design: Ghislaine led the customer centric design of the business bank for a key release of this Australian Bank’s transformation program.

Data Governance and Data Quality frameworks: Ghislaine led the design and development of Data Governance and Data Quality frameworks, assessing client’s maturity and providing a pragmatic, yet strategic, roadmap for implementation to uplift maturity.

Melanie is a Managing Director in Protiviti Canberra with over 20 years’ experience in leading business performance improvement excellence in public and private enterprise. Melanie has extensive experience working with organisations in Australia, Asia, Europe and the UK. Melanie specialises in the delivery of whole of business performance improvements through strategy development and execution.

Major Projects

Department of Health: Melanie has provided PPM advisory services to the Mental Health Division. She is focused on providing project and program assurance for the highest priority programs to increase the likelihood of success and mitigate risk.

ACT Emergency Services Agency: Melanie has provided targeted business advisory services and specific business performance improvement guidance across the agency. Melanie has created deep and trusted relationships across ESA and has worked at the strategic and operational level to provide meaningful and applicable advisory services.

ACT Parks and Conservation: Melanie has been the engagement Director on an 8-month engagement with PCS. She led a dedicated team to provide targeted business performance improvement advisory services to the PCS, focused on improving their project and program management practices and streamlining efficiencies.

Management Consulting: Melanie has led the development of capabilities to assist organisations drive improvements to their business performance and deliver strategic objectives through a portfolio management approach.

Management Consulting: Melanie has led the development of capabilities to assist organisations drive improvements to their business performance and deliver strategic objectives through a portfolio management approach.

Sean is a Managing Director in Protiviti’s Technology Consulting practice and has over 15 years of experience in financial services risk management. Sean has worked closely with the banks, Government agencies and insurance companies over the last 13 years in varying external audit, internal audit and other risk and compliance management support capacities. Sean’s recent work includes developing operational risk profiles across banking and insurance product lifecycles.

Major Projects

• Supported the Managing Directors of both Consumer Cards, Unsecured Lending as well as Corporate and Commercial banking for one of Australia’s Big 4 banks in uplifting their operational risk profile across all wholesale and retail products. This involved defining the risk appetite across managed products, identifying key risks and controls across the end-to-end product lifecycle processes, and recommending sustainable control uplift activities.
• Supported the Data and Analytics function of a big 4 bank in uplifting their operational risk profile as well as key controls across their legacy and cloud-based data warehousing environment. This included identifying end-to-end data flows from where the data landed, transformed via ETL (Extract, Transform, Load) processes and consumed via various reporting dashboards (e.g. Tableau, PowerBI, MicroStrategy).
• Supported the remediation of significant control deficiencies within a core banking platform in relation to user access management and reporting governance.
• Led the first line Technology Risk function for one of Australia’s big 4 banks supporting 300+ projects in understanding their internal / external compliance obligations to enable effective and efficient delivery.
• Lead the delivery of a large Australian banks managed service to deliver IT Risk Assessments services across all technology projects, including:
  • Designed, implemented and managed offshore delivery processes; and
  • Managed and oversaw overall service delivery under a managed service.
  • Supported the Asian regulatory requirements definition and understanding of a global private bank’s single customer view solution.
  • Supported a large financial service organisation in developing and executing their strategy to comply with local Customer Data Protection regulatory obligations.
  • Recently led a software company as their CEO which was recognized by Gartner as a global leader in Metadata Management.

Email 

David is a Managing Director and has more than 15 years of experience delivering internal control and internal audit services. He manages the delivery a large-scale business process and internal control assessments for our major ASX listed clients and SME businesses. David brings global experience in finance and operations having managed and delivered projects in Australia, Asia, Africa and the Americas and has specific depth in operational health and safety, which is a fundamental aspect of the industries in which he operates.

Major Projects

Government energy services body – David performed the annual reviews of the consolidated Safety Risk Register. The reviews focused on identifying and classifying emerging safety risks, and defining mitigating practices and controls. As part of assessing the mitigating practices and controls, David has reviewed the risk register, conducted individual meetings with key stakeholders, performed collaborative risk workshops and refined the risk register to reflect revised positions.

Safety Management System and Process Review for Global Coal Miner – David reviewed the effectiveness of work practices established at a portfolio of coal mining operations to perform a gap analysis against Australian standard, companies policies and regulatory safety codes.

Top 5 Global Gold Producer – David delivered risk and internal control reviews across the company’s operations including safety, security and environment across the asset portfolio, inventory, contract management, maintenance of fixed plant and mobile fleet. He also performed operational readiness assessments on two $1 billion project upgrades.

Domestic Copper Producer – David developed and executed the three year Internal Audit Plan focusing on embedding control frameworks into the operational processes, with a specific focus on operational health and safety. He was responsible for preparation and presentation of OH&S reports and submissions to the Executive Committee and the Board Audit Committee.

Chris has over 25 years professional experience assisting organisations improve their business and manage risk associated with major project/ change initiatives. He has held leadership positions in professional associations and was a partner at EY & KPMG.

Major Projects

• Business Change Programs: Chris has provided advice and assurance to Boards and executive management over complex business change programs. He has undertaken such work at Commonwealth Bank, Qantas, Mirvac, Stockland & other corporates.

  He has undertaken numerous IT due diligence reviews across a wide range of industries to inform potential buyers/sellers of the IT capability within the organisation involved.

• IT Risk: Chris has deep expertise in all aspects of IT Risk including risk assessment, security, business continuity, project risk, etc.
• Internal Audit: Has led the risk assessment, internal audit planning and delivery of internal audit assignments. He has extensive experience in relation to the audit of both financial processes and human resource/payroll processes including a detailed understanding of better practices, benchmarks, etc. He recently led assignments of this nature for a major Australian listed corporate entity.
• External Audit: Has external audit experience at large Australian corporate organisations e.g. Fairfax and for SOX filers.
• Government: Chris has led Independent Advisor roles for a number of major procurements within NSW Government involving the selection, procurement and implementation of new business systems and shared services. He has also undertaken Gateway reviews for the NSW Education, Health and Transport agencies. He is an accredited NSW Government Gateway project reviewer.
  
  He has led work for many large internal audit clients including AUSTRAC, NSW Department of Family and Community Services and previously for NSW Department of Ageing, Disability & Home Care. He also has previous experience working for the federal government.
• Financial Services: Chris has extensive experience in financial services. He was seconded to the NAB on three separate occasions to lead their global IT Audit function. He led the IT component of a peer review of Westpac’s internal audit function and was subsequently seconded to Westpac to manage the back office (incl. IT) audit team for a period of 4 months. He is currently working at the CBA.
• Education: Chris has considerable experience in the education sector having undertaken assignments in both the public and private school sectors, and for TAFE and Universities.

Areas of Expertise

• Information Technology
• Internal Audit
• Business Risk

Industry Expertise

• Government
• Transport
• Media, Hospitality
• Financial Services 
• Education

Professional Memberships

• Member, Institute of Internal Auditors
• Past Member, Institute of Chartered Accountants in Australia
• Past Member of the Australian Computer Society
• Past Member of the Information Systems and Control Association

Education

• Chartered Accountant
• Bachelor of Commerce (Accounting & Information Systems), UNSW

E-mail

Rana is a commercially focused and highly driven risk professional specialising in multi-channel complex solution consulting to the financial services sector in APAC. A long career in relationship management at the institutional banking level interacting with global clients in several industry verticals including Oil and Gas, Commodity Trading, Natural Resources and Financial Institutions provides for a deep understanding of the challenges faced by them in the risk, compliance and CDD space. More recently, fully immersive experiences in technology led regulatory compliant onboarding solutions have led to the implementation of numerous market changing programs revolutionising the KYC/AML/CDD space in APAC.

Major Projects

• Responsible for KYC Manged Service , evaluated several vendors in the data, CLM, Screening and digital automation sphere. The managed service was a global Utility with some of the world's largest banks as customers
• Lead the initial design and development of a corporate KYC Utility for Singapore (1.0) and incubated discussions in Hong Kong and Australia
• Developed and owned solution partners relationships with consulting firms and technology partners to evaluate, design and implementing enhancements to AML/CDD for the APAC region
• Identified, lead and delivered a number of consulting engagements as part of the KYC Managed Service and Client Onboarding Platform sales (GoldTier) from work estimation, resource allocation to contract negotiation and deal closure
• Co-authored an Asset Management KYC/Onboarding whitepaper highlight pain points and suggesting potential solutions
• Financial Markets onboarding improvement program : process automation combining credit and compliance
• AI and Machine learning solution sales/partnership in name screening with some of the largest global and regional banks
• Proposition development by evaluating and implementing data , technology , operations and L&D programs for outsourced managed service
• Australian Bank risk process mapping , heat map development and mitigation strategies for both credit and AML/TF risk

Market Development

• Developed and ran serval webinars on client onboarding , KYC and screening with Trade associations and industry bodies
• Conducted workshops with HKCC, ASIFMA and Refinitiv on future of onboarding, Regtech and blockchain in KYC
• Conducted panel discussions across Singapore, HK and Australia on KYC, Onboarding and Regtech
• Regtech ecosystem development strategy for APAC at Refinitiv including a market education framework
• Partnered with various government bodies and law enforcement to further the fight against financial crime
• Founding member of SCAN – Compliance Association & Network of Singapore