Partner – Risk Consulting
Internal Audit, Technology and Operational Risk Management, Governance, Risk and Compliance Transformation
Kevin works collaboratively with Boards and C-suite executives to optimise their processes and controls to better manage risk, enhance compliance, achieve their strategic objectives, and deliver real value to their customers and stakeholders.
He brings 30 years’ experience in enterprise and technology risk management working with major clients across both public and private sectors in Australia, USA and Europe. His engagements have included planning and delivering outsourced and co-sourced enterprise-wide internal audit programs over financial, operational and technology/cybersecurity risks, providing assurance over risks and controls impacting the success of major operational and technology programs and projects, and assessing and implementing large-scale governance, risk and compliance (GRC) transformation programs across people, processes and systems. Most recently, Kevin’s focus has been helping clients to adopt artificial intelligence (AI) in a responsible manner.
Kevin has worked across a diverse range of industries including government, financial services, retail, transport, telecommunications, mining, energy, agriculture, for purpose and health care sectors. In addition to consulting, Kevin has spent over 10 years in industry roles, most notably with the Brisbane City Council (BCC), Australia’s largest local government serving over two million residents with over $3b in turnover and $22b in assets. During his time with BCC, Kevin served in a range of senior executive roles across customer services, finance, strategy, internal audit and shared services.
He is a Chartered Accountant, a Certified Information Systems Auditor and a member of the Institute of Internal Auditors. Kevin is a Past President and current Director of the Information Systems Audit and Control Association (ISACA) Brisbane Chapter and has also served on several ISACA global committees and working groups. He also sits on the board of several for-purpose entities including Logan Together, Loreto College and Villa Nova College. Kevin has written several articles and addressed audiences in Australia and overseas, as a guest university lecturer and speaker at client and industry forums on various financial, operational and technology risk management and assurance topics.
Experience
- Internal Audit – involving outsourced and co-sourced planning and delivery of multi-year, enterprise-wide internal audit programs covering financial, operational and technology risks and controls.
- Governance, Risk and Compliance (GRC) transformation – including the review, assessment, procurement and implementation of GRC transformation programs across people (operating models), processes, data and systems.
- Technology and cybersecurity reviews – assessment of clients’ processes and controls to mitigate risks related to technology and cybersecurity risks including the responsible adoption of AI.
- Regulatory compliance – independent assessment of the design and/or operation of clients’ controls with regulatory compliance obligations and leading practice standards such as ISO-31000 (Risk Management), ISO-27001 (Information Security Management), Privacy Laws, and Australian Prudential Regulation Authority (APRA) standards and guidance.
- Program and project assurance – review and challenge of the program and project controls designed and operated to mitigate the key risks to the successful implementation of major organisational programs and projects, including the realisation of targeted business benefits.
Qualifications
- Chartered Accountant (including holding a Certificate of Public Practice)
- Certified Information Systems Auditor
- Member of the Institute of Internal Auditors
- Member, Past President and current Brisbane Chapter Board Member of ISACA
- Bachelor of Commerce, University of Queensland
- Dr John Yu Fellow in Cultural Leadership, University of Sydney
