Welcome to ISACA Melbourne Chapter

As an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems.  Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.

ISACA has more than 200 chapters established in over 180 countries worldwide providing members education, resource sharing, advocacy, professional networking and a host of other benefits on a local level. 

ISACA Melbourne Chapter was established in 1980 and has over 1,000 members.

Our Melbourne Chapter provides monthly professional development sessions, training on our frameworks and study/ review sessions for all our four core certification exams, and helps to further promote and elevate the visibility of the IS audit, control and security profession throughout the Melbourne area.

This chapter is run by volunteers who are ISACA members elected at the Chapter's Annual General Meeting (AGM).  The Chapter highly encourages its member to actively participate and volunteer to the chapter.

Chapter Leaders

President


Wayne Tufek

As a Director of CyberRisk, Wayne works with a diverse number of clients from national household brands to small businesses, providing advice on how to secure their information and information systems and how to manage their risk effectively. Before CyberRisk, he formulated pragmatic business-driven strategies to establish, execute and improve cyber risk management in ASX listed companies and some of Australia’s largest organisations across the public sector, Big 4, financial services, consumer products, education, and retail sectors. Wayne brings practical hands-on experience leading security functions and successfully uplifting security maturity and capability, all the while managing budgets, resource constraints, and stakeholder expectations. He is frequently asked to present at security conferences and events in Australia and internationally, including the Australian Cyber Security Centre Conference, AusCERT, RSA APJ, ISC2 Security Congress, AISA, SACON, and CeBit.

Vice President


Suzanne Murray

 
Suzi is a security, governance and risk specialist with over 25 years’ experience. Suzi has worked in IT, Standards, Risk, Service Management and Security, with a focus on delivering business value, aligning governance to business strategy and managing risk. A strong advocate of Cyber Awareness, having delivered an award winning, global, enterprise security training program for Telstra, she has presented at All Day DevOps and is a founding member of the Melbourne DevSecOps Day Organising Committee. Suzi is on the board of Moreland Community Gardens and is the ISACA Melbourne Chapter Vice President.  

Post-nominals: Certified Information Systems Manager (CISM); Certified Risk & Information Systems Control (CRISC); Certified in the Governance of Enterprise IT (CGEIT); Certified Expert in IT Service Management (ITIL) V4 



Secretary


Steven Kintakas

Steven is a cyber security professional with a career spanning over 22 years of experience across a range of industries including finance, energy & utilities, resources, transport, manufacturing, government, health, education, and telecommunications. 

Practice Lead of security architects at Astralas, Steven is a practitioner and leader focused on building trust. In providing business-driven and outcome-based value to manage risk effectively, Steven has contributed to the improvement of cyber risk management across many ASX-listed companies and some of Australia's largest organisations in fields such as security architecture & strategy, governance risk & compliance, managed services, incident response, research and development, and technical solutions and controls. 

Previously a Director and sector leader within Deloitte Australia's Cyber practice, he has also held various leadership and technical positions at Computer Associates, CGI, Fujitsu Australia, Dimension Data, and Zimbani. Steven frequently presents at security conferences and events in Australia and internationally, including at the AISA national Australian Cyber Conference, and the COSAC Security Conference in Ireland and APAC. 

A Deakin University alumnus, Steven’s post-nominals include CISM, CDPSE, CISSP, CCSP, and SABSA SCF.

Treasurer

Trisha Lee

Trisha combines good business acumen, leadership and influencing skills with extensive experience in leading large teams and advising large organisations, primarily in the financial services sector, on their business, data, information and technology related governance, operational and compliance risks and controls needs, as well as internal audit and regulatory compliance requirements. Possessing excellent management, communication and interpersonal skills, Trisha works comfortably with all levels of executive, management and staff.

 

Trisha has over 20 years of operational and compliance risk experience as she has worked in PricewaterhouseCoopers, Ernst & Young and the ANZ Bank.  She is currently the Head of Data Risk & Compliance within Enterprise Data Governance, Digital Banking at the ANZ Bank.

Immediate Past President

John O’Driscoll

John O’Driscoll is a pragmatic cyber security, operational risk management, and audit professional. He has over 35 years experience in IT governance, risk and compliance across a range of financial services and superannuation organisations (ANZ, CBA, NAB, AMP, Perpetual), insurance, public sector and utility companies 

 

John was appointed to a new role as Head of Risk Technology and Security, at Medibank in mid 2024. Prior to this John served as Victoria's first Chief Information Security Officer (CISO) for 6 years after his appointment in October 2017. He led the development and delivery of Victoria’s Cyber Security Strategy to assess, monitor and respond to cyber security risks, as well as engaging with the government departments, interstate counterparts, Commonwealth and private sector experts to deliver a resilient and cohesive cyber security capability 

 

John has a keen interest in growing and promoting cyber skills. John assists RMIT as a Cyber Security Industry Expert and helps deliver targeted domestic and international cyber skills programs. He has also lectured in IT Risk and Security related topics at tertiary institutions including Swinburne, RMIT, Melbourne University, Deakin, and UTS. 

John was a member and inaugural co-chair of the Australian National Cyber Security Committee, Melbourne JCSC (Joint Cyber Security Centre), RMIT Cyber Industry Advisory Board, and University of Melbourne Academic Centre for Cyber Security Excellence. John has been a board member for the ISACA Melbourne Chapter since 2014, and is a recipient of ISACA’s Tony Hayes Award which recognises outstanding leadership and commitment to the IT Governance profession within the Oceania Region.  John currently holds the ISACA CISA, CISM and CGEIT certifications, and is an inaugural Fellow of the Australian Information Security Association (FAISA). 




Research Director

Reshma Devi

Reshma is an experienced Risk Leader in Data and AI, Security, and Technology. She holds a Master’s in Information Technology, is a Certified Data Privacy Solutions Engineer (CDPSE), and a Certified DCAM Professional. With a passion for AI and emerging technologies, Reshma has over 20 years of experience working in Australia and New Zealand, with a strong focus on Data and AI, Security, and emerging challenges.
Reshma serves as a Board Member and Research Director at ISACA Melbourne, and previously as a Diversity Director, overseeing OneInTech and SheLeadsTech. She was also ISACA’s CDPSE Manual Subject Matter Expert Reviewer. She regularly contributes to blogs, podcasts, and magazines. She chairs the Advisory Board for other non-profit organisations and is a Board Member at Lutheran Education. Reshma regularly speaks at industry conferences and panels on topics such as responsible AI, data governance, and women in leadership. Her work has contributed to shaping policy discussions around responsible AI and digital trust in Australia and New Zealand. She is also involved in academic collaborations, contributing to research on AI ethics and data resilience.
Reshma is a Certified Practitioner and a Self-awareness Leadership Coach. Her passion for leadership has driven her to assist women in leadership roles and work on numerous women-led initiatives. She mentors emerging leaders and actively supports career transitions moving from middle management to executive roles. Her main focus areas are self-awareness, integrity, and effectiveness, which she believes are crucial for enhancing individual performance, influence, and leadership abilities.

Membership Director


Wayne Rodrigues


Wayne Rodrigues is a seasoned cybersecurity architect with over a decade of experience in aligning security strategy with business outcomes. As a Security Architecture Practice Lead, his career has spanned technical security engineering, governance, and architecture.
Wayne holds a wide portfolio of industry certifications, including CISSP, CISM and SABSA SCF, and is a passionate advocate for knowledge-sharing and mentorship. His dedication to the industry was recently recognised with a nomination for the "Champion of Change" award at the Australian Women in Security Awards 2025.
Whether securing enterprises, researching emerging technologies, or collaborating with other security industry professionals, Wayne's goal is clear: to build a more secure and resilient world, which is impactful, sustainable and inclusive.
 

Certifications Director


Don Tibbits


Don has more than 20 years' experience as an information system and security manager and IT managed service provider (MSP). Previously he worked for many years in hospitality and has broad experience in a range of industries. He has travelled widely, living overseas for several years and has lived and worked in a remote Aboriginal community.

The business Don owns and runs provides services to small and medium enterprises (SMEs). The company’s activities are increasingly focused on cyber risk management and the growing importance of cyber and information risk governance. Don also offers vCISO services to SMEs and has a particular interest in supply chain cyber risk.

Don holds a Master of Cyber Security degree and multiple professional certifications, including ISACA CISM, CRISC and CISA. He is a member of the Australian Computer Society (ACS) Victoria Branch Executive Committee and the ACS IT Governance Committee. Don is actively engaged as a member of several other professional associations focused on governance, risk management and security, including AICD, AISA, ASIS, auDA, ISC2 and RMIA. He is a past president of SMBiT Professionals Melbourne chapter and served for four years on the association's board.

Don has taught IT-related subjects at Holmesglen and Swinburne University and is an accredited ISACA trainer. He is an ISACA Global Volunteer and Topic Leader for the ISACA Engage Community forums. He is enthusiastic about helping others to achieve professional certification and is currently the Certifications Director of the ISACA Melbourne Chapter.

 

Marketing & Communications Director


Natalie Perez

Natalie Hingco Perez is a seasoned technology risk and assurance professional with over 20 years of experience in consulting and financial services. Her journey with ISACA began as a SheLeadsTech ambassador, where she passionately championed gender diversity in technology. Since then, she has held key leadership roles, including Professional Development Director and currently Marketing Director.

Natalie played a pivotal role in establishing the SheLeadsTech Melbourne initiative, which contributed to the ISACA Melbourne Chapter winning ISACA’s 2022 Most Innovative Chapter Programs Award for Education. Her dedication has been recognised globally and nationally through honors such as one of the five ISACA Outstanding Chapter Leaders (2025), Australian Women in Security Awards Highly Commended Volunteer(2024), the ANZIIF Donna Walker Award for Inspiring Leadership (2023), and being named a finalist in the 2025 Top Women in Security ASEAN Region Awards.

A regular contributor to ISACA global events, including speaking at the 2022 virtual Global Leadership Summit at Illinois USA, Natalie is deeply committed to mentoring women in technology and fostering collaboration across professional networks. She also shares thought leadership on emerging trends, such as how AI is impacting the audit profession, through platforms like LinkedIn, helping professionals navigate the evolving technology landscape.

She holds globally respected certifications, including CISA (Certified Information Systems Auditor) and CRISC (Certified in Risk and Information Systems Control), reflecting her expertise in technology risk and governance. Outside of her professional and volunteer work, Natalie is a devoted mum of four and enjoys staying active through dance, strength training, yin yoga, and reformer Pilates—a testament to her belief in balance and well-being.

Professional Development Director

Bharat Bajaj

Bharat is a highly accomplished Technology Risk leader with two decades of experience navigating the complex landscapes of Artificial Intelligence, Machine Learning, Cybersecurity, and Privacy. I have partnered with three of the "Big Four" Australian banks, spearheading large-scale transformative projects and architecting robust technology risk mitigation strategies that demonstrably safeguard operations, enabling customer objectives. My approach blends deep industry expertise with incisive strategic thinking, consistently delivering tangible business value.

 

Currently at the forefront of financial industry adoption of cutting-edge technologies, Bharat is instrumental in the implementation and governance of Machine Learning, Generative AI, and AI Agentic systems. Bharat’s responsibilities encompass the identification of technology risks and compliance requirements, with the development and implementation of comprehensive controls and guardrails.