About

Welcome to ISACA Melbourne Chapter!

As an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems.  Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.

ISACA has more than 200 chapters established in over 180 countries worldwide providing members education, resource sharing, advocacy, professional networking and a host of other benefits on a local level. 

ISACA Melbourne Chapter was established in 1980 and has over 1,000 members.

Our Melbourne Chapter provides monthly professional development sessions, training on our frameworks and study/ review sessions for all our four core certification exams, and helps to further promote and elevate the visibility of the IS audit, control and security profession throughout the Melbourne area.

This chapter is run by volunteers who are ISACA members elected at the Chapter's Annual General Meeting (AGM).  The Chapter highly encourages its member to actively participate and volunteer to the chapter.

President


John O’Driscoll

John O’Driscoll is Victoria's first Whole of Government Chief Information Security Officer. He was appointed to the role in October 2017, where he created and leads the Cyber Safety Unit within DPC. His team’s mission is to create a “Cyber Safe Victoria”, and deliver Victoria’s Cyber Security Strategy to assess, monitor and respond to cyber security risks, as well as engaging with the government departments, interstate counterparts, Commonwealth and private sector experts to deliver a resilient and cohesive cyber security environment.

John has over 30 years’ experience in information technology, with a focus on cyber security in financial services and the public sector. He was previously the Senior Manager, Information and Technology Risk at ANZ. He has a keen interest in growing and promoting cyber skills and has lectured in IT Risk and Security related topics at tertiary institutions including Swinburne, RMIT, Deakin and UTS universities.
John is a Board member for the ISACA Melbourne Chapter, Melbourne JCSC (Joint Cyber Security Centre), and University of Melbourne Academic Centre for Cyber Security Excellence. John is also a recently appointed Fellow of the Australian Information Security Association (AISA).


Vice President


Wayne Tufek

As a Director of CyberRisk, Wayne works with a diverse number of clients from national household brands to small businesses, providing advice on how to secure their information and information systems and how to manage their risk effectively. Before CyberRisk, he formulated pragmatic business-driven strategies to establish, execute and improve cyber risk management in ASX listed companies and some of Australia’s largest organisations across the public sector, Big 4, financial services, consumer products, education, and retail sectors. Wayne brings practical hands-on experience leading security functions and successfully uplifting security maturity and capability, all the while managing budgets, resource constraints, and stakeholder expectations. He is frequently asked to present at security conferences and events in Australia and internationally, including the Australian Cyber Security Centre Conference, AusCERT, RSA APJ, ISC2 Security Congress, AISA, SACON, and CeBit.

Secretary


Steven Kintakas

Steven is a cyber security professional with a career spanning two decades, and experience across various industries including finance, energy & utilities, resources, transport, manufacturing, health, education, and technology-media & telecommunications. 
A Director at Deloitte within the Risk Advisory division’s Cyber & Strategic Risk practice, and a Senior Security Architect practitioner, Steven has also held technical, generalist, and leadership roles at Computer Associates, CGI, Fujitsu, Dimension Data, and Zimbani. 
Pragmatic in his approach to cyber and information security, Steven is a confident and thorough cyber leader in building trust and managing relationships. In his dedication for providing outcome-based value to manage risk effectively, Steven has previously held positions in the vendor, integrator, consulting, and service provider space including security architecture & strategy, managed services, incident response, and technical solutions & controls. 
A Deakin University alumnus, Steven’s post-nominals include CISSP, CCSP, SABSA SCF, and CDPSE. 

Treasurer




Trisha Lee

Trisha combines good business acumen, leadership and influencing skills with extensive experience in leading large teams and advising large organisations, primarily in the financial services sector, on their business, data, information and technology related governance, operational and compliance risks and controls needs, as well as internal audit and regulatory compliance requirements. Possessing excellent management, communication and interpersonal skills, Trisha works comfortably with all levels of executive, management and staff.

 

Trisha has over 20 years of operational and compliance risk experience as she has worked in PricewaterhouseCoopers, Ernst & Young and the ANZ Bank.  She is currently the Head of Data Risk & Compliance within Enterprise Data Governance, Digital Banking at the ANZ Bank.







Research Director


Mike Trovato

As an outcome-oriented, internationally recognised cyber security, privacy, risk, and technology leader, Mike has served in board and executive roles to balance risk, investment, and compliance to protect value, brand, and reputation while driving innovation. He also invests in and qualifies innovative privacy and cyber security solutions. He is specialised in Financial Services, Government, Energy, Information, Communications, and Media Industries.

Currently he is Information Integrity Solutions, Managing Director; and Internal Consulting Group (ICG), Global Practice Leader Cyber Security. Former roles include EY Cyber Security Asia Pacific, Oceania, and FSO Practice Lead Partner; NAB Group, GM Technology Risk and Security; KPMG, Northeast US Partner Information Risk Management; Salomon Brothers, Senior Internal Auditor; and MasterCard International, Principal, Program Omni.

He is an AISA Board Director, an ISACA Melbourne Chapter Board Director, a Member of the National Standing Committee on Digital Trade and a Museum of Modern Art Heide Foundation Board Member.

Post-nominals: Certified Information Systems Manager (CISM); Certified Data Privacy Solutions Engineering (CDPSE), Certified Information Systems Auditor (CISA); Graduate, Australian Institute of Company Directors (GAICD), Member Australian Information Security Association (MAISA), ICG Accredited Professional (ICGAP).

Professional Development Director


Suzanne Dyke


Suzi is a security, governance and risk specialist with over 25 years’ experience. She has worked in IT, Standards, Risk and Security, with a focus on delivering business value, aligning governance to business strategy and managing risk.


A strong advocate of Cyber Awareness, having delivered an award winning, global, enterprise security training program for Telstra, she has presented at All Day DevOps and is a founding member of the Melbourne DevSecOps Day Organising Committee

Suzi is on the board of Moreland Community Gardens and is the ISACA Melbourne Chapter Professional Development Director
 
Post-nominals: Certified Information Systems Manager (CISM); Certified Risk & Information Systems Control (CRISC); Certified in the Governance of Enterprise IT (CGEIT); Certified Expert in IT Service Management (ITIL)


Certifications Director



Bharat Bajaj


Bharat is an enthusiastic risk professional with 15 years of Governance Risk and Compliance experience. Bharat has Bachelor in Information Technology and multiple industry certification including ISACA CRISC, CISM and CDPSE certification. Bharat is passionate about protecting privacy and take special interest discussing technical and business controls to mitigate data risks.
Bharat is Certification Director for ISACA Melbourne and a strong advocate for the ISACA certifications. Bharat is an accredited trainer and enjoy educating risks, controls, information security and privacy related subjects.
Working in financial industry for 15 years, Bharat has design and implement controls using Cobit, PCI DSS, CPS234, GDPR, APP, NIST and ISO27001 standards and frameworks.

Membership Director


Omar Alarcon


Omar is an audit, governance, risk and compliance specialist with over 20 years of experience across different industries, including telecommunications, education, transport, energy and oil, finance and insurance, as well as public service. 
Currently serving as a Senior Auditor in Australian Unity, Omar has previously served in technical and leadership roles in Telstra, Public Transport Victoria, PwC, and the National Disability Insurance Agency (NDIA). 
In those roles, Omar has always promoted the added value that GRC initiatives can provide to business areas and is passionate about building relationships with internal and external stakeholders. As a complement to the technical areas, Omar is preparing an initiative on LinkedIn called “#BeKind” aiming to raise awareness about kindness in the workplace. 
Omar is also passionate about running, having completed a number of Half Marathons in Melbourne during the last few years. His post-nominals include CRISC, CISM, CISA, CDPSE, ITIL and ISO 27001. 




Marketing & Communications Director


Zahir Ali Quettawala

Based in Melbourne, Australia, Zahir, is an experienced ICT professional specializing in cybersecurity, technology, and risk advisory services. He has more than 23 years’ experience delivering a wide range of business and IT projects, ranging from strategy development through to system implementations across Australia and Asia.
Zahir often works with the C-suite and senior management where he helps them understand the cyber threats and risks that impact their business and the strategic activities required to manage these risks. He also works with technical teams to help them understand the security vulnerabilities and technical security gaps in their organisations’ systems and processes, and the remediation activities required to address them. 
He is currently working with PWC as Manager, Trust and Risk. In addition, he serves as Honorary Industry Professor with Deakin University and as an accredited trainer with ISACA Australia and US Chapters and has delivered various information` security trainings and cybersecurity boot camps across many organisations, insititutes and universities. Zahir holds industry certifications including the: CISA, CISM, CRISC, CDPSE. 

Diversity Director


Reshma Devi

Reshma is an experienced Data, Security and Technology Risk specialist.
She has a Masters in Information Technology and loves anything that involves Data. With over 20 years’ experience in Banking and Financial sector in Australia and New Zealand, Reshma is very passionate about Data Security and emerging data challenges.
Reshma is the Diversity Director for ISACA Melbourne. She is also the Ambassador for ISACA’s SheLeadsTech and previous Coordinator for SheLeadsTech Melbourne. Reshma is the Women in Leadership Program Lead at Australian Women in Security Network (AWSN) and the AWSN Chapter Lead for Melbourne.
Reshma was the finalist in Women in Security Awards in 2020 for People’s Choice Award in IT Security, and was also nominated for Best Student Security Leader, AWSN Award for 2020, Australia’s most outstanding Women in Protective Security/Resilience and The One to Watch. In 2021, she has been nominated for the Best Volunteer for Women in Security Awards.
Reshma supports women transitioning between careers and is passionate about helping students with mentoring and guiding careers in Technology and STEM. Her passion has led her into assisting women in leadership roles and working on many women led initiatives.