Board Nominated Candidates 2024

I. Vice President

George Kisaka

Over seventeen years’ experience across 16 Sub Saharan Africa markets offering Advisory and Assurance services in information security, technology, and digital risk to influence technical and business personnel into actions that safeguard information, applications, systems, infrastructure, and activities. 

Current Placement:

Information Security Governance, Risk & Compliance Specialist – Yellow Card Vice President - ISACA Kenya Chapter

 Role Summary

Develop an information security framework utilizing NIST CSF, ISO 27001 and SOC 2 industry standards; work with business owners and stakeholders to align security policy and standards to the wider business objectives and compliance requirements; and provide information security insights and guidance to non-IT managers.

Past Placements:

Head of Risk & Compliance - Airtel Money, Airtel Kenya (2020-2022) Internal Audit Manager (IS) - Britam Holdings (2009-2020) Information Systems Auditor - NAS Group (2007-2008)

 Education, Licenses & Certifications:

• IRM Financial Services Risk Management Certificate
• IRM Digital Risk Management Certificate
• Project Management Professional (PMP)
• ITIL v3 Foundation
• MSc - IT (Information Security & Audit), Strathmore University - 2012
• Certified Information Systems Auditor (CISA) – 2007
• Certified Information Security Manager (CISM) - 2008
• BSc - Computer Science, University of Nairobi - 2006
• IMIS Higher Diploma, Strathmore University - 2002

 Skills & Experience:

• Information Security Governance, Risk & Compliance | Audit | Project Management.

II. Secretary

Fredrick Okong’o Ouma

CISA, CDPSE

Dr. Ouma is a holder of Kenyatta University’s Doctor of Philosophy in Business (Project Management), master’s in Business Administration (Project Management), Bachelor of Commerce (Accounting Option), Certified Public Accountant of Kenya (CPAK), and a Certified Information System Auditor (CISA), Certified Data Privacy Solutions Engineer (CDPSE), Project Management Institute-Risk management professional (PMI-RMP) and Certified Trustee.

Fred has over sixteen (16) years of both internal and external audit and risk management experience, financial management, and leadership and is currently serving as the Chief Internal Auditor at Nairobi Securities Exchange.

He was the Head of Internal Audit at the Development Bank of Kenya for six (6) years between 2015 and 2021 and worked at Central Bank of Kenya for five years. Ouma also worked as an external Auditor at Crowe Erastus CPA.He is a Platinum Member of ISACA Kenya Chapter and has been in good standing for fifteen (15) years. He is committed to the service and volunteering in ISACA Kenya Chapter and has previously served in the Communication Committee, and as chapter Treasurer and is the current Secretary to ISACA Kenya Chapter. He is a team player, with admirable interpersonal and communication skills and a high level of emotional intelligence.

George Njuguna

George is a seasoned senior security professional with over 6 years of experience in cybersecurity, emerging threat trends and technologies, security culture and organizational resilience, incident response planning and execution, risk management and assessment, security awareness training and education, compliance and regulatory standards (ISO 27001, ISO 22301, ISO 27701, ISO 42001, ISO 20000, SOC 2, FedRAMP, CSB, GDPR, PCI DSS, NIST and COBIT 2019). 

With a strong background in developing and implementing robust security strategies, George is dedicated to helping organizations navigate complex security challenges and achieve their cybersecurity goals.

He has a proven track record of leading cybersecurity initiatives, conducting risk assessments, managing incident response procedures, and providing security consultancy services to clients across various industries.

George is a sought-after speaker and thought leader, regularly presenting at industry conferences, seminars, and webinars on cybersecurity trends, best practices, and case studies.

He is a certified Trainer, Implementer and Auditor of the Information Security Management System (ISMS), Artificial Intelligence Management System (AIMS) among other management systems, Certified in Cyber Security (CC), Lean Six Sigma White belt and currently pursuing Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM).

He is the current Head of Information Security and GRC at Silensec and CYBER RANGES Group having worked previously as a Security Analyst and as a Senior Security Consultant with reputable organizations and clients beyond Kenya and Africa.

His expertise and insights make him a valuable resource in the field of cybersecurity.

III. Certification Director

Carolyne Muchai

CISA, CISM

Carolyne is an established IT Risk and Security professional with extensive (+9 years) experience in delivering breakthrough results through Data Privacy/Data Protection Assessments, Information Security and Risks Assessments, IT Systems Audits, Systems Implementation (pre and post) Quality Assurance, Cybersecurity Policy/Framework/Strategy Review and Development, NIST, ISO 27001:2022, PCI DSS, Business Continuity Management Compliance Review, Development and Training across various organizations in Telecommunications, Banking, Manufacturing, Insurance, Payment and Logistics industries as well as Government. Her experience spans across Kenya, Tanzania, Rwanda, DRC, Zambia and Ghana.

She has a Bachelor of Business Information Technology (BBIT), is a qualified Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), (ISC)² Certified in Cybersecurity (CC) & is currently pursuing a certificate in Certified Information Privacy Manager (CIPM). As a gold member. Carolyne has served ISACA as a member in the Nominations Committee and currently serves as the secretary in the Advocacy Committee.

Eliud Choge

CISA, CISM

Eliud Choge holds a Master of Science degree in Information Technology Management from the University of Nairobi and a Bachelor’s degree in Business Information Technology from KCA University. I hold the Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM) certifications. I am presently working towards the Certified in Risk and Information Systems Control (CRISC) certification as I continue to sharpen my skills in IT Audit, Risk Management, Cybersecurity and Controls design and testing.

I currently work as an Experienced Technology Risk Senior Consultant at EY – primarily tasked with conducting and managing IT audits for clients in the financial services sector. I have previously worked as an IT Audit Supervisor at KPMG, as a Senior Information Systems Auditor at Safaricom Sacco, as an IT Risk Assurance Associate at PwC Kenya and as an IT Advisory and Data Analytics Assistant at PKF Kenya.

I am curious and passionate about the intersection of people, technology and data for improved business performance. I have demonstrated competencies in Systems Assurance, Data Analytics, Information Security and Financial Technology having collaborated with teams to deliver comprehensive IT audits and system processes audits to support financial audits for clients across Manufacturing, Processing, Renewable Energy, Healthcare, Logistics & Supplies, Automotive, Governmental, Non-Profit, Agricultural and Financial services sectors.

I have been an active member of ISACA Kenya having served in the ISACA Audit Committee 2021-2022, making sure I share my views on matters affecting the ICT industry such as the ICT practitioner’s bill as well as mentoring fellow members and new members in tackling the CISA certification. I also serve as Co-founder of Data Analytics Kenya, a community of over 4,500 Data Analytics Practitioners in Kenya using data to achieve sustainable business and social outcomes. 

George Albert Owino

CISA

GEORGE ALBERT OWINO CISA. ISACA ID: 1011637 is a Silver Level ISACA member. Currently pursuing my Ph.D. at the University of Nairobi (thesis stage). He holds a Masters in Business Administration (Finance Option) The University of Nairobi. Bachelor of Commerce (1st Class honors (Finance Option) Catholic University of Eastern Africa (CUEA). Certified Public Accountant of Kenya (CPAK) in Good Standing, Certified Information System Auditor (CISA), Certified Fraud Examiner (CFE), Board of Trustee KNBS Pension Scheme, A member of Institute of Internal Auditors (IIA), Strategic Leadership Development Programme (SLDP) and National Quality Institute (NQI). Currently the Manager Internal Auditor at Kenya National Bureau of Statistics. He has over twenty years’ experience in both Internal and external audit and risk management experience in Auditing, Internal Control, Finance Control, Management Accounting, and Debt Management Control, Financial analysis, planning, and budgeting. Highly astute energetic and team spirited with strong work ethic. Outstanding academic and practical training in financial corporate governance areas. Fast learner with focused drive to exceed expectations. Self-starter, creative problem solver, top performer.

Paul Mulwa Musimba

CISA

Paul is a Gold-level ISACA member with over 15 years’ of progressive experience in telecommunications, trade facilitation and finance sectors in both public and private organizations. Paul is currently leading the Solutions Architecture function at the Kenya Revenue Authority in the ICT division.

Paul has been a member of ISACA since 2011 and has had the privilege of serving the Kenya Chapter in the Education Committee where I took part in implementing the calendar of events which included talks, the 2023 GRC and 2024 Annual ISACA conferences. He has also served in the Nominations Committee in 2022 as Chairman and in 2021 and 2018 as a member.

Some of Paul’s work experience highlights include being a Technical Lead for Mobile Number Portability project and, Operational Lead for the administration and support of the Kenya National Electronic Single Window System.