Neo Lebusa
Vanderbijlpark
Summary
Neo is a vibrant professional, equipped with viable contemporary knowledge in the field of IT-Governance Risk & Compliance (GRC). I've been in the field for over 14 years but specializing for 10 years now. The field has exposed me to a structured approach to aligning IT with business objectives, while effectively managing risk and meeting compliance requirements. I am honest, reliable, friendly, easy to get along with and a quick learner.
Overview
17
17
years of professional experience
Work History
Information Governance Officer
Discovery Ltd
04.2022 - Current
- Establish and assist in the development of appropriate policies, procedures, and practices in relation to IT, Privacy and Security governance and planning functions.
- Ensure and monitor the effective implementation of and drive awareness for policies, procedures, and standards.
- Manage day-to-day activities - maintaining policies, standards, procedures, training, and communication regarding Information Governance.
- In conjunction with Group Legal and Group Compliance, assist in the identification of applicable laws and regulations and assist with the implementation of actions to ensure compliance.
- Exhibit knowledge of governance, legal, compliance and auditing frameworks and apply that in reviewing the quality of existing and new documentation.
- Recognize and identify potential areas where existing policies, standards and procedures require change.
- Support additional internal and external compliance activities as part of the IGS department.
- Support key stakeholders and management with governance planning, reporting, advice and training.
- Developed and maintained IT risk registers and tracked mitigation plans.
- Collaborated with cybersecurity, compliance, and audit teams to ensure risk controls were effectively implemented.
- Monitored and reported on key risk indicators (KRIs) and emerging threats.
- Supported internal and external audits by providing documentation and evidence of risk controls.
ICT Governance Officer
The Commission of Conciliation, Mediation and Arbitration (CCMA)
05.2019 - 03.2022
- Directly responsible for the implementation and compliance with the DPSA (Department Public Service Administration) IT Governance Policy Framework.
- Ensuring that there are correct ICT policies, standards and procedures that conform to the relevant ICT Governance Framework and mandatory legislation and regulations.
- Ensure policies are reviewed and updated regularly.
- Responsible for IT Risk Management and Risk Monitoring.
- Proficient in the design and implementation of effective IT controls.
- Responsible for implementing and reviewing IT processes in accordance with the adopted IT management framework.
- Establish and oversee formal risk analysis and self-assessments program for various Information Services systems and processes.
- Liaise with other functional areas i.e. Internal/External Audit, Governance Compliance Risk and Strategy in executing the ICT Governance processes.
- Manage and track outstanding IT remediation items in the risk register to ensure timely completion.
- To conduct user training on aspects of ICT Governance.
- Assist the ICT Manager: Governance and Security in reporting on Governance and Compliance matters to the identified Governance Committees members.
Divisional Information Governance Officer
Motus Corporation
07.2018 - 04.2019
- Responsible for the administration of the organization’s information and infrastructure security service, policies, and practices to ensure compliance.
- To ensure information is protected in terms of legislation including confidentiality, integrity, and availability.
- Identify, implement, monitor, and report on IT compliance regarding regulatory and legislative requirements.
- Provide objective oversight, monitor, and report on the effectiveness of the processes adopted and implemented in relation to the Risk Governance and Management Framework.
- In conjunction with the companies’ strategy, implement various IT security, management, and governance frameworks.
IM Governance Risk & Compliance Officer
ArcelorMittal South Africa
02.2011 - 06.2018
- IT Risk & Compliance: Accountable and responsible for Risk management process through identifying, assessing, and mitigating and ensuring corrective action plans are performed; Status monitoring and Quarterly Risk management reporting. Develop and manage risk management during Projects. Develop material for reporting to EXCO regarding the status of Risk and Audit findings.
- ITGC Audit & Compliance: Accountable and responsible to ensure that AMSA is complying with SOX legislation on yearly basis by ensuring constant monitoring of IT General controls (Technical automated), Review and Process controls) across all 4 sites. Ensure and Monitor implementation of recommendations and gaps/deficiencies to comply with SOX legislation. Conduct internal assessments of IT Policies, Standards and Process compliance to IT Audit standards.
- IT Regulatory & Audit compliance: Accountable and Responsible to implement, monitor and report on regulations related to IT ACTs (ECT, RICA and POPIA, PAIA) Responsible to Act as the integrated point of contact with all audit bodies in the organization for purpose of Planning, communicating annual audit schedule and ensuring audits findings are resolved on time as per agreed time frame.
- Business Continuity Program: Identify the overall business continuity management process by ensuring that the required I.T technical and service facilities remain available, and in case of failure can be recovered within required time frames.
- Project Management: Organizing, reporting, and managing all phases of the project to ensure on-time completion. The use of MS Office (SQL, Visio), SDLC knowledge. I work well in a team and take control and responsibility for projects being managed. Work across multiple projects where required. Identification and management of risks & opportunities. Communication of project progress to management and project stakeholders. Managing project resources, liaising with other departments to implement project plans, Scheduling & running project meetings and Tracking progress of project.
Systems Development Analyst
DV8 Technologies
07.2009 - 01.2010
- Examine existing IT systems and business models.
- Analyze systems requirements.
- Implement, configure, and test feasible solutions.
End-User Lab Assistant
Vaal University of Technology
08.2008 - 07.2009
- Assist students with the use of system applications.
- Lecture end-user modules.
Education
Master of Philosophy - I.T Governance
Nelson Mandela University
01.2025
Information Security Management System (ISMS): Lead Implementer ISO/IEC 27001:2022
BSI Training Academy
01.2023
Advanced Certificate - Management
Milpark Education
01.2016
Applied Project Management - Information Technology
University of South Africa- UNISA
01.2012
BSc Honors - Information Technology
North-West University Vaal
01.2011
Baccalaureus Technologiae - undefined
Vaal University of Technology
01.2011
National Diploma - Information Technology
Vaal University of Technology
01.2010
Skills
- Problem Solving
- Adaptability
- Collaboration
- Leadership & Productiveness
- Discipline and focus
- Teamwork and loyalty
- Teamwork
- Teamwork and collaboration
- Strong Work Ethic
- Time Management
- Critical Thinking
- Handling Pressure
- Perfectionist
References
Ms. L Makgopa | 073 979 0057 ArcelorMittal South Africa I.T Risk, Compliance & Governance Manager
Mr. C Kungwane |082 313 968 Motus Corporation CISO
Mr. Z. Parak |082 494 8351, Discovery Ltd Group CISO
Timeline
Information Governance Officer
Discovery Ltd
04.2022 - Current
ICT Governance Officer
The Commission of Conciliation, Mediation and Arbitration (CCMA)
05.2019 - 03.2022
Divisional Information Governance Officer
Motus Corporation
07.2018 - 04.2019
IM Governance Risk & Compliance Officer
ArcelorMittal South Africa
02.2011 - 06.2018
Systems Development Analyst
DV8 Technologies
07.2009 - 01.2010
End-User Lab Assistant
Vaal University of Technology
08.2008 - 07.2009
Information Security Management System (ISMS): Lead Implementer ISO/IEC 27001:2022
BSI Training Academy
Advanced Certificate - Management
Milpark Education
Applied Project Management - Information Technology
University of South Africa- UNISA
BSc Honors - Information Technology
North-West University Vaal
Baccalaureus Technologiae - undefined
Vaal University of Technology
National Diploma - Information Technology
Vaal University of Technology
Master of Philosophy - I.T Governance
Nelson Mandela University
Similar Profiles
Siphiwe KhozaSiphiwe Khoza
Customer Service Specialist at Discovery LtdCustomer Service Specialist at Discovery Ltd
Siviwe MambaSiviwe Mamba
Incident Manager at Discovery LtdIncident Manager at Discovery Ltd
Woan-Ing (Amelia) TwuWoan-Ing (Amelia) Twu
Project Manager / Scientific Writer at Pharmacology Discovery Services (Eurofins Discovery Partner Lab)Project Manager / Scientific Writer at Pharmacology Discovery Services (Eurofins Discovery Partner Lab)
Patricia ChibwePatricia Chibwe
Senior Professional Nurse at Mediclinic SASenior Professional Nurse at Mediclinic SA
Ruby Lynne BarnardRuby Lynne Barnard
STCW Certificates at NASTCW Certificates at NA