Summary
Overview
Work History
Education
Skills
Websites
Accomplishments
Certification
Timeline
HOBBIES
Generic

Nicolaas Prinsloo

Pretoria,GP

Summary

Certified Information Systems Audit and Audit Maanager with over 14 years of experience in architecting and deploying Integrated Management Systems (IMS) across information security, quality, and IT service delivery. Specializes in end-to-end implementation and concurrent certification of ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 20000 (ITSMS). Proven expertise in risk assessment, unified documentation, and managing multi-standard audits to streamline compliance, reduce costs, and enhance operational resilience. Successfully leads projects from gap analysis to certification, delivering measurable improvements in governance and process efficiency. Combines deep technical knowledge with strategic project management to align complex standards with business objectives.

Overview

4
4
years of professional experience
1
1
Certification

Work History

Audit Manager

Kyndryl South Africa
Johannesburg, South Africa (Remote)
09.2021 - 12.2025
  • Perform 1st and 2nd party ISO Audits.
  • Conducted comprehensive audits of information systems to ensure compliance with regulatory standards.
  • Cybersecurity lead for Kyndryl South Africa’s Provident fund (separate set of R&Rs).
  • Developed, implemented and managed an Information Security Management System (ISMS) aligned with ISO 27001 standards.
  • Consultant for ISO27001:2022, ISO9001:2015 and ISO20000:2018 Management System design, implementation and ultimately certification.
  • Manage the Audit Team during internal and external audits.
  • Developed and implemented risk management policies to enhance organizational compliance frameworks.
  • Design audit plans that are aligned with risk profile & strategic objectives in order to execute effective risk-based audits.
  • Negotiate annual audit plan with senior management.
  • Responsible for the planning and execution Internal and External audits for ISO27001:2022, ISO9001:2015 and ISO20000:2018.
  • Guidance during the performance of ad-hoc audit requests.
  • Provide overall coordination of specialist audit teams during internal/external audits for all ISO Standards.
  • Led audit engagements to assess internal controls and compliance with regulatory requirements.
  • Drafting Audit Non-Conformance reports and Follow-up previous audit NC, observations and opportunities for improvement.
  • Timely communication with senior management about changes to audit plans and audit scope.
  • Host audit post-mortem meetings with senior management.
  • Regular discussions with senior management regarding focus areas, progress with strategies and risks.
  • Liaise with external auditors, risk management, Kyndryl global program managers, Kyndryl compliance to ensure assurance provision is optimized.
  • Perform skills development training and coaching.
  • Relationship management with external suppliers & business units to improve audit participation & overall compliance posture.
  • Member of Kyndryl Global Risk and Compliance Team (CTRAC).
  • Process engineering (PbM, SRM, IM, R&DpM, ChM, CpM, SLM, BRM, StCqM, SpM).
  • Crafting training material for new starter training in Quality, Information Security and Service management system awareness, Risk Management and Audit Good Practice Education.
  • Collaborated with cross-functional teams to implement strategic initiatives and improve project outcomes.

Information Security and AI Governance Consultant

MGBJ Consulting Services
Remote
01.2026 - Current
  • Architect and deploy integrated management systems (IMS) that combine ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 20000 (ITSMS) requirements into a unified governance framework
  • Lead the full project lifecycle for Information Security Management Systems (ISMS) aligned with ISO 27001:2022, conducting risk assessments (ISO 27005), developing Risk Treatment Plans (RTP), and creating Statements of Applicability (SoA).
  • Design and implement Quality Management Systems (QMS) per ISO 9001, establishing quality policies, objectives, and process maps while leading continual improvement initiatives.
  • Implement IT Service Management Systems (ITSMS) per ISO 20000, defining operational processes for incident, problem, change, and service request management.
  • Conduct integrated risk assessments covering information security (ISO 27001), compliance, quality management and service management, creating a consolidated risk register and treatment roadmap.
  • Author unified management system manuals and procedure sets that address the overlapping requirements of multiple ISO standards, ensuring consistency and minimizing duplication.
  • Manage concurrent certification audits with multiple accreditation bodies for standards including ISO 27001, 9001, and 20000, achieving simultaneous certifications.
  • Map and integrate control sets from ISO 27001 Annex A, ISO 20000-1, and ISO 9001 clauses into a single governance, risk, and compliance (GRC) solution.
  • Establish KPIs and dashboards for monitoring the effectiveness of all implemented management systems, reporting to leadership on security posture, service quality, and process efficiency.
  • Perform management system GAP analysis by performing comprehensive Internal Audits.
  • Analyze client requirements to develop tailored consulting solutions.
  • Facilitate workshops to identify process improvements and best practices.

Education

High School Diploma -

Belfast Highschool
Belfast, South Africa

No Degree - Introduction to Psychology

University of Toronto
Canada
11-2019

Skills

  • Audit documentation preparation
  • Business relationship management
  • Audit Management
  • Risk Identification, Assessment and Treatment
  • Process Engineering and Improvement
  • IT Security Compliance
  • Business Continuity and Disaster Recovery
  • Information Security, Quality Management and Service Management system design and implementation
  • Data and Process Behavior Analysis
  • Team Leadership
  • Stakeholder Engagement
  • Training and Mentorship
  • SOC 2
  • ITGC Audits

Websites

Accomplishments

  • 2026 IRCA Certified ISO27001:2022 Lead Auditor
  • 2026 IRCA Certified ISO9001:2015 Lead Auditor
  • 2026 CQI Certified Practitioner
  • 2025 Designed new compliance check verification software
  • 2025 Created a new ISO27001 Learning Companion Chatbot using Agentic AI
  • 2025 Created a new ISO27001:2022 companion AI agent
  • Recognized Champion Learner (top 5% of all employees).
  • Created a new Risk Management Process based on Continuous Self-Assessment, designed the Risk Assessment and Treatment Plans and managed process implementation. The process was presented to the European Mainframe Leadership team.
  • Achieved an 80% improvement in overall process compliance posture.
  • Reduced the number of overdue SLA impacting incidents by 90%
  • Improved Customer Satisfaction for various IBM and Kyndryl supported customers by between 35 & 55% through effective CritSit Management and Service Improvement Projects
  • Achieved 96% reduction in process related failed changes through continuous improvement program
  • Received 15 Managers choice awards over the past 3 years.
  • Implemented new ISO27001:2013 and ISO27001:2022 Information Security Management System (ISMS), Quality Management System (QMS), Service Management System (SMS)

Certification

  • CISA (Certified member of ISACA)
  • CQI Certified Practitioner
  • IRCA Certified ISO27001:2022 Lead Auditor
  • IRCA Certified ISO9001:2015 Lead Auditor
  • ITIL v4 Foundation
  • Azure Foundation
  • Microsoft Agentic AI

Timeline

Information Security and AI Governance Consultant

MGBJ Consulting Services
01.2026 - Current

Audit Manager

Kyndryl South Africa
09.2021 - 12.2025

High School Diploma -

Belfast Highschool

No Degree - Introduction to Psychology

University of Toronto

HOBBIES

Drawing

Similar Profiles

CREATE PROFILE
Nicolaas Prinsloo