Summary
Overview
Work History
Education
Skills
Certification
Notes
References
Residentialarea
Languages
Personal Information
Accomplishments
Timeline
Generic

Sihle Ndlovu

Senior Manager:GRC
Centurion

Summary

A highly skilled and results-driven professional with extensive experience in auditing, project assurance, ISO 27001 implementation, vendor management, and third-party risk management. Proven track record in improving audit outcomes, establishing governance frameworks like IT risk committees, and overseeing business continuity management (BCM) steering committees. Adept at managing finance budgets, tracking expenditures, and ensuring alignment with organizational objectives. Strong communicator and problem solver with a focus on enhancing security, operational efficiency, and risk mitigation strategies

Overview

10
10
years of professional experience
6
6
years of post-secondary education
11
11
Certifications

Work History

Head: IT Governance, Risk and Compliance

Blue Label Telecoms
Sandton
12.2021 - Current
  • IT Governance Management: Implementation of security measures that support the Information Security to ensure alignment with the organizational strategy,
  • Implementation and maintenance of the Information Security Management System (i.e. ISO 27001).
  • Lead the risk management process through the implementation of risk mitigation strategies based on Information Security best practice principles,
  • Review and provide input to business cases and Technology specification documents,
  • Ensure compliance with Information Security Policies, Procedures and Processes,
  • Participate in developing, implementing and maintaining Information Security Policies, processes and procedures based on industry standards and best practices,
  • Take appropriate measures to safeguard the company, customer and proprietary information from threats and vulnerabilities, IT Risk Management: Monitor the Risk Register to ensure that clear mitigation strategies have been defined and that the implementation of the mitigation strategies are effective, Facilitate audits, inspections, testing and/or reviews of relevant processes and management controls by various internal groups and external groups, Compile and consolidate IT risk management registers and report to the Information Security Officer Ensure compliance with the Change and Release Management process Engage with internal and external stakeholders on IT risk management procedures, Execution of the risk management tools and risk assessments to ensure accuracy and completeness of information and security practices, Compliance Management: Implement compliance processes to ensure Group IT complies to processed defined and implemented by Group Legal, Risk and Compliance, Monitors all operational processes and procedures using a compliance management platform to ensure that the company complies with all legal regulations and ethical standards, Create and manage effective action plans in response to audit discoveries and compliance violations, Tracking all compliance issues raised by Group Legal and Compliance.
  • Excellent communication skills, both verbal and written.
  • Proven ability to learn quickly and adapt to new situations.
  • Skilled at working independently and collaboratively in a team environment.
  • Self-motivated, with a strong sense of personal responsibility.

Manager- IT Internal Audit

KPMG Services (Proprietary) Limited
Parktown, Johannesburg
01.2015 - 11.2021
  • Responsible for leading the execution of audit engagements, and provide guidance and coaching to team members.
  • Client relationship management: building and maintaining relationships with key clients (managed accounts of big blue chip clients such as Momentum Group, Aspen, Blue Label Telecoms etc.)
  • Facilitating meetings in the event of understanding the internal processes adhered to and obtaining the relevant information,
  • Research on clients, technology trends and innovations,
  • Business Development contribution by growing the skill sets,
  • Responsible for planning of projects, engagement scoping, resource allocation, budget and WIP management
  • Financial Management which included managing the profitability of projects and client accounts against specific budget targets.
  • Identifying and logging potential leads for additional Advisory service offerings,
  • Responsible for reporting and quality management (review of work products) on all project deliverables.
  • Assessing clients’ inherent risks and residual risks based on the clients control environment and providing recommendations.
  • Leading and representing IT Internal Audit as part of the combined assurance approach for clients. This included providing a risk profile from an audit perspective and the assurance work done as part of the combined assurance framework.

Trainee Internal Auditor

University of Pretoria
Pretoria
1 2012 - 12.2014

Assist in drafting of process analysis documents,

  • Assist in identifying and analyzing risk and controls,
  • Assist in drafting of the scope letter (engagement letter) for approval by the engagement manager,
  • Drafting of Audit Programs based on process analysis and risks for approval by the engagement manager/partner,
  • Responsible for conducting fieldwork and documenting the results, Assist and review sections of the work performed by juniors on the project/engagement,
  • Responsible for drafting of audit reports for review by the engagement manager,
  • Participate in meetings and given opportunities to discussion certain audit exceptions/findings with client.

Education

Bcom Internal Auditing -

University of Pretoria
Pretoria

Bcom Internal Auditing (Honours) -

University of Pretoria
Pretoria
02.2011 - 12.2011

Matric Certifcate -

KaMhola Secondary School
Barberton
01.2003 - 12.2007

Skills

eAudit (Audit software)

TeamMate

Risk Management

Compliance

IT Goverance

Certification

CIA (Certified Internal Auditor)

Notes

1 Calendar month, Permanent

References

  • Mrs Tshilidzi Mphephu, Deputy Business executive (Auditor General of South Africa), +27 79 057 3872
  • Severiano Robinson, Head of Platforms, 082 949 0784, Old Mutual
  • Mrs T Madzivhandila, Internal Audit Manager, 082 887 9109, PWC

Residentialarea

Centurion, Pretoria

Languages

English and SiSwati

Personal Information

  • Criminal Record: None
  • Nationality: South African
  • Driving License: Yes
  • Marital Status: Single

Accomplishments

  • ISO 27001:2022 successful implementation and certification of a fintech organisation.
  • ISO 27001:2022 surveillance audit passed with no audit findings.
  • Successful IT Governance framework implementation
  • Successful implementation of business continuity management system (BCMS).
  • Improved audit outcomes for general IT controls from 65% to 95%.

Timeline

Head: IT Governance, Risk and Compliance

Blue Label Telecoms
12.2021 - Current

Manager- IT Internal Audit

KPMG Services (Proprietary) Limited
01.2015 - 11.2021

Bcom Internal Auditing (Honours) -

University of Pretoria
02.2011 - 12.2011

Matric Certifcate -

KaMhola Secondary School
01.2003 - 12.2007

Trainee Internal Auditor

University of Pretoria
1 2012 - 12.2014

Bcom Internal Auditing -

University of Pretoria
CIA (Certified Internal Auditor)
CRISC (Certified in Risk and Information Systems Control)
CGEIT (Certified in Governance of Enterprise IT)
Certified Agile Project Management Practitioner
COBIT 2019 Foundations
ITIL Foundations Certificate in Service Management
ISO 27001:2013 Requirements
ISO 27001:2013 Implementation
ISO 27001:2013 Internal Auditor
ISO 22301:2019 Requirements
ISO 22301:2019 Implementation
Sihle NdlovuSenior Manager:GRC