Jean-philippe Louise

Leading the InfoSec department and involved in the development and management of strategies for IT security and data protection.

*Key Responsibilities:

• Develop and manage the overall approach to cyber and information security.
• Align security standards and frameworks with overall business and technology strategy.
• Oversee and drive projects for the evaluation and implementation of security solutions
• Identify, assess, and prioritize cyber risks and develop mitigation strategies
• Define, implement, and maintain corporate IT policies.

Leading the internal audit team in the day-to-day audit operations and performing risks assessments for group entities.

Areas where I intervened ranged from operational and financial processes, information technology, risk management and other aspects such as fraud investigations.

In another capacity, I was acting as main point of contact for advisory and ad-hoc tasks for group entities in providing expert advice to management on controls, operational effectiveness, governance or any other required matters

*Key accomplishments:

• Worked in collaboration with Group IT department towards the improvement and implementation group wide IT Policies and procedures.
• Developed a number of cybersecurity compliance reviews for specific IT infrastructure components using testing criteria from recognised standards such as NIST CSF, NIST SP800, COBIT 2019 and ISO27001
• Assisted group entities for their system implementation project from business requirements to implementation stage and performed data migration testing where required.
• Performed Cyber risk assessment for group entities which were used to deploy risk mitigation measures and plans.

Ensured the execution of assignments for a portfolio of clients. Scope of work included ITCGs for applications, database, operating systems and the relevant network infrastructure as well as performing special assignments as and when required such as post implementation reviews, migration reviews, and use of data analytics.

Performed full IT audits for various clients operating in the banking, insurance, manufacturing and retailing sector amongst others.

Systems tested varied from simple to complex information systems including Applications, Databases, Operating systems and Networks and ERPs.

Acted as a consultant and worked with clients within the banking and financial sector, advising them on ways to improve efficiency and resolve business problems. This involved gathering information, collecting and analysing data, and developing recommendations designed to improve business processes, modernise operations.