We are pleased to announce the official opening of the voting process and you are now required to vote for your Candidates who were nominated for each portfolio.

Cast your vote at https://boardelection2018.questionpro.com

Click on the names below to read the full candidates’ profiles.

Arlene has acquired more than 17 years of experience in the fields of risk management, governance, internal and external IT audit and control, project assurance, data analytics and business continuity consulting. She is passionate about the role that assurance providers play to enable the strategic objectives of business in a responsible and ethical manner. She currently leads the team responsible for IT and project audit assurance; and audit innovation at Santam, the largest short-term insurer in South Africa.

Arlene is a visionary who leads by example. Her advice is to work hard and love what you do. She is excited by the role that the ISACA SA chapter plays in shaping a collective and cohesive response for technology professionals in South Africa. She has served on the ISACA SA Board since 2012 and is currently the chapter Vice President & Programme Coordinator. She has led the chapter as conference chair through two annual conferences and has served on the conference committee since 2012. She also serves on the ISACA International SheLeadsTech Advocacy Working Committee; and previously served on the ISACA International AfricaCACS working committee and represented the SA chapter at International leadership meetings. She was the recipient of the ISACA SA 2017 President’s Award.

She holds a BCom (Financial Accounting and Information Systems) from UCT, an MBA from the University of Stellenbosch Business School and is a practicing CISA. She has also completed a Higher Diploma in Computer Auditing at the University of Witwatersrand.

Arlene Volmink_photo

Francois le Roux

Francois is a CA(SA) and has been a member of ISACA since 1996.   Francois has more than 25 years’ experience in accounting, auditing and technology advisory services.   Francois was a Senior Manager Advisory at PwC for 20 years but have been operating independently for the last 4 years.  Francois delivers services mainly to retail, payment and financial services clients in the Western Cape region.

Francois joined the ISACA board in April 2017 as Treasurer.  Since joining the board, Francois has actively participated in board events.  Francois’ Treasury related achievements include establishing monthly financial reporting, improving cash flow, rigorous budgeting and educating non-financial board members on financial matters.  The board is currently on a journey to better understand income and expense drivers within the context of the economic conditions.

Francois sees himself as a perpetual learner and has a passion for consuming any new information whether it be accounting, technology, news, current events or entertainment related.

Francois Picture

Hein von Willigh is a senior IT leader, currently heading up an Information Risk & Privacy Office, and fulfilling the Chief Privacy Officer (CPO) role for Pick n Pay. His portfolio includes the strategic direction and management of IT Governance, Privacy, Risk, and Information Security. He was also the IT Risk Manager for Allan Gray, and before that gained over six years’ experience at KPMG in the IT Advisory division.

Hein has very broad knowledge and experience, and is currently the Chairman of the “Retail Information Security Community” where he leads industry level engagement and improvement in the IT Governance, Risk, Security and Privacy realm across retail organizations. Hein offers over 11 years’ experience in these fields, and across a diverse range of industries.

Hein’s academic background includes: BSc Degree in Information Technology (Cum Laude) and BSc Honours in Computer Science (Cum Laude) degrees from the Nelson Mandela Metropolitan University of South Africa. Hein has, and continuous to dedicate himself to continuous learning and has thus far obtained four ISACA certifications as well as the internationally renowned CIPM certification, from the IAPP. He also obtained the top score in South Africa for both the CISM and CRISC exams.


Jerall, based at Stellenbosch University since 2015, aims to guide the University’s response to both freedom of information and privacy-related legislation. He serves as the University’s Deputy Information Officer under the Promotion of Access to Information Act and actively leads the development and implementation of institutional regulations, training and awareness initiatives, and supporting tools to help the institution meet its privacy goals. He further plays an active role in the higher education sector’s initiatives to tackle these topics as a member of inter-institutional task teams and sector-specific associations.
Jerall began his career as a SAP functional and training consultant, with a particular focus on SAP’s Finance and Human Capital Management solutions. In 2011, Jerall joined KPMG’s Technology Advisory team in Cape Town. There, he got the chance to apply his functional and technical SAP knowledge differently and through that develop audit, business continuity, information and cybersecurity, and team and project management related skills. Interestingly, also in 2011, Jerall placed as a finalist in an international game design talent search contest. He still occasionally designs new material for the table top game industry in his spare time.


Kenneth Palliam is an Information Technology Governance, Risk and Assurance Professional with more than 16 years of experience in Financial Audit, IT Audit, Internal Audit, Risk Management and Project Management predominantly acquired within the Financial Services Sector and the consultancy industry. He is an ISACA Gold Member and holds the CISA, CGEIT and CRISC certifications. Kenneth has previously served as Academic Relations Coordinator and is currently the Membership and Education Coordinator.

K Palliam

I am a group senior IT auditor: Group Internal Audit. I have a B-Tech Degree in Financial Information Systems and am CISA certified. I believe that technology is changing the world and create efficiencies and opportunities within South Africa. As a result this has been the field of choice for me.

I have over 7 years of experience in the performance of statutory audit assignments based on international recognised standard and frameworks, such as COBIT, ITIL, ISO 27000 series and etc. I am a member of ISACA and am actively involved in attending the conferences as well as chapter meetings.

Lucia photo

Maclaud is a principal information security consultant and a regional advisor for the Biosafety Clearing House. He is an IT Industry thought leader who leads world-class cyber security organizations by building and implementing custom methodologies and frameworks that balance information security and business agility. He has a diverse background with cryptographic security providers, power utilities, petrochemical, mining, finance industry, airline, and governments. He combines executive business savvy with technical know-how to produce solutions and cyber security programs that are both realistic and effective.

Furthermore Maclaud is a BCH regional advisor for IT and has performed advisory missions in Southern African for both BCH I & II

Maclaud holds a Doctorate in Business Leadership from University of South Africa and MBA  & BSc (Computer Science & Mathematics) from University of Zimbabwe. He also holds Information Technology related certifications which include TOGAF 9, CRISC, CISM, CISA, CGEIT, ITIL and other information security certifications.


I am a B.Comm graduate from the University of Natal with majors in Business Information Systems and Finance. In 2005 I joined auditing firm SizweNtsalubaGobodo as a junior IT audit consultant. As an IT audit consultant, I have performed application controls, IT general controls, data analytics and data migration, project governance, ISAE3402, and security reviews. In in 2011 I was promoted to a manager at the firm managing various clients across various industries including banking and finance, energy and mining, medical aids, property management, public sector and telecommunications which included international clientele such as MTN Irancell. In 2015, I joined the Clicks Group where I am currently employed as the IT Audit Manager within the Internal Audit division with over 3 years’ experience in the retail industry.

Mahomed Osman_photo

Mayank is a Senior Manager in the Technology Advisory Business Unit at KPMG. He is responsible for managing a team of managers who execute on IT assurance engagements for a number of clients, primarily in the Technology and Financial Services sectors. His primary role is to oversee the coordination,
planning, resourcing, execution (and managing) of engagements. He has experience in financial monitoring, risk management, people management, as well as strong coordination and exceptional communications skills (both oral and written).
Being an alumni of the University of the Witwatersrand, he has relationships with the School of Economic and Business Sciences (Information Systems). He also has relationships with the Johannesburg Centre for Software Engineering (JCSE). In addition, in 2014, he was responsible for coordinating an Industry-visit as part of the KPMG Graduate Recruitment program. In this role, he had to build relationships with the University of Johannesburg and University of the Witwatersrand in order to coordinate the formal visitation of students to the KPMG campus. Furthermore, in 2015, served on the panel of delegates who advised on the pending Internal Auditor qualification (in terms of the South African Quality Council for Trades and Occupations). He also served as an advisor to the enhancement of the Bachelor of Commerce Honours (Internal Auditor) qualification for the University of Pretoria. KPMG Technology Advisory is one of the largest recruiters of IT graduates in South Africa as well as home to ~180 client-facing IT professionals in South Africa – this provides him with access to obtain an industry view of the IT professional market.
His knowledge, skills, experience and values align with those of ISACA and he is prepared to serve those needs of ISACA and its members. His intention, beyond serving, is to also grow from this experience, both professionally and personally.
Based on his current role, experience and relationships, he has the skills, motives and access to a number
of resources and people who could contribute meaningfully to the goals and objectives of ISACA.


Mokgadi is a Senior Manager in the IT Risk Assurance competency of PWC, with specific responsibility for the delivery of Audit Support engagements. She have over 13 years’ experience in Information Systems Audits, both External and Internal in various multinational. She is a Certified Information Systems Auditor (CISA) with a working knowledge of the COBIT framework for which she obtained a foundation certificate.

As an IT Audit professional She has been involved in providing IT controls assurance and consulting services to clients in a wide range of business environments that has resulted in significant experience in performing General Controls Reviews, Application Control Reviews, Specified Security Reviews (including SAP Basis), ISAE3402 Reviews, Sarbanes-Oxley (SOX) Compliance Audits, IT Governance Review, Project Management and System Functionality Reviews.

Apart from my record as an Audit professional, I am a dynamic individual who has a natural ability to build rapport, communicate to and build relationships with people. I am also able to work effectively within a culturally diverse environment. Being self-motivated allows me to perform well under pressure and against aggressive deadlines in any pressurised environment. I am a highly analytical thinker and I am able to quickly identify, scrutinise, improve, and streamline complex work processes.


I am an IT risk and controls, IT Governance and Enterprise Architect expert with 10 years of consulting and auditing experience. I was previously a Senior Manager in KPMG’s Technology Advisory business unit and built specialist skills by being a core team member of KPMG’s IT Internal Audit and CIO Advisory service offerings. My diverse experience across many industry sectors has embedded different perspectives to my thinking.

I have advised and assisted boards, c-suite executives and senior management in developing, implementing, monitoring and reporting on strategic IT risk management programs and processes. My expertise as an IT Audit, Enterprise Architect and IT Governance Specialist enables me to gain a holistic view of an enterprise and use this view to address challenges of IT and enterprise risk management.

I am currently responsible for IT Governance, IT Risk and IT Compliance at Grindrod Bank Limited. I am certified in Information System Audit, COBIT 5, IT Governance and Enterprise Architecture.

I have developed and continue to grow my technical, interpersonal, communication, critical thinking, personal development, emotional intelligence and leadership skills. I look for opportunities to share my learnings and growth with other professionals with an aim to contribute to their growth and journey. The roles that I am nominated for will serve as a platform to coach and mentor up and coming professionals and provide them with increased visibility of ISACA and the role that ISACA will play in their careers.


Oliver is a qualified Certified Information Systems Auditor (CISA), Certified in the Governance of Enterprise IT (CGEIT) professional and a holder of SAP Security and ITIL Certifications. He has also studied and obtained a Bachelor of Accounting Science degree at UNISA and is currently registered for CIA (Certified Internal Audit) qualification and is due to complete at the end of 2018.

He is currently an IT Audit Manager at Afrocentric Health and in the 11 years’ experience, he has acquired skills in forensic, financial and IT audits, risk management, IT and business process modelling, SOX audits, ISO based reviews. In addition, his IT Audit experience covers IT Governance, application controls, general controls, database reviews, IT Security reviews, data analytics (CAATS) and SDLC reviews (IT project assurance). Oliver has extensive experience in various industry sectors, his focus areas primarily being the banking, and mining, insurance, medical aid and telecommunications sectors including various public sector entities.

Prior to joining the Afrocentric Health, Oliver served as IT Audit Specialist at the Development Bank of Southern Africa and as IT Audit Manager in Nkonki’s Johannesburg IT Advisory Services practice. He has also worked on contract basis for Goldfields Ltd, Neotel Ltd within the Internal Audit functions where he was a SOX IT Internal Auditor. Prior to that he worked at Bytes Technology as an ISO Auditor within the Audit function where he successfully assisted facilitated the ISO 9001 certification. In the early years of his career, he was as a Junior financial audit clerk at BDO Spencer Steward’s Johannesburg practice performing financial assurance engagements during his articles period.

His capability and experience in various industries and the combination of financial, operational and IT audit skills enables Oliver to add value to any environment he is involved in and he is confident that he will play active role and contribute immensely on the ISACA Board.


For the last 20 years my work focus has been within the IT governance, risk and control space. I have worked in multiple industries spanning from financial services (insurance), transportation and logistics (parastatal), and the public sector (provincial government).

I hold a BSc degree with double majors in Computer Science and Computational & Applied Mathematics; a Post Graduate Diploma in Business Management – from the University of the Witwatersrand. I also hold the CISA designation conferred by ISACA.

I currently head the IT Audit unit within the Gauteng Provincial Treasury. The unit undertakes IT Audits across all the Gauteng Provincial Government (GPG) Departments, related entities and select municipalities. The span of work ranges from providing assurance services within the GPG IT landscape; we also undertake consulting services mostly on new system implementations, project rollouts, and various information security assessments.

My career began at Liberty Life Association where I was employed as an IT Research Analyst within the Projects and Architecture unit within the IT division; I would later transfer to the IT Audit unit within the Internal Audit division within the same organisation.

I left Liberty Life to join Transnet Group Audit Services in a middle management role within the IT Audit unit.


Thembekile has a great passion for education and training particularly in the corporate sector. She has contributed to the IT governance and security body of knowledge through various academic publications. She is a conference speaker and has presented in local and international conferences including the ISACA/ CACS conference. She has been an ISACA member for most of her career life and has made contributions to ISACA through knowledge sharing on some of the local ISACA chapter meetings.

She is an experienced trainer and has facilitated numerous training sessions in the IT governance and security space. She is also a registered assessor with MICT Seta. She has over 15 years of work experience in the IT audit and governance field. She has previously worked in different organizations such as KPMG, Standard Bank and the DBSA in various roles. She holds a Master’s degree in IT and I strongly believe that given the opportunity, her skills coupled with experience will enable her to contribute significantly to ISACA as a board member.

With over 20 years’ experience within the ICT and Corporate Governance spaces; I have become a subject matter expert around turnkey solutions for the transformation of any organisation. I am currently the Deputy Business Executive (Chief Technology Officer) for the Auditor General of South Africa (AGSA) with extensive and successful IT leadership and management experience in public and private sector organisations. This is a deputy Chief Information Officer (CIO) role, with added responsibilities of Chief Information Security Officer (CISO) giving me credibility as the founding member on the AGSA Corporate Governance forum as well as the Combined Assurance Forums. My experience and background in ICT strategic, tactical and operations management have brought me to this executive role where I can focus on ICT strategy development, implementation and monitoring using Kaplan and Norton Balanced Scorecard methodology. With a toolbox full of tools I currently manage the implementing of IT governance, risk and compliance (GRC) at an enterprise level. As a certified in IT Governance, Risk and Compliance (CGEIT) Executive coupled with Risk and Information Systems Control (CRISC) credential I do believe this has made me a valuable asset to any organisation with both certifications being administered and issued by APMG on behalf of ISACA. Additionally, I am also COBIT5, ITIL V3, PRINCE2 Foundation certified and hold a multitude of qualifications such as a Global Executive Development Programme (GEDP) – Future CIO Programme and a Masters of Information Technology and currently waiting on my qualification in a Post Graduate Diploma in Corporate Governance and Administration.
I currently have strategic leadership skills within Enterprise Information Management including Business Intelligence and Data warehousing, Business Analysis, Software Quality Assurance, Application Portfolio and ICT Project Portfolio management. Throughout my 22 years, I have worked extensively in business analysis and software applications development across various industries including banking, marketing, manufacturing, media & broadcasting, higher education, mobile telecommunications, retail-FMCG and public sector. I have progressed through increasingly responsible leadership positions at the AGSA, a supreme audit institution which is recognized globally as a pioneer and leader in public sector auditing and the development of global auditing standards. Initially, I was recruited as the leader of Enterprise Business Application (Oracle PeopleSoft ERP and TeamMate Audit Management Software) to contribute to transforming AGSA IT into a model business unit that is diverse, flexible and relevant to the changing needs of the organisation. I was subsequently requested to take over leadership of Enterprise Information Management in addition to leading and managing the enterprise business applications. Instrumental in AGSA IT successful restructuring and development of the IT governance framework. This gave way for to me successfully proposing that a centre of excellence be created, focusing on IT governance, risk, security and compliance, of which I was the leader and nominated to be the IT Steering committee’s expert advisor on IT Governance, Risk, Security and Compliance matters.
Currently, I report to Corporate Executive for technology and communications and have eight direct reports at senior management level and together with the ICT management team we manage R100 million‐plus annual budget. I have been instrumental in the development and execution of the enterprise’s technology strategy, ensuring full alignment of IT with the corporate mission, vision and strategic business plan. In addition to my current career, I am also a Technical Committee Member at the International Organization for Standardization (ISO)/ The South African Bureau of Standards (SABS) and the current Secretary, Director And Board Member at ISACA – South Africa Chapter.


Highly experienced ICT Manager with a total of 19 years in the ICT industry of which 11 years have been in management.  Has worked in the insurance industry at leading organizations including Investec (as an Analyst Programmer), Liberty Life (as an Analyst Programmer), NHBRC (Senior Business Analyst) and SABS (as the Business Applications Manager and ICT Governance and Risk Manager).

Specializes in ICT Governance, ICT Security, ICT Risk Management, ICT Project/Program Management, Business applications implementations, support and maintenance, ICT policy formulation, Application/Software Development Management, ICT strategy development and overall ICT management.  Has five years’ experience tutoring Visual Programming course at UNISA.

  • Holds the following qualifications:
    • Certified Information Systems Auditor (CISA), (ISACA, 2017)
    • Certified Governance of Enterprise Information Technologies (CGEIT), (ISACA passed examination, certification applied for, awaiting Isaca response).
    • COBIT 3 Foundation
    • ITIL Certification
    • MBA degree (TUT, pending)
    • Harvard ManageMentor Leadership Course (2015).
    • Bcom Honours in Business Informatics (UNISA, 2010).
    • Bcom Informatics (UNISA, 2005).
    • Bsc (Honours) degree in Biochemistry (University of Zimbabwe, 1992).