Johan Opperman

Experience

• 

  Ingwe Coal Corporation Ltd

  Apr 1997 - Feb 2001

  Information Technology Information Security Consultant

  Information Technology Security Consultant to Ingwe Coal Corporation reporting to the IT Manager (Chief Information Officer). Ingwe Coal Corporation consisted of a number of coal mines in South Africa and formed part of the Billiton Group - now BHPBilliton.Responsible for the successful overall design, implementation and maintenance of the information security program in support of business automation processes and the establishment of network connectivity among all the mines and the Billiton Group. - Requested to chair the global Billiton Group Information Security Forum as an Ingwe member. - Successful establishment, execution and monitoring of an information security strategy, tightly aligned with the Ingwe corporate and business strategies. Overall responsible for the effective delivering of intrusion detection systems, policy monitoring systems and secure remote access system related projects, in addition to the process and governance related dimensions.- Establishment and maintenance of an effective business continuity strategy for the Ingwe Group.- Exceptionally high level of Information Security awareness to ensure support for the program.- Proving the value of an intrusion and vulnerability assessment management system. - Realise substantial cost saving via the utilisation of a Public Key Infrastructure (PKI) in key areas.- Effective introduction of one of the first multi-factor remote access solutions in the South African industry. - The security model of Ingwe Coal Corporation and lessons learnt was the subject of a case study by one of the big auditing firms in South Africa. Show less

• 

  Absa Group

  Mar 2001 - Jan 2015

  Group Consultant to the Absa / Barclays Africa Group, based in Johannesburg, South Africa with operations in a number of countries on the Africa continent. It is structured into clusters (Retail, Business Banking, Investment Banking, Financial services (including short and life insurance), Africa Operations and Central Services.) As Group function I deal with the respective mentioned clusters and is responsible / mandated for Regulator engagement on operational risk.Achieved the Prestige Award for being the first Bank in Africa to obtain Basel II Operational Risk Advanced Measurement Approach status providing the Absa Group with a competititive edge.My interst lies in the effective and efficient correlation of strategy (and execution), risk and governance to achieve the optimum sustainable risk reward profile and effective support of business goals. Responsible for operational risk oversight, new product approval and product monitoring, the risk processes associated with merger, acquisitions and start-up operaions on general management level. Holistic / integrated and cross risk views are taken from a product approval / monitoring and start-up / acquisition perspective. Extensive background experience also on related disciplines such as business continuity and information sececurity (qualified as a certified information system auditor in the past), information system auditing, regulatory compliance as well as counter intelligence and other operational risk / enterprise risk management disciplines. Show less

  • Group Consultant Operational Risk

    Mar 2003 - Jan 2015

  • Information Technology and E-commerce Auditor

    Mar 2001 - Apr 2003
• 

  Ristco (PTY) Ltd

  Feb 2015 - now

  CEO / Owner Consultant

  I optimise client value via the strategic correlation of risk, strategy, governance and performance management by addressing specific building blocks required to achieve the above.My consultation services include:- Climate change and sustainability- Ethics- Strategy- Entity (risk) strategy and associated risk governance management. Risk based environmental analysis to enhance the risk identification and associated management processes. - Risk integration with the strategic and operational processes.- Design and optimisation of an enterprise risk management in support of objectives. - Chief Risk Officer services.- Implementation / optimisation of an information security / risk program. Chief Information Security / Risk Officer services. - Risk appetite, tolerance and risk bearing capacity. - Recovery and resolution processes.- Business continuity and crisis management.- Key indicator management framework.- Risk loss event management.- Aggregated interpretive risk management reporting. - Design of a risk oversight program – inclusive of risk management plans and remediation tracking.- Risk scenario management.- Integration and alignment of risk in management processes. - Corporate governance – King IV alignment assessments.- Risk maturity assessment and management. - Project risk management.- Merger / acquisition / start-up due diligence / integration / implementation.- Top management risk awareness briefings. Risk training strategy development and implementation. - New product approval assessment and reviews / facilitation.- Basel Operational Risk services.- Combined assurance.- Board / Executive management and individual risk / governance / strategy training. I provide training on enterprise risk management and related aspects, amongst others as a Certified ISO 31000 Senior Risk Lead Manager and a Certified Trainer. Contact detail: Mobile +27 83 233 4630 or johan.opperman@ristco.co.za. Show less