Darren Booth
National Head of Cyber Security and Privacy Risk

Darren is a Director and the National Head of Cyber Security and Privacy Risk Services in Melbourne.

Darren has delivered security and privacy assessments across multiple countries for large multinational corporations, and locally for Australian based organisations in both the public and private sectors across all industries.

"I enjoy translating cyber security risks into business language, combining my deep technology risk knowledge with high-impact communications to c-suite and board levels."

He has worked on an extensive range of technology risk management projects including technical security assessments, governance and strategy, data privacy, third-party risk, cloud security assessments and risk strategy, cybersecurity, and much more. 

Darren is also currently supporting the Consumer Data Right (CDR) accreditation for Open Banking and Open Energy applicants seeking unrestricted, sponsor/affiliate, or principal/representative agent access.

Residing in a little beach town in Mornington Peninsula, Darren loves spending his free time with his family and five children.

Prior to joining RSM, Darren worked for a global internal audit and risk consulting firm for over 12 years in London and Melbourne, where he led the Melbourne office’s IT internal audit, technology risk, and data analytics solutions.

Darren Booth is a Partner of RSM Australia Partners and a Director of RSM Australia Pty Ltd.

SIGNIFICANT PROJECTS

  • RSM Australia recently completed the first CDR information security accreditation for a FinTech (non-ADI Open Banking) and Darren was the lead assurance practitioner for the independent assurance report (ASAE 3150). This involved assessing the design and implementation of controls for Part 1 and Part 2 of Schedule 2 in the CDR Rules.

  • Led the General Data Protection Regulation (GDPR) and Australian Privacy Principles implementation project for an Australian headquartered international cosmetics retailer. The engagement was subsequently expanded to include a new POS risk assessment and a Payment Card Industry Data Security Standard (PCI DSS) advisory project.
  • Performed a cyber security assessment of a diverse conglomerate, benchmarking against a matrix framework based on ISO27001, NIST Cyber Security Framework, Australian Government Essential Eight, and Centre for Internet Security (CIS) Top 18 Critical Security Controls
  • Assessed the secure configuration of a Microsoft Azure and Amazon Web Services (AWS) multi-cloud environment, using the Cloud Security Alliance (CSA) guidance, CIS Benchmarks, and AWS Security Best Practices and Well Architected Framework.
  • Spearheaded a vulnerability assessment and CREST accredited penetration test at a financial services organisation to assist with CPS 234 compliance.
  • Evaluated compliance against the Victorian Protective Data Security Standard (VPDSS) and the Australian Government Information Security Manual (ISM), and developed a roadmap to compliance based on gaps identified and remediation of quick wins.

ASSOCIATIONS

  • Professional Member of the Institute of Internal Auditors (IIA)
  • Member of the Information Systems Audit and Control Association (ISACA)

QUALIFICATIONS

  • Certified Information Systems Auditor (CISA)
  • Certified Internal Auditor (CIA)
  • Certified Data Privacy Solutions Engineer (CDPSE)
  • Internal Audit Quality Assessment Reviewer
  • Masters of Engineering and Management (University of Manchester)

Services

Cloud Security

Cloud Security, Configurations and Benchmarking
Darren Booth

Vulnerability Assessments and Penetration Testing
Information and Cyber Security Risk

Security Frameworks, Governance, Risk, and Compliance
Security Transformation

Security Transformation
Forensic Technology

Forensic Technology
Security & Privacy Services

Security & Privacy Services

Sectors

Energy and resources

Energy and resources
Government

Government
Darren Booth

Health

Articles & Insights

Why are so many genuine NDIS providers doing it tough?
Consumer Data RightCustomer Data Right | Information security accreditation
Read more >
Why are so many genuine NDIS providers doing it tough?
Darren Booth
Navigating the incoming changes impacting NDIS and disability service organisations | Melbourne & Sydney
Past Events at RSM
Read more >
Navigating the incoming changes impacting NDIS and disability service organisations | Melbourne & Sydney
Darren Booth
The definitive guide to CDR access
Cyber Security & Resilience ServicesCloud SecurityInformation and Cyber Security RiskCustomer Data Right | Information security accreditation
Read more >
The definitive guide to CDR access
The definitive guide to CDR access
Boundaries of the CDR Data Environment
Consumer Data RightRisk Advisory insightsRisk Advisory ServicesCustomer Data Right | Information security accreditation
Read more >
Boundaries of the CDR Data Environment
Boundaries of the CDR Data Environment
IT due diligence, a must in today’s cybersecurity landscape for any merger or acquisition
Information Technology AuditDue Diligence
Read more >
IT due diligence, a must in today’s cybersecurity landscape for any merger or acquisition
Darren Booth
Cyber security and IT for small business - with guest speaker Darren Booth | talkBIG podcast | Season 2 Episode 8
talkBIG PodcastINSIGHTS - Updates for small to medium businesses
Read more >
Cyber security and IT for small business - with guest speaker Darren Booth | talkBIG podcast | Season 2 Episode 8
Cyber security and IT for small business – with guest Darren Booth
Case Study: Verifier
Case Studies
Risk Advisory - Case Studies
Read more>
Darren Booth