Our People


Riaan is a security and privacy specialist working with the Risk Advisory team in Perth. 

With extensive experience in both the local and international markets and expertise across a range of industries, Riaan provides  IT audit, cyber security, data analytics and risk management at both RSM Australia and other prominent consulting and international corporate organisations.

He is a trusted advisor to many medium and large organisations to supply practical cyber security, technology risk and assurance consulting services.

“Having experience across various industries of both private and public companies performing various cyber, IT and security engagements, consulting and advisory services for more than 20 years, I thrive on helping organisations achieve their governance goals, improve their security posture and implement better and practical control frameworks that are fit for purpose and practical.”

When Riaan’s brain is not spinning a million-miles-an-hour with practical and innovative ideas you can find him having a barbeque with family and friends, camping, four wheel driving, watching sport and basically any activity that gets him outdoors.  Riaan provides  IT audit, cyber security, data analytics and risk management at both RSM Australia and other prominent consulting and international corporate organisations.

Solutions Riaan provides 

  • Cyber security
  • IT audit
  • Internal & project audit
  • IT Risk management & governance services
  • Data analytics

Significant projects

  • Performed and managed various Cyber Security reviews, Cyber Strategy development, Business Continuity, Disaster Recovery, Incident Response, Cyber Resilience reviews, Security gap analysis and specialised security engagements for various medium to large organisations in various industries based on NIST, COBIT, ISO and other relevant industry standards and frameworks
  • Developing and implementing strategies and frameworks including governance, risk, IT security, assurance (IT & Project Audit), policy, project management, process modeling, change management, software development and enterprise architecture and Information Management Systems in various medium to large organisations in various industries
  • Embedded data analytics into internal audit programmes and transformed internal audit functions using traditional internal audit techniques to continuous monitoring through data analytics.
  • Provided assurance for various large and complex business projects including national, international consolidation and migration of key financial, operational and legacy systems from various providers, technology and infrastructure platforms for various industries.


  • Information Systems Audit and Control Association (ISACA)
  • The International Information System Security Certification Consortium (ISC)2
  • Australian Information Security Association (AISA)


  • Certified Information Systems Security Professional (CISSP®) 
  •  Certified Information Systems Auditor (CISA)
  •  Certified Information Security Manager (CISM)
  •  Certified in Risk and Information Systems Control (CRISC)
  •  Certified in the Governance of Enterprise IT (CGEIT)
  •  ISO/IEC 2700 Practitioner
  •  Certified Process Professional (CPP)
  •  Certified Enterprise Architect
  • Certificates in Prince2, Agile PM, COBIT, ITIL, ACL

CPS 234 – Tripartite Audit

12 December 2022
RSM is one of those few organisations that are uniquely qualified to perform the audit and report in line with the ASAE 3150 standards required by APRA. What is the CPS 234 Tripartite Audit? The CPS 234 Tripartite Audit is a one-off audit requested by APRA in response to an increasing number of cyber incidents and data breaches reported to ...

thinkBIG report: Cyber security

27 June 2022
Just because your business is small, doesn’t mean it’s safe from cyber attack. In fact, a cyber criminal may target small businesses because they’re less likely to have sophisticated cyber defences. Read about what you can do to ensure your business is cyber secure.  ...

Technology Due Diligence

10 May 2022
For private equity and corporate acquirers, identifying and assessing technology that can affect capital allocation and growth potential is critical during the diligence process. Technology risks can consume significant post deal investment or impair long term revenue gains. On the buy side of a deal, this information can validate the asking pri...

Risk Insider Newsletter - Edition #11

14 March 2022
We hope that this edition of the Risk Insider finds you well. The current circumstances that we are faced with are unprecedented and devastating. We want to take this opportunity to extend our support to any businesses that have been affected during this time

Protect the future of your business with security certification

2 December 2021
Cybersecurity is a real risk and one that needs to be considered and managed effectively in order to protect the future of your business.  Every business faces cyber threats, both internally and externally, regardless of the industry they operate in.  Just as cyber threats evolve over time, cybersecurity must evolve with it. This...

Risk Insider Newsletter - Edition #9

31 August 2021
Cybersecurity and data privacy issues continue to make headlines, and the risks surrounding them are only increasing. The demands on chief information security officers and chief technology officers expand as data moves from in-house systems to cloud computing, mobile devices, remote work setups, and new technologies including artificial intelligence and robotic process automation.

Why public entities and non-profits need to step up cyber security

19 July 2021
As the past few years have shown, no organisation is exempt from the dangerous and malicious actions of criminal cyber entities.  In 2020 alone we saw several state government departments and large not-for-profit organisations become the subject of major attacks, with highly confidential data placed at risk or stolen.   With this in...

Cyber security concerns for businesses

7 July 2021
Technology has brought many advantages to the way we work – from helping us be more efficient, to providing a suite of new ways to serve customers. However, every upside must have a downside. For technology, it’s cyberattacks and threats from disgruntled insiders or external hackers who make a living stealing personal data and leveraging it ...

Risk Insider Newsletter - Edition #7

1 March 2021
As cybersecurity continues to affect the bottom line of many companies, the need to continually assess and improve your security posture is paramount. As cybersecurity threats and data security events continue to evolve, understanding the costs and resources necessary to respond to a data breach is essential.

Have you considered your cyber security risk exposure?

15 February 2021
While it’s assumed that your business may have risk management practices in place to identify and manage various risks associated with the business environment, have you considered your cyber security risk exposure? Businesses face a range of threats, both internally and externally, which continue to evolve over time. Cyber security is a real ...

Home office security essentials and tax deductions during COVID-19

26 March 2020
To minimise the spread of COVID-19, businesses across the globe are hurrying to implement remote working for employees. For many, the opportunity to work from home may be an exciting novelty – offering the chance to avoid the daily commute and catch a few hours’ extra sleep in the morning and ditch the peak hour drive home.    B...