About Rizwan Ahmad
Dr. Rizwan Ahmad, Ph.D., is a seasoned cybersecurity professional boasting more than two decades of expertise. Currently serving as the Managing Director of Cianaa Technologies, he plays a pivotal role as a member of the New Zealand ISO standards for SC27, actively engaging in research contributions to ISO standards. Additionally, he represents New Zealand within the IT-030 Joint Standards Committee, a collaborative effort between Australia and New Zealand Standards.
Dr. Ahmad has previously held the position of CEO at the Cloud Security Alliance New Zealand Chapter, where he made significant contributions to the development of the Cloud Control Matrix. With 15 years of auditing experience, he possesses a wealth of knowledge to deliver evidence-based assessments. He holds ISO/IEC 27001 Senior Lead Auditor, ISO/IEC 27001 Lead Implementer, CSMA for ISO/IEC 27001 and ISO/IEC 27701, and PCI DSS QSA certificates.
About the experience in auditing
I possess significant experience performing cybersecurity audits for diverse entities, guaranteeing adherence to industry regulations and pinpointing weaknesses in their systems. Throughout an extensive career serving clients of the New Zealand Government, I have overseen and completed evaluations utilizing the New Zealand Government Risk Management Framework and NZISM version 3.7 Control Catalogs.
My proficiency involves evaluating network security, scrutinizing protocols and guidelines, and suggesting strategies to bolster security readiness. I am committed to aiding organizations in fortifying their defenses against cyber risks and safeguarding their critical assets. Additionally, I employ a unified approach to auditing by corroborating evidence from multiple origins to underpin fact-based reporting.
In the evolving landscape of our industry towards cloud services, mobile and wireless networks, social media, big data, AI, hyperscale data centers, and data protection regulations like GDPR and ISO/IEC 27701, my role as a cybersecurity auditor has involved me in the strategic investments of an organization as it navigates the complexities of ICT systems.
As an IT auditor, my responsibility is to assist clients in aligning their business with risk management methodologies and cybersecurity best practices, offering decision-making support at an executive level and operational guidance to stakeholders of Information Management Systems (ISMS) or Privacy Information Management Systems (PIMS).
Ultimately, the focus remains on upholding the confidentiality, integrity, and availability of information assets crucial for managing and assessing risk in alignment with overarching business goals.
A significant challenge in auditing lies in simplifying intricate information, such as ISO standards, to make it accessible to a wide range of stakeholders. Employing audit methodologies like ISO 19011 and ISO/IEC 17021, along with completing the CMSA training program, has been instrumental in meeting this challenge.
Rizwan's experience with MSECB
Throughout an extensive career and participation in numerous IT certification programs, I have recognized the significant value of collaborating with MSECB to leverage my audit qualifications, which encompass expertise in Information Security (ISO/IEC 27001:2022) and Privacy (ISO/IEC 27701). These certifications have elevated my status to that of a seasoned auditor.
MSECB’s personnel and resources are esteemed within the industry for their expertise in information security and privacy. This esteem is thoroughly justified. MSECB extends a range of services to independent auditors, including well-informed professional staff, online tools, complimentary CMSA training, and cutting-edge technologies for executing relevant ISO audits.
During each audit assignment, MSECB has furnished invaluable guidance and assistance in the preparation, reporting, and certification processes for an ISO audit. Their team of specialists consistently offers quality assurance support by scrutinizing reports, ensuring compliance with the applicable standards, and addressing matters related to non-conformity and certification.
Furthermore, MSECB facilitates connections with a network of auditors via social media platforms. This network has allowed me to establish a knowledge-sharing platform that supports the current and forthcoming standards (ISO/IEC 27001:2022). As our organization transitions to updated ISO standards, MSECB remains forward-thinking by supporting existing clients and presenting new audit prospects for professionals such as myself.
MSECB Auditor Profile
Rizwan Ahmad has been with MSECB since 2016 and has conducted numerous audits for ISO/IEC 27001:2022 and ISO/IEC 27701:2019.
He is a highly skilled professional with extensive experience, a strong educational background, and a passion for auditing.
His auditing expertise and dedication make him an invaluable asset in any organization, contributing to its success and growth.
We are honored to have him as part of MS Auditor’s Network!
Become an Auditor
Build endless connections and professional networks by joining our team of over 500 MSECB Auditors.
We welcome you on board!