As an auditor, I have developed a reputation that attests that I know what I am doing, my views are factual and unbiased; and my fundamental key to the success of every audit engagement is the reputation for objectivity.
About Eric Odae
I am a professional Governance, Risk and Compliance (GRC) practitioner, enthusiastic about data privacy, cyber and information security, with a focus on the implementation, maintenance, and auditing of privacy and information security management systems based on ISO/IEC 27001 and ISO/IEC 27701.
My passion for computers and information technology started after my secondary education at Mfantsipim School, which happens to be the oldest secondary school in Ghana, in 1997. After that, I attended IPMC, where I graduated with a diploma in Information Technology, in 2000. In 2001, I had an opportunity to work with an IT firm that was a reseller and distributor for Dr. Solomon’s Antivirus (now McAfee) and other endpoint security solutions.
I began as an AV installer and support specialist and later had multiple trainings in various McAfee products (both software and hardware). I was one of the first few people globally to be certified by McAfee as a Product Specialist (ePO Certification) in the early 2000s.
By 2004, I had deployed multiple McAfee security solutions for over 95% of the companies that formed the elite Ghana Club 100. My greatest achievement during that period was being able to remotely deploy and centrally manage from a single console McAfee endpoint security solution on approximately 20,000 nodes across a Pan African bank with over 55 affiliates in Africa, Europe, and the Middle East.
Since then, I have worked solely in cyber and information security and its related domains, both as a trainer and consultant. The practical experience gained from work permitted me to provide students with personal, hands-on practical information in addition to the textbook theory.
In 2008, I graduated from the Pentecost University College (now Pentecost University) with a BSc in Information Technology awarded by the University of Ghana. I received my first certification in Ethical Hacking (CEH v7) in 2013. In 2014, I attained my Certified Information Systems Auditor (CISA). Later, I attained a postgraduate certificate in IT Law from the Wisconsin University College, Ghana, in 2015.
I am an IT Auditor and an ISMS Auditor with 10+ years of unique and diverse working experience and technology skills. Proven expertise in creating and managing enterprise audit and compliance programs, Cyber/Information security strategies and initiatives.
Additionally, since 2015, I have been the CEO/Founder of IT Governance and Standards Consult, a GRC and cyber security firm. I am a professional team player whose expertise also includes designing, implementing, and training in different disciplines related to governance, risk management and compliance.
As the CEO of IT Governance and Standards Consult and an MSECB auditor, I always champion the audit of Information Security and Business Continuity Management Systems. Due to my experience and the knowledge gained, I have successfully consulted and audited several industries and institutions in banking, financial technology (fintech), manufacturing, hospitality, insurance, and government institutions both in Ghana and abroad.
Currently, I am pursuing a graduate study in Digital Forensic from the EC-Council University.
About the experience in auditing
Despite my years of experience as an auditor, I see every audit engagement as a learning curve. Every day I seek to learn something new, and I usually succeed. For me, any opportunity I get to expand my skills and knowledge is a huge success. Auditing is a great opportunity for learning.
As an auditor, any new audit engagement I get involved with is an avenue to broaden my horizons by learning some incredible things from the people I am auditing. I always approach every audit engagement with a very flexible and cooperative mindset.
As a curious auditor, it is always exciting to have a new process explained to me. If there is a flaw in the process, then it becomes an opportunity. All my audit engagements have been approached with positives as my focus. But nevertheless, if there are any types of nonconformities, they will be written and written accurately as it is.
‘Begin each and every audit with a fair and transparent mindset, and you will naturally produce excellent results.’ – I always put myself in a learning frame of mind before every single audit. I also try to engage with other auditors to observe and learn from them where possible.
The most challenging thing is to maintain a state of mental focus for multiple hours. It can be exhausting. In my opinion, being physically fit is the best way to enable the needed level of focus.
Eric’s experience with MSECB
My experience with MSECB has been an awesome journey. To me MSECB is the certification body of choice. As a world acclaim provider of audit and certification services, MSECB has offered me enough expertise on multiple management standards, including but not limited to Information Security, Quality Management, Business Continuity, and Data Privacy.
My decision of partnering with MSECB was as a result of a proven track record of providing the knowledge, experience, and skills needed to perform as a professional auditor and trainer.
Choosing a certification body to partner and conduct audits on their behalf, was very vital decision, as I needed a certification body, I shared the same values with. This was evident in MSECB.
After several years of conducting audit activities on behalf of MSECB, I can confidently state that MSECB certified organizations have found themselves part of the most successful markets around the world by embracing a continually improving culture.
I spend most of my working hours either as a certified auditor for MSECB or as a consultant both nationally and internationally on GRC and cyber security matters. My career has always been a source of inspiration to look for what is different, unique, and to create a niche for myself either as an auditor, trainer, or consultant.
MSECB Auditor Profile
In 2016, Eric Odae joined the MSECB Network of Auditors, and since then he has led ISO/IEC 27001 audits for many organizations of different fields and sizes. By being keen on details and knowing the right questions that need to be asked, he has shown clients that the journey towards certification is just as important as the end result.
We are honored to have him as part of our team!
Become an Auditor
Build endless connections and professional networks by joining our team of over 500 MSECB Auditors.
We welcome you on board!