Expertise Credentials Projects Blog Collaborate Contact Get in Touch ↗

Digital Security
& Governance, Risk Professional.

Turning complex regulatory risk into competitive advantage for organisations that can't afford to fail. 13+ years building enterprise-grade GRC frameworks across banking, manufacturing and education.

Hire Me ↗ Collaborate Download CV
Md Fahmid Wasif
Available
Md Fahmid Wasif
Digital Security & GRC Professional
MPS Candidate — University of Auckland
13+
Years GRC Experience
100%
Audit Pass Rate
GRC ISO 27001 AI Governance BCP/DR Auckland, NZ
Auckland, New Zealand
40+
Regulatory audits led
85%
RTO reduction achieved
$500K
Annual downtime prevented
99%
CMDB accuracy (from 75%)
60%
Audit observations reduced YoY
Core Expertise

What I bring to your
organisation.

🛡
Governance & Compliance
ISO 27001/42001, PCI DSS, NIST CSF, ITIL v3/v4. Sustained 100% satisfactory compliance rating across 40+ regulatory reviews at a major commercial bank.
Enterprise Risk Management
Built IT Risk Frameworks identifying 25+ enterprise risks. KRI monitoring prevented 12 critical incidents annually — saving $500K+ in downtime costs.
🔄
Business Continuity & DR
Architected BCP protecting $2B+ in assets. Reduced RTO from 5 hours to 45 minutes. 95% success rate across 60+ critical application DR tests.
🤖
AI Governance
ISO/IEC 42001 Lead Auditor — formal AI governance credentials. Integrating AI risk into GRC frameworks aligned with OECD & G7 AI Principles.
IT Service Management
Led ManageEngine ITSM for 9,500+ employees. Reduced ticket resolution by 35%, improved user satisfaction from 3.2 to 4.5/5.
Cloud & Infrastructure Security
Azure Administrator, Oracle Cloud AI & Data Science Professional. Cloud governance with 99.7% uptime SLAs across multi-facility networks.
ISO/IEC 42001 ISO/IEC 27001 ISO 20000 ISO 9001 NIST CSF PCI DSS ITIL v3/v4 ServiceNow ManageEngine Microsoft Azure Oracle Cloud Fortinet NSE4 CMDB BCP/DR Design Risk Register Vulnerability Assessment Active Directory Microsoft 365
Credentials

Certified across
security & governance.

🤖
ISO/IEC 42001 Lead Auditor
AI Management System · Mastermind
🔒
ISO/IEC 27001 Lead Auditor
Information Security Management · Mastermind
🗡
Certified Ethical Hacker (CEH)
EC-Council
🛡
Certified in Cybersecurity (CC)
ISC²
OCI 2025 Generative AI Professional
Oracle Cloud Infrastructure
📊
OCI 2023 Data Science Professional
Oracle Cloud Infrastructure
🔵
Azure Administrator Associate
Microsoft Certified
🔥
NSE 4 Network Security Professional
Fortinet
🎓
MPS — Digital Security (in progress)
University of Auckland · Expected June 2026
🏛
Professional Affiliations
Member — Institute of Internal Auditors New Zealand · Member — ISACA
Open Source & Projects

Things I've built
& contributed to.

🛡️ View on GitHub
GRC Automation Toolkit
A collection of scripts and templates to automate common GRC tasks — risk register generation, control mapping, and audit evidence collection.
Python ISO 27001 GRC
🤖 View on GitHub
AI Governance Framework Analyser
Tool to compare and map AI governance frameworks (ISO 42001, OECD AI Principles, G7 Code of Conduct) against an organisation's existing controls.
Python AI Governance ISO 42001
📊 View on GitHub
BCP/DR Dashboard
Interactive dashboard for tracking Business Continuity and Disaster Recovery test results, RTO/RPO metrics, and critical application recovery status.
JavaScript BCP/DR ITSM
🔍 View on GitHub
Vulnerability Assessment Reporter
Generates structured vulnerability assessment reports from scan outputs, maps findings to CVSS scores, and prioritises remediation by business impact.
Python Cybersecurity Risk
📋 View on GitHub
CMDB Accuracy Auditor
Script-based tool for auditing Configuration Management Database accuracy. Compares CMDB records against live infrastructure scans to identify drift.
Python ITSM CMDB
📰 View on GitHub
Personal Portfolio CMS
This website's own CMS — a lightweight PHP + JSON content management system with no database dependency. Manage blog posts, page content, and media.
PHP JavaScript CMS
Latest Writing

Insights on security,
governance & AI.

GRC
IT Governance for Small Organizations: Why It Matters More Than You Think
IT governance isn't just for large enterprises. Small organisations in NZ face the same risks — just with fewer people to absorb the impact. Here's what matters, what to use, and what to avoid.
Feb 28, 2026 Read more →
Data Governance
Part 3 of 3: Scaling to Maturity — How to Make Data Governance Self-Sustaining
You have policies, stewards, and quality metrics. Now the real question: how do you make governance self-sustaining? This final part covers automation, AI readiness, KPIs, and what mature looks like i
Feb 18, 2026 Read more →
Data Governance
Part 2 of 3: Operationalising Data Governance — From Paper Policies to Daily Practice
You've mapped your data and assigned owners. Now comes the harder part — making governance stick. Here's how to build policies, data quality controls, and stewardship workflows that actually get used.
Feb 12, 2026 Read more →
Data Governance
Part 1 of 3: Data Governance from Scratch — How to Build the Foundation Your Organisation Actually Needs
Most organisations know they should govern their data — few know where to start. Here's a practical, NZ-focused guide to building your data governance foundation from scratch.
Feb 2, 2026 Read more →
View All Articles ↗
How I Can Help

For employers &
collaborators alike.

🌏
For Employers Worldwide
Seeking a senior GRC, IT Governance, or Digital Security role with forward-thinking organisations globally.
  • Head of GRC / IT Risk & Compliance
  • Chief Information Security Officer (CISO)
  • Senior Information Security Manager
  • IT Governance Lead / Director
  • Cybersecurity Governance Specialist
  • Business Continuity & DR Manager
  • AI Governance & Risk Advisor
  • Digital Risk & Regulatory Consultant
  • Data Governance Program Lead
  • Enterprise Risk Manager
Contact Me ↗
🤖
Collaborative Projects
Open to research, consulting, and academic collaboration in AI-powered governance and security.
  • AI Agents for GRC & Compliance Automation
  • AI-powered Audit Intelligence & Risk Detection
  • AI Governance Framework Design (ISO 42001)
  • Automated Security Policy Generation & Review
  • AI-driven Vulnerability Assessment Tools
  • Cybersecurity policy development & research
  • Digital security academic papers & publications
  • Startup / SME security advisory & mentoring
Let's Collaborate ↗
Get in Touch

Ready to make
governance work for you.

Whether you're hiring for a senior GRC role, exploring a research partnership, or need advisory expertise — I'd love to hear from you.

me@fahmid-wasif.info
Primary — best for professional enquiries
 📞
+64 27 522 9870
Auckland, New Zealand
 in
www.linkedin.com/in/fahmid-wasif/
Connect professionally
Currently Available
Based in Auckland, NZ with full work rights. Open to full-time permanent roles, contract engagements, and collaborative project work globally. Also available for remote engagements.

Completing a Master of Professional Studies in Digital Security at the University of Auckland (expected June 2026).
Education
MPS — Digital Security
University of Auckland · 2025 – June 2026
MBA — Finance
BRAC University · 2014 – 2016
BSc — Electrical & Electronic Engineering
BRAC University · 2008 – 2012