Expertise Credentials Projects Blog Collaborate Contact Get in Touch ↗

Digital Security
& Governance, Risk Professional.

Turning complex regulatory risk into competitive advantage for organisations that can't afford to fail. 13+ years building enterprise-grade GRC frameworks across banking, manufacturing and education.

Hire Me ↗ Collaborate Download CV
Md Fahmid Wasif
Available
Md Fahmid Wasif
Digital Security & GRC Professional
MPS Candidate — University of Auckland
13+
Years GRC Experience
4
Help Organization with ISO
GRC ISO 27001 AI Governance BCP/DR Auckland, NZ
Auckland, New Zealand
40+
Regulatory audits led
85%
RTO reduction achieved
$500K
Annual downtime prevented
99%
CMDB accuracy (from 75%)
60%
Audit observations reduced YoY
Core Expertise

What I bring to your
organisation.

🛡
Governance & Compliance
ISO 27001/42001, PCI DSS, NIST CSF, ITIL v3/v4. Sustained 100% satisfactory compliance rating across 40+ regulatory reviews at a major commercial bank.
Enterprise Risk Management
Built IT Risk Frameworks identifying 25+ enterprise risks. KRI monitoring prevented 12 critical incidents annually — saving $500K+ in downtime costs.
🔄
Business Continuity & DR
Architected BCP protecting $2B+ in assets. Reduced RTO from 5 hours to 45 minutes. 95% success rate across 60+ critical application DR tests.
🤖
AI Governance
ISO/IEC 42001 Lead Auditor — formal AI governance credentials. Integrating AI risk into GRC frameworks aligned with OECD & G7 AI Principles.
IT Service Management
Led ManageEngine ITSM for 9,500+ employees. Reduced ticket resolution by 35%, improved user satisfaction from 3.2 to 4.5/5.
Cloud & Infrastructure Security
Azure Administrator, Oracle Cloud AI & Data Science Professional. Cloud governance with 99.7% uptime SLAs across multi-facility networks.
ISO/IEC 42001 ISO/IEC 27001 ISO 20000 ISO 9001 NIST CSF PCI DSS ITIL v3/v4 ServiceNow ManageEngine Microsoft Azure Oracle Cloud Fortinet NSE4 CMDB BCP/DR Design Risk Register Vulnerability Assessment Active Directory Microsoft 365
Credentials

Certified across
security & governance.

🤖
ISO/IEC 42001 Lead Auditor
AI Management System · Mastermind
🔒
ISO/IEC 27001 Lead Auditor
Information Security Management · Mastermind
🗡
Certified Ethical Hacker (CEH)
EC-Council
🛡
Certified in Cybersecurity (CC)
ISC²
OCI 2025 Generative AI Professional
Oracle Cloud Infrastructure
📊
OCI 2023 Data Science Professional
Oracle Cloud Infrastructure
🔵
Azure Administrator Associate
Microsoft Certified
🔥
NSE 4 Network Security Professional
Fortinet
🎓
MPS — Digital Security (in progress)
University of Auckland · Expected June 2026
🏛
Professional Affiliations
Member — Institute of Internal Auditors New Zealand · Associate Member — IT Professionals New Zealand
Open Source & Projects

Things I've built
& contributed to.

🛡️ View on GitHub
GRC Automation Toolkit
A collection of scripts and templates to automate common GRC tasks — risk register generation, control mapping, and audit evidence collection.
Python ISO 27001 GRC
🤖 View on GitHub
AI Governance Framework Analyser
Tool to compare and map AI governance frameworks (ISO 42001, OECD AI Principles, G7 Code of Conduct) against an organisation's existing controls.
Python AI Governance ISO 42001
📊 View on GitHub
BCP/DR Dashboard
Interactive dashboard for tracking Business Continuity and Disaster Recovery test results, RTO/RPO metrics, and critical application recovery status.
JavaScript BCP/DR ITSM
🔍 View on GitHub
Vulnerability Assessment Reporter
Generates structured vulnerability assessment reports from scan outputs, maps findings to CVSS scores, and prioritises remediation by business impact.
Python Cybersecurity Risk
📋 View on GitHub
CMDB Accuracy Auditor
Script-based tool for auditing Configuration Management Database accuracy. Compares CMDB records against live infrastructure scans to identify drift.
Python ITSM CMDB
📰 View on GitHub
Personal Portfolio CMS
This website's own CMS — a lightweight PHP + JSON content management system with no database dependency. Manage blog posts, page content, and media.
PHP JavaScript CMS
Latest Writing

Insights on security,
governance & AI.

Business Continuity
Cutting RTO from 5 Hours to 45 Minutes: What the Textbooks Don't Tell You
Fewer One in three organisations can recover from even a small crisis within a week. Here is how Bank DR redesign cut recovery time by 85% across 187 branches and what actually drove the improvement.
Jun 5, 2026 Read more →
AI Governance
What I Learned Building an Enterprise AI Governance Framework from Scratch
In 2023, AI tools were live at a leading Bank with no place in the risk register. Here is what eighteen months of building an enterprise AI governance programme from nothing actually taught me.
Jun 1, 2026 Read more →
GRC
How to Cut Critical Audit Observations by 60%
Only 29% of organisations say their compliance programmes consistently meet standards. Over three years and 20+ audits at Bank, we reduced critical observations by 60% YoY.
May 23, 2026 Read more →
View All Articles ↗
How I Can Help

For employers &
collaborators alike.

🌏
For Employers Worldwide
Seeking a senior GRC, IT Governance, or Digital Security role with forward-thinking organisations globally.
  • Head of GRC / IT Risk & Compliance
  • Chief Information Security Officer (CISO)
  • Senior Information Security Manager
  • IT Governance Lead / Director
  • Cybersecurity Governance Specialist
  • Business Continuity & DR Manager
  • AI Governance & Risk Advisor
  • Digital Risk & Regulatory Consultant
  • Data Governance Program Lead
  • Enterprise Risk Manager
Contact Me ↗
🤖
Collaborative Projects
Open to research, consulting, and academic collaboration in AI-powered governance and security.
  • AI Agents for GRC & Compliance Automation
  • AI-powered Audit Intelligence & Risk Detection
  • AI Governance Framework Design (ISO 42001)
  • Automated Security Policy Generation & Review
  • AI-driven Vulnerability Assessment Tools
  • Cybersecurity policy development & research
  • Digital security academic papers & publications
  • Startup / SME security advisory & mentoring
Let's Collaborate ↗
Get in Touch

Ready to make
governance work for you.

Whether you're hiring for a senior GRC role, exploring a research partnership, or need advisory expertise — I'd love to hear from you.

me@fahmid-wasif.info
Primary — best for professional enquiries
 📞
+64 27 522 9870
Auckland, New Zealand
 in
www.linkedin.com/in/md-fahmid-wasif/
Connect professionally
Currently Available
Based in Auckland, NZ with full work rights. Open to full-time permanent roles, contract engagements, and collaborative project work globally. Also available for remote engagements.

Completing a Master of Professional Studies in Digital Security at the University of Auckland (expected June 2026).
Education
MPS — Digital Security
University of Auckland · 2025 – June 2026
MBA — Finance
BRAC University · 2014 – 2016
BSc — Electrical & Electronic Engineering
BRAC University · 2008 – 2012