Paul Macharia

Paul is an Audit, Risk, Compliance & Project Management professional with over 11 year’s progressive work experience. Some of the organizations he has served in senior positions are KPMG, PWC, Liberty Kenya Holdings and Haco industries Kenya Ltd.

His Specific expertise and experience is in Group Internal Audit, Risk and Compliance, Information Risk Management, Data Analytics for Business System Controls, Data Migration Reviews, Information Security Requirements Review, Project Assurance, IT Audits, and Revenue Assurance. While at KPMG & PwC, he served clients across Sub-Saharan Africa in industries ranging from financial services, Consumer & Industrial markets, Energy and Natural Resources.

Some of the clients for whom He conducted system audits, compliance reviews and project assurance includes Standard Chartered Bank – SSC East, Housing Finance, Central bank of Kenya, NIC Group Limited, Citibank Tanzania Limited, Development Bank of Kenya, ICDC, I & M Bank Kenya Limited, Habib Bank AG Zurich, Habib Bank Kenya Limited, East Africa Breweries Limited, Serengeti Breweries Tanzania Ltd, Tanzania National Electricity Supply Company (TANESCO), Total Tanzania Limited, Libya Oil Kenya Limited, National Oil Corporation of Kenya amongst others.

He has also worked as a Corporate Risk Manager and ERP Project Manager responsible for carrying out technology compliance reviews and project assurance roles at one of the leading manufacturers in Kenya.

While working at Rigor Systems Limited, he has led teams to deliver assignments for M Oriental Bank Ltd, and Bank of India. These assignments range from Information Risk Management in External Audit, to compliance to CBK Guidelines & notes on Risk Management, Business Continuity and Cybersecurity.

He graduated from the University of Greenwich with a Master of Science in Computing (Data Warehousing and Data Mining) in 2005. He is a holder of the Fellow, Association of Chartered Certified Accountants (ACCA) qualification, Certified Internal Auditor (CIA) certification from the Institute of Internal Auditors (IIA), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM) and Certified in Risk and Information Systems Control (CRISC) certifications from the Information Systems Audit and Control Association (ISACA). He is also a Gold member of both internal and local chapters of Information Systems Audit and Control Association (ISACA).