Stacey D'cruze
About Stacey D'cruze
Stacey D'cruze is the Associate Director of Technology Consulting (IT Risk) at Protiviti, with extensive experience in IT risk advisory and governance roles across various sectors.
Title and Current Role
Stacey D'cruze is currently serving as the Associate Director for Technology Consulting (IT Risk) at Protiviti. Starting in 2022, her role focuses on providing specialized IT risk consulting services, helping organizations manage and mitigate technology risks effectively.
Previous Roles at nbn™ Australia
Prior to her current role, Stacey held several significant positions at nbn™ Australia. She served as the Senior Manager for Product Operations & Governance from 2020 to 2022, and the Senior Manager for Business Strategy, Planning & Governance from 2019 to 2020. Earlier, she took on the roles of Manager for Group Internal Audit from 2018 to 2019 and Senior Analyst for Group Internal Audit from 2017 to 2018, all in Melbourne, Australia.
Career at RSM Australia, EY, and Grant Thornton
Stacey also brought her expertise in IT risk advisory to RSM Australia as an Audit Senior from 2016 to 2017 and contributed to EY as a Consultant in IT Risk Assurance from 2015 to 2016. Her early career includes a role at Grant Thornton Australia as a Consultant in Operational Advisory, where she worked from 2013 to 2015 in the Melbourne area, Australia.
Education Background
Stacey holds a Master of Business Administration (MBA) from Monash Business School and a Bachelor of Business in Accounting and Econometrics from Monash University, reflecting a strong foundation in business and analytical disciplines.
Expertise in IT Risk and Compliance
Stacey has demonstrated significant expertise in IT risk and compliance. She conducts Payment Card Industry Data Security Standard (PCI DSS) reviews to ensure the security of payment card data. Her work also includes developing Disaster Recovery Plans (DRP) and Business Continuity Plans (BCP) to ensure organizational resilience. Furthermore, she performs Service Organisation reviews under standards ASAE3402/3150 and has a strong background in risk advisory, particularly in benchmarking and compliance with ISO 31000 standards.
Industry Experience
Throughout her career, Stacey has worked across a variety of sectors, including telecommunications, retail, education, government, and transport. This diverse experience gives her a broad understanding of industry-specific challenges and allows her to effectively tailor her risk advisory services to meet the unique needs of different sectors.