Ervin Jocson

Partner – Risk Assurance, PwC

Ervin is a Partner with over 17 years of international experience in business and IT consulting, implementation, risk management and assurance. He specialises in ‘Digital Trust’ bringing together the various technology risk domains – cyber, big data, business process and controls, project/programme and third-party outsourcing.

Prior to relocating  to Singapore, he was based in the UK and EMEA working with various mutlinational organisations on tech risk and cyber protection initiatives.

He has held the role of head of Global IT Internal Audit for UK Plc’s such as Informa and Seadrill, and advised boards, audit committees and CIO/CSIO’s on proactive Digital Trust and IT transformation risks and opportunities.

Ervin was also the CTO for a major UK Utilities company, leading their technology strategy /architecture and CNI Security programme.

He has led GRC solution alliances with all leading Gartner Magic Quadrant solutions providers (Openpages, RSA Archer, Metricstream, Teammate, Bwise, SAP, Oracle, Cura).

Specialist Domains:

  • Technology Risk Management
  • Cyber Security Assessment and Penetration Testing
  • Enterprise and Technical architecture
  • Cloud and virtualisation, convergence security and DRP
  • IT Strategy and Innovation
  • IT Controls and Policy Development
  • IT Project and Programme Risk Management
  • Commercial and Outsourcing Risk Management

Education and qualifications:

  • Bachelor of Science and Comerce– Information Systems (University of Melbourne)
  • CoBIT 5.0, TOGAF, eTOM, Six-Sigma, Prince2. ITIL

Sample Tech Risk and Cyber engagements

  • SingTel Cyber Security Institute: Lead corporate and exco trainer for PwC Cyber simulation.
  • Various Singapore List Co: Led the cyber security review and assessment over cross-sector (FS, FMCG, Hospitality, Telco) companies, reporting to ListCo boards and audit committees.
  • UK Utilities CNI: As CTO led the cyber security strategy and review for a utility company – covering SCADA, operations, customer contact, treatment, logistics.
  • UK Global Telco: Led the security and controls review for acquired German OpCo.
  • Enterprise IT and Architecture Review: Led the risk review of a global Australian bank’s Singapore operations to identify points of compromise & failure and design remediation plan to comply with MAS 644 regulatory requirements.
  • IT Due Diligence: Led operational and security assessments pre and post deal ( cyber posture, network penetration, access controls, DR/BCP)
  • ITDD and Post merger integration:
  • Australia’s largest Telco and its full acquisition ($600m) of a managed services and application development company.
  • ITDD and carve-out strategy for various industry plays (Banking, Telco, Pharma, Healthcare, Media).
  • Led the PE IT DD over a Vietnam based bank.
  • Stream lead for post deal integration programme for a UK based bank – involving transition of IT assets, decommission/migration of core banking platform and upstream systems.


Stay in the loop with MoneyLIVE

Subscribe to our newsletter to receive news, insights and special offers.