DIR/CEO  Senior Consultant  IT Governance, Security  and Risk Management   

11/24, Melder Place, Nugegoda, Colombo, Sri Lanka

(    + 94 777372697   0112825177
*     This email address is being protected from spambots. You need JavaScript enabled to view it.   


Thilak Pathirageisan industry recognized professional in IT Governance, Assurance, Information Security and Risk Management having over 36 years of experience in banking and financialservices industry both in local and overseas. Heis apracticingITGovernanceandriskmanagementprofessionalwithextensiveexperienceinOperational RiskManagement,InformationSecurity,Informationriskmanagement,BusinesscontinuityManagement andInformationSystems Assurance& Audit for overtwo decades.Thegreatmajorityofhisexperience is in the banking and financial services industry,but covers also manufacturing and government.


He holds several global certificationsinIT Governance, IT Assurance, InformationSecurity and RiskManagement with soundbusinessmanagementbackground.Heis probably the first Sri Lankan to win, CISA, CISM, CRISC CGEIT, and CBCP certifications with such a business background in the Country.


Pathirage was a member of the senior management team of Seylan Bank PLC for 10 years and has been headed  Information System Audit, Information Security,  Operational RiskManagement (ORM), where created Information System audit Function, operational riskmanagement function,Information risk management function(oversee theInformation Risk Governance Officers role)andBusiness Continuity RiskManagementfunction.  While in the  Bank service, he has also been seconded to the CEO position ofCISSLtd, aspecialistinformationsecurityconsultancyarmof the Group of companies whichwas incorporated in 1992.


He started his careerinBankofCeylonand latermigratedtooverseastotakeupaposition in informationGovernance roleandjoinedSeylan in1997whereheintroducedandimplemented IT Governance,Assurance, Basel 2 basedOperationalRisk management policies/framework and programmes and InformationRiskGovernance Polices/frameworkandprogrammesincluding, ITRiskManagementandBusinessContinuity Managementfor thefirsttime in Seylan Bank.


He has being  conducting several consultancy engagements in many cooperate clients including Banks, finance companied, BPOs, software companies , Telcos etc. He also conducts publicworkshopson ITGovernance,RiskManagement,Business Continuity Operational Risk andinformationSecurity relatedtopicsforlastseveralyearsandhaswonthebestITSecurityTrainingAwardinyear2008,offered byISACASriLankaChapter.HeisavisitinglectureronInformationSecurityManagementat theUniversity OfColombo SchoolofComputing(UCSC)forseveralyearsandthefunderlecturer ofDISCProgramof ICASL. Heisalsoa publicspeakeratvariousnational&internationalforumsandseminars andhas published several presentations and research papers.


Pathirage wasa member ofICTA  (Information Technology Advisory Authority of Government of Si Lanka) eSecurity workinggroup in SriLankaand has chaired the Computer EmergencyReadinessTeam(CERT)subcommittee.HeisaFounderMemberand thePromoterofISACA SriLanka Chapterin1996andthefounderandthepresent Presidentofthe (Information System Security Association (ISSA)chapterSriLanka( He is also the Past VicePresident and CISA coordinatorfor several years.


Currently he is the DIR/CEO and the principal consultant of ITGRC Ltd. He is also attached to the visiting lecture panels of  both Colombo and Sri Jayawardenapura Universities on information security related topics.  He is a voluntary researcher of strategic management of IT Governance, Operational Risk Management InformationSecurityandOperational Risk,Information RiskManagementandEnterpriseRiskManagement in general. Healsohasbeenconductingseveral certificationprogrammes on CISA, CISM,CISSP and CRISC for the benefit ofthe new entrance tothe profession.



Professional Memberships

·            The Information Systems Audit & Control Association  (ISACA)- USA

·            The   Disaster Recovery Institution International- (DRII)– USA

·            The Information Systems & Security Association (ISSA)– USA

·            The International Information Systems Security Certification Consortium(CISSP) –ISC2 USA

·            Postgraduate Institute of Management of Sri Jayawardenapura (PIM)- Alumni Association

·            Institute of Bankers of Sri Lanka (IBSL)

·            Association of Professional Bankers of Sri Lanka(APBS)

·            Chartered Institute of Securities and Investment (CISI) London

·            Institute of Operational Risk Management (IOR) –UK

·            Member of Global Risk Community


To read his full profile:

Read More


Dr. KasunDr Kasun De Zoysa - Ph.D. in Computer Security , Licentiate of  Philosophy in Computer and System  Sciences B.Sc. Spl  in Computer Science (First Class     Honors)

Senior  Advisor- Information Security

11/24, Melder Place, Nugegoda, Colombo, Sri Lanka

(    +  94 773832923

*     This email address is being protected from spambots. You need JavaScript enabled to view it.

Dr Kasun  has extensive experiences in Information Security  management t, IT risk  management an d information security  consulting  for  over  15 years.  He is a  volunteer research scientist, Cyberspace Security Policy and  Research Institute, School of Engineering and Applied Sciences, George Washington University , USA an d he is a guest Researcher in Department of Computer an d System  Sciences, Stockholm  University ,  Sweden  since January 1999. He holds a PhD in Computer Security from  Stockholm  University , Sweden . After being graduating from  the University  of Colombo with a First Class Honor of BSc. Special Degree in Computer Science he obtained Licentiate of Philosophy  in Computer and System   Sciences from  the Stockholm  University , Sweden .

He has conducted several IS Security  seminars an d workshops an d p resented several research paper at several national and international forum s.  Presently  he is attached  to  University  o f Colombo School of Computing as a senior lecturer in information security .

Read his full profile:



Madams photoK. N. Rupasinghe

Director   Training and Education

11/24, Melder Place, Nugegoda, Colombo, Sri Lanka

(    + 94 772300268

*    This email address is being protected from spambots. You need JavaScript enabled to view it.    

BSc in Management (Hons) Sri  Jayawardarapura University, Diploma in Computer Systems Design from National Institute of Business Management )

Participated several international events and in Certified Training Programs on “Training of Trainers in information Technology” in West Germany, Japan and Malaysia. 

Training and Consultancy experience at the National Institute of Business Management over a period of seven years.

At the capacity of the Director of Information Technology at the Institute of Chartered Accountants, Planning, Coordinating, Designing and Developing Training Programs to members and students of the Institute of ICASL and stake holders on Information Security, Risk Management etc. 

Member of Computer Society of Sri Lanka and Australian Computer Society.



The Swirl logoTMis a trade mark of AXELOS Limited.
ITIL®is a registered trade mark of AXELOS Limited.
PRINCE2®is a Registered Trade Mark of AXELOS Limited.
COBIT®is a trademark of ISACA®registered in the United States and other countries.
CISM CRISC CGEIT CISA® are Registered Trade Marks of the Information Systems Audit and Control Association (ISACA) and the IT Governance Institute
CISSP is a registered mark of The International Information Systems Security Certification Consortium ((ISC)2)