• Training page



Thilak Pathirage


DIRECTOR/ CEO  Senior Consultant  IT Governance, Security  and Risk Management   

(  +94 777 372697 / +94 (11) 2825177       *  This email address is being protected from spambots. You need JavaScript enabled to view it.   


Thilak Pathirage is an industry recognized professional in IT Governance, Assurance, Information Security and Risk Management having over 36 years of experience in banking and financial services industry both in local and overseas. He is a practicing IT Governance and risk management professional with extensive experiencin Operational Risk Management, Information Security, Information risk management, Business continuity Management and Information Systems Assurance & Audit for over two decades.The great majority of his experience is in the banking and financial services industry, but covers also manufacturing and government. He holds several global certificationin IT Governance, IT Assurance, Information Security and Risk Management with sound business management background. These include CISA, CISM, CRISC, CGEIT, and CBCP certifications.


Pathirage was a member of the senior management team of Seylan Bank PLC for 10 years and has been headed  Information System Audit, Information Security,  Operational Risk Management (ORM), where created Information System audit function, operational risk management function,Information risk management function (oversee the Information Risk Governance Officers role) and Business Continuity Risk Management function


He started his career in Bank of Ceylon and later migrated to overseas to take up a position in information governance role and joined Seylan in1997 where he introduced and implemented IT Governance, Assurance, Basel 2 based Operational Risk management policies/ framework and programmes and Information Risk Governance Polices/ framework and programmes including, IT Risk Management and Business Continuity Management for the first time in Seylan Bank.


He has being  conducting several consultancy engagements in many cooperate clients including Banks, finance companied, BPOs, software companies, Telcos etc. He also conducts public workshopson IT Governance, Risk Management, Business Continuity Operational Risk and Information Security related topics for last several years and has won the best IT Security Training Award in year 2008, offered by ISACA SriLanka Chapter.He is a visiting lecturer on Information Security Management at theUniversity Of Colombo School of Computing (UCSC) for several years and the founder lecturer of DISC Program of ICASL. He is also a public speaker at variounational & international forumand seminars and has published several presentations and research papers.


Pathirage wasa member of ICTA  (Information Technology Advisory Authority of Government of Si Lanka) eSecurity workingroup in SriLanka and has chaired the Computer Emergency ReadinesTeam (CERT) subcommittee. He is a FoundeMember and thePromoter of ISACA SriLanka Chapter in1996 and the founder and the present President of the (Information System Security Association (ISSA) chapter SriLanka (www.issa.org). He is also the Past Vice President and CISA coordinator for several years.


Currently he is the DIR/CEO and the principal consultant of ITGRC (Pvt) Ltd. He is also attached to the visiting lecture panels of  both Colombo and Sri Jayawardenapura Universities on information security related topics.  He is a voluntary researcher of strategic management of IT Governance, Operational Risk Management Information Security and Operational Risk,Information Risk Management anEnterprise Risk Management in general. He also has been conducting several certification programmes on CISA, CISM,CISSP and CRISC for the benefit of the new entrance to the profession.


Professional Memberships 

·            The Information Systems Audit & Control Association  (ISACA)- USA

·            The   Disaster Recovery Institution International- (DRII)– USA

·            The Information Systems & Security Association (ISSA)– USA

·            The International Information Systems Security Certification Consortium(CISSP) –ISC2 USA

·            Postgraduate Institute of Management of Sri Jayawardenapura (PIM)- Alumni Association

·            Institute of Bankers of Sri Lanka (IBSL)

·            Association of Professional Bankers of Sri Lanka(APBS)

·            Chartered Institute of Securities and Investment (CISI) London

·            Institute of Operational Risk Management (IOR) –UK

·            Member of Global Risk Community  http://globalriskcommunity.com/ 

Read More

To read his full profile:   https://www.linkedin.com/in/thilakjayasenapathirage


Dr. KasunDr. Kasun De Zoysa

Ph.D. in Computer Security , Licentiate of  Philosophy in Computer and System  Sciences B.Sc. Spl  in Computer Science (First Class Honors)

Senior  Advisor- Information Security

(  +94 773 832923       *  This email address is being protected from spambots. You need JavaScript enabled to view it.


Dr. Kasun has extensive experiences in Information Security  management, IT risk  management and Information Security consulting  for over 15 years.  since January 1999, he is a volunteer research scientist at Cyberspace Security Policy and Research Institute, School of Engineering and Applied Sciences - George Washington University, USA and a guest researcher in Department of Computer and System Sciences at Stockholm University, Sweden. He holds a PhD in Computer Security from Stockholm University, Sweden. After being graduated from the University of Colombo with a first class honors Bachelors Special Degree in Computer Science, he obtained Licentiate of Philosophy  in Computer and System Sciences from the Stockholm University, Sweden.

He has conducted several Information Security seminars and workshops and presented several research papers at several national and international forums.  Presently, he is attached to the University of Colombo - School of Computing as a senior lecturer in Information Security .

Read his full profile: http://www.ucsc.cmb.ac.lk/lecturers/kasun



Madams photoK. N. Rupasinghe

BSc in Management (Hons) Sri  Jayawardarapura University, Diploma in Computer Systems Design from National Institute of Business Management)

Director Training and Education

(  +94 772 300268     *  This email address is being protected from spambots. You need JavaScript enabled to view it.


Ms. Rupasinghe has extensive experience in Education and has worked in the capacity of the Director of Information Technology at the Institute of Chartered Accountants Sri Lanka (ICASL). Her role at ICASL entailed, planning, coordinating, designing and developing training programs for members and students of the ICASL and stakeholders on Information Security, Risk Management etc. In addition, she has training and consultancy experience at the National Institute of Business Management over a period of seven years.

She ahs participated in several international events and in Certified Training Programs on “Training the Trainers in Information Technology” in West Germany, Japan and Malaysia. 

Ms. Rupasinghe is a member of the Computer Society of Sri Lanka and Australian.



The Swirl logoTMis a trade mark of AXELOS Limited.
ITIL®is a registered trade mark of AXELOS Limited.
PRINCE2®is a Registered Trade Mark of AXELOS Limited.
COBIT®is a trademark of ISACA®registered in the United States and other countries.
CISM CRISC CGEIT CISA® are Registered Trade Marks of the Information Systems Audit and Control Association (ISACA) and the IT Governance Institute
CISSP is a registered mark of The International Information Systems Security Certification Consortium ((ISC)2)