Melbourne Lim Yung Han

Promote this Nomination

Additional Info

Job title of nominated professional (or team name)Associate Consultant
Company (where nominated professional or team is working)KPMG
Websitehttp://www.kpmg.com/my
Company size (employees)5,000 to 9,999

In 3 bullets, summarize why this professional or team deserves recognition:

(1) Melbourne Lim has always been at the forefront in the cybersecurity industry. Previously, he spearheaded and supported multiple Southeast Asian greenfield digital banks in a competition to secure one of the five digital bank licenses issued from the Central Bank Malaysia. He developed the business plans, procurement policies and information security frameworks - including policy and risk, asset and incident management models – in accordance to BNM RMiT and other international frameworks (e.g., ISO 27001, 27002, 31000 and NIST SP 800-53). Consequently, the two greenfield digital banks that he supported was shortlisted.

(2) His expertise extends beyond local/national cyber security strategies. He has extensive global experiences from collaborating and supporting other international KPMG members (e.g., Thailand, Singapore and Australia), especially in the area of Information Security Audit and regulatory compliance. One of his recent collaborations was with KPMG Thailand, where he audited the ISMS of a global humanitarian aid organization against NIST SP 800-53.

(3) He has a unique combination of a legal, cybersecurity and business background, which enables him to provide a fresh outlook to the table. He excels in identifying innovative solutions and provide a holistic view. Moreover, he is adept in understanding the busines processes of an organization and the need of stakeholders. This allows him to provide the best recommendations that are align to the organization’s requirements, industry best practices and regulatory requirements.

Brief Overview

Melbourne Lim is an Information Security and Data Privacy Consultant in KPMG. He specializes in cyber governance, risk and compliance (GRC), information security and risk management, regulatory compliance and related fields of work. He has extensive experience in managing and supporting Information Security Management Systems (ISMS) strategic engagements, including developing security policies, procedures, and standards. His clients are generally public listed companies from diverse industry segment (e.g., telecommunications, agriculture, banking, oil and gas), and across geographies like Thailand, Singapore and Australia.

He is a CQI and IRCA Certified ISO/IEC 27001 ISMS Lead Auditor, and SME on regulatory compliance and attestation initiatives for cybersecurity topics to ensure alignment with audit, legal and regulatory requirements. He has extensive experience in both local and global information security frameworks, including but not limited to, NIST CSF, NIST 800-53, ISO 27001/02, PCI DSS, SOC 2, COBIT, GDPR, FedRAMP, BNM RMiT and MAS TRM.

He was a featured speaker at countless security conferences with audiences from ASEAN (e.g., Malaysia, Thailand, Indonesia and Philippines). He was also selected as the speaker for one of KPMG’s global initiatives which has reached over 100 countries and 30,000 audiences.

Furthermore, he often served as a security evangelist and contributor, especially in the area of data privacy. He is currently the IAPP KnowledgeNet Chapter Chair for Malaysia. Further, he was invited as one of the few contributors globally in the development and improvisation of the privacy tools for ISACA.

  • Vote for this Nomination
    (click the thumbs-up icon to cast your vote)

Browse Award Nominations