Irfan has more than 15 years experience on IT audit, Information security and IT governance implementation.

Irfan has been involved in various security reviews, IT audit & consulting projects in Telco, Banking and Financial industry such as security penetration test for IT system and network element, implementation Business Continuity Mangement System using ISO 23301, developing IT strategic plan, implementation and assessment of ISO 27001 ISMS, development of information security policies & procedures, implementation and assessment US SOX 404, implementation and assessment Japan SOX, IT and business
processes review & improvement, assessment on IT risks, implementation and assessment of IT governance using COBIT, implementation of IT service management using ITILv3 framework, and also various assurance projects.

Irfan is also a professional trainer for CISA Exam Preparation, CISSP Exam Preparation, CISM Exam Preparation, ISO 27001 ISMS, Business Continuity Management, IT Service Management (ITILv3) , IT Risk Management, IT Strategic Plan (IT Blueprint), IT Enterprise Architecture using TOGAF, IT Business Analysis, COBIT 5 & COBIT 4.1, and IT Security & Auditing at several training
institutions in Jakarta & Bandung (Active Train, LAPI ITB, Telkompdc, ECDC Indonesia and Net Train).

Irfan participates actively in IT organization or community. He acted as technical advisor and subject matter expert for IT service management, IT audit and security assessment (vulnerability assessment & penetration test) at several international and local reputable consulting firms.