Garry Costin-Davis.

CV

A highly organised, values driven IT audit, assurance, and project professional with over a decade of experience supporting complex organisations through structured risk management, operational coordination, and high accuracy documentation. Following a period of retraining and family focus, I am looking for a new permanent position, seeking a role where my skills support meaningful social impact and the wellbeing of vulnerable communities.

Garry Costin-Davis ~ MSc, BSc, CISA, CFAB, MCMI ~ garry@costindavis.com

Core strengths

Risk & Assurance

IT audit & controls assurance (SOX, ITGCs/ITACs, GDPR, security), risk management, programme assurance, governance and compliance coordination.

SOX ITGC / ITAC COBIT NIST ISO27001

Delivery & Stakeholders

Multi workstream organisation, documentation quality, stakeholder engagement, reporting, team leadership and coaching.

Portfolio / Programme Leadership Communication

My background spans governance, assurance, compliance coordination, data accuracy, process improvement, stakeholder communication, and multi-workstream organisation.

Professional experience

IT Platforms SOX Manager ~ Vodafone

Jan 2020 ~ Mar 2024

Accountable for IT SOX compliance and control coordination across Global IT Operations IT General Controls (ITGC) and processes, ensuring services met compliance obligations.

Communicated risk exposure, mitigation planning, and audit results to senior global stakeholders; served as Stream Lead for ITGC and Security on the Google Cloud Platform (GCP) migration programme, embedding controls for access, change management, and data security.

IT Audit and Risk SME to Corporate IT DevSecOps and contributed to end-to-end IT assurance strategy; oversaw multiple simultaneous implementation workstreams, ensuring controls were designed and operationally effective.

Internal Audit Manager ~ IT Audit & Data Analytics (Reckitt Benckiser)

Mar 2019 ~ Dec 2019

Planned, delivered, and managed IT audits involving financial, technical, and data analytics components; led technical streams to embed data analytics across the global internal audit function.

Identified operational, technological, and strategic risks; evaluated control effectiveness aligned to NIST, COBIT, and ISO27001; communicated findings through multiple channels and events in global locations.

Senior Consultant ~ Technology Risk (Ernst & Young)

Aug 2016 ~ Feb 2019

Managed multiple projects and programmes for IT audit delivery teams: planning, budgeting, scoping, stakeholder management, IT assurance delivery, programme risk management, and security projects.

Created and tested tools for the Innovation team, provided data analytics support, designed and delivered training programmes, and coached junior team members through training events and mentoring programmes.

Global Client Data Solutions Supervisor ~ BCD Travel

Jun 2015 ~ Sep 2015

Led global team collaboration on IT data projects and business intelligence reporting; supported technical/data issues, maintenance, and configurations; drove policy and procedure compliance and departmental process improvement.

System & Data Coordinator ~ Kenwood Travel

Dec 2011 ~ Jan 2015

Developed IT processes and IT service management practices; delivered training and team management; led system and data update programmes; implemented governance and lifecycle processes for reservations and controlled system usage.

Earlier career includes sales, hospitality management, customer service, and operational leadership roles. (Details on request, or in a condensed "Earlier career" section below.)

Earlier career (condensed)

Travel sales & account management

2007–2011

Tailor-made travel consulting and account management, supplier negotiation, and client relations across multiple roles.

Operations & hospitality management

2001–2007

Unit and multi site management with staffing, training, P&L responsibility, and delivery during operational change.

Education & certifications

Education

MSc — Software Engineering (Oxford Brookes University, 2016)

BSc — Mathematics and Statistics (London Metropolitan University, 2015)

Certifications & professional training

CISA (ISACA, 2018) · CFAB (ICAEW, 2017) · PRINCE2 (2015)

Level 2 Certificate in Understanding Autism (NCFE CACHE, 2025)

TQUK Level 3 Award in Supporting Teaching and Learning in Schools (2025)

Community & volunteering

I support community organisations through volunteering, including schools and local support services.

Examples include: The Quinta Primary School, Cheshire East Libraries, Congleton Community Support, Marlfields Primary Academy, MENCAP, Reading Voluntary Association, Micklands Primary School, and RSPCA.

Skills & competencies

Organisational risk

IT audit & controls assurance (SOX, ITGCs/ITACs, GDPR, security), access & identity management, change management, programme assurance, project management, ITSM, SOC reporting, cyber review, ISO27001, COBIT, NIST.

Professional competencies

Stakeholder engagement, risk, audit and delivery teams, risk based decision making, operational resilience, governance and assurance, cross functional communication, and pragmatic leadership in complex, regulated environments.

Interests

Travel · Reading · Volunteering · D&D · 3D Printing · Game Design