Board of Directors 


To contact an ISACA board member, please email

Chair Robert Clyde Chair Rob Clyde, CISM, NACD Board Leadership Fellow, is executive chair of the board of directors for White Cloud Security (trusted app list enforcement), and independent board director for Titus (leader in data protection, categorization and classification) (USA). He is the managing director of Clyde Consulting LLC, which provides board and executive advisory services to cyber security software companies. He serves as an executive advisor to HyTrust (multi cloud workload security) and BullGuard Software (consumer and smart home cyber security). Prior to becoming chair of ISACA’s board of directors, he served as vice-chair, chaired the board-level ISACA Finance Committee and served as a member of ISACA’s Strategic Advisory Council, Conference and Education Board and the IT Governance Institute Advisory Panel. Previously, he was CEO of Adaptive Computing, which provides workload management software for some of the world’s largest cloud, high-performance computing, and big data environments. Prior to founding Clyde Consulting, he was chief technology officer at Symantec and a co-founder of Axent Technologies. Clyde is a frequent speaker at ISACA, cybersecurity conferences and for the National Association of Corporate Directors (NACD). He also serves on the industry advisory council for the Management Information Systems Department of Utah State University (USA).

Director Brennan Baybeck Vice Chair Brennan P. Baybeck, CISA, CISM, CRISC, CISSP, is vice president of Global IT Risk Management for Oracle Corporation (USA). Baybeck leads IT security risk management for Global Customer Support Services at Oracle Corporation. In this role, he also is responsible for leading security, privacy and availability for Global IT’s key enterprise IT services, including GIT’s cloud initiatives. He has more than 20 years of experience in IT security, risk, audit and consulting and has worked in various industries designing, implementing and operating enterprise-wide programs to address global security risks. He has held leadership positions at Sun Microsystems, StorageTek and Qwest Communications, and served as an information security risk consulting manager for several years. Baybeck also has been actively involved with ISACA for more than eight years, serving as chair for various working groups and as a board director.

Director Tracey Dedrick Director Tracey Dedrick is a C-Suite executive experienced in risk, compliance, treasury and investor relations. Dedrick was EVP and Head of ERM for Santander Holdings US, where she was responsible for enterprise risk, operational risk and market risk for the Americas. Prior to this role, she was EVP, Chief Risk Officer and a member of the executive team for Hudson City Bancorp, where she built regulatory compliant risk, compliance and information security functions. Prior to that, Dedrick spent nine years at MetLife, where she successively built the capital markets function for the newly demutualized company as assistant treasurer, reinvented the investor relations function, helping to double the share prices as head of investor relations, and installed a market-consistent economic capital model as head of market risk, leading to the eventual disposition of the annuity business. Additionally, Dedrick serves on the boards of the Royal Shakespeare Company of America and the Royal Oak Foundation. She previously served on the conference committee of the New Jersey Women’s Banking Association and on the board of Children’s Aid and Family Services.

Director Leonard Ong Director Leonard Ong, CISA, CRISC, CISM, CGEIT, CFE, CIPM, CIPT, CISSP, CITBCM, CPP, CSSLP, CCSP, GCFA, GCIA, GCIH, GSNA, ISSMP-ISSAP, PMP, is associate director at MSD International (Singapore). Ong has more than 17 years of experience in cyber and corporate security gained in telecommunication, enterprise, banking, and pharmaceutical industries. His roles within the security profession have included information security, corporate security, project management, consulting and business development. He leads the governance, risk management, and compliance platform for Asia Pacific and Japan within IT Risk Management and Security in Merck & Co., Inc. (also known as MSD International). Prior to that, he was with Barclays Capital as Head of Information Security Risk & Operation, Asia-Pacific. During his tenure with Nokia Siemens Networks, he established security professional security services enabling telecommunication carriers to secure their networks. He spent four years in Nokia Corporate Security and was responsible for securing Nokia businesses in seven countries across the region. Ong served the ISACA Singapore Chapter as president for two terms and is currently past president. He also served the ASIS International Chapter as honorary chairman for three years. He is actively involved in various voluntary roles in different non-profit associations. Ong has received recognition from leading information security associations, such as ISACA, (ISC)2 and ASIS International. The National Infocomm Competency Centre (NICC) named Ong as IT Specialist of the Year in 2005. He was awarded (ISC)2 Information Security Leadership Achievement (ISLA)—Senior Information Security Professional category in 2011, and ASIS International Professional Certification Board (PCB) Regional Award in 2014. He was instrumental in achieving the K. Wayne Snipes Award in recognition of the ISACA Singapore Chapter. IDG and CEO|CIO Club presented Ong with ASEAN CSO Honoree award in 2015. In 2017, Ong was recognized with the Paul Williams award for his inspirational leadership in achieving strategic results and/or driving ISACA’s strategy forward.

Director R.V. Raghu  Director R.V. Raghu, CISA, CRISC, is director of Versatilist Consulting India Pvt. Ltd. Raghu cofounded Versatilist, which provides consulting, training and auditing services in information security, IT service management, business continuity and enterprise risk management. Raghu has more than a decade of extensive, hands-on, global experience across various verticals, such as engineering, manufacturing, IT, ITeS, BFSI, chemicals, mining and telecom. He has provided training, consulting and implementation support for establishing management systems compliant to ISO international standards and other frameworks, such as CMMI and COBIT. He is a gold level member of ISACA and is immediate past president of the ISACA Bangalore Chapter, where he has served as director of membership, secretary, vice president previously.

Director Martha Gabriela Reynaga  Director Martha Gabriela Reynaga, CRISC, CISA, GRCP, is the founder and CEO of Holistics GRC Consultancy, which provides IT-related services (Mexico). Previously, she worked as IT audit and governance director at Qualtop, as consultancy partner at GPI Global Practice International, GRC manager at ISM, and BRS manager Salles, Sainz - Grant Thornton, S.C. Before serving in these roles, she spent nearly 10 years at Deloitte in a variety of audit and risk services roles. In addition, she is a COBIT 5 Accredited Trainer and a public accountant. Reynaga has been actively involved with ISACA over the past seven years, currently as president of the ISACA Guadalajara Chapter (Mexico), where she previously served as secretary. She is also part of ISACA’s LatinCACS Governance Committee and Finance Committee, as well as president of the IT Commission for the Mexican Institute of Public Accountants. In addition, she is an international speaker with ISACA, ASIS, OAS and other organizations, and contributes articles on cybersecurity, IT and corporate governance for publications such as Best Corporate Practices (Mejores Practicas).

Director Gregory J. Touhill  Director Gregory J. Touhill, CISM, CISSP, Brigadier General (ret), is president of Cyxtera Federal Group, Cyxtera Technologies, a secure infrastructure company which offers data center services and cybersecurity capabilities to federal agencies and departments (USA). In addition, he serves as adjunct professor of Cybersecurity at Carnegie Mellon University’s Heinz College. He serves on the boards of Bay Dynamic, Inc. and Cybersponse, Inc. as well as the Symantec Federal Advisory Board and Cyber Security Forum Initiative Advisory Boards. Prior to joining Cyxtera Technologies, he was selected by President Obama as the US government’s first Chief Information Security Officer. His other civilian government service includes duties as the Deputy Assistant Secretary, Cybersecurity and Communications at the United States Department of Homeland Security; and as Director of the National Cybersecurity and Communications Integration Center, where he led national programs to protect the United States and its critical infrastructure. He is a retired Air Force general officer, a highly-decorated combat leader, an accomplished author and public speaker, and a former American diplomat. He has received numerous awards and recognition, including most recently, the 2017 F. Lynn McNulty Tribute Award in recognition of his contributions to securing the nation from cyber threats and the 2016 Federal 100 Award for accomplishments as Deputy Assistant Secretary to improve public- and private-sector partnership to better manage risk.

Director Ted Wolff  Director Theodore H. Wolff, CISA, is Senior Risk and Control Manager in Vanguard’s Global IT & Security Risk and Control group (USA). Prior to joining his current role, Wolff was head of Strategic Partner Relationship Management in Vanguard’s Global Sourcing Office (GSO) and previously led Vanguard’s corporate IT Audit group. Prior to Vanguard, Wolff was a vice president and IT audit director for Wachovia Corporation, with responsibility for the Wealth and Capital Markets businesses. He also served in several audit leadership positions with the FleetBoston Financial Group for business units, including Information technology and Mortgage Banking. Wolff earned a bachelor’s of science degree from Carnegie Mellon University in Applied Mathematics and is a Certified Information Systems Auditor. He is active in local and international leadership activities for ISACA and has previously participated in advisory councils at Appalachian State and Temple Universities.

Director Tichaona Zororo Director Tichaona Zororo, CISA, CISM, CGEIT, CRISC, COBIT 5 Certified Assessor, CIA, CRMA, is an IT Advisory Executive with EGIT | Enterprise Governance of IT (Pty) Ltd., an IT Advisory firm (South Africa). He has several years of in-depth experience in mainstream IT, IT auditing, cybersecurity, IT governance and IT risk across private and public sectors in Africa, Europe, the USA and Asia. Zororo is an advisor to a number of boards of directors, IT and business leaders across the globe on governance of enterprise IT, cybersecurity, IT auditing, IT risk, innovation and digital transformation. He was involved in the development of numerous ISACA white papers and COBIT 5 publications. A renowned COBIT expert, advisor and accredited trainer, Zororo is credited for being the first COBIT 5 Certified Assessor in Southern Africa. He has served on the ISACA Framework Committee, CGEIT Test Enhancement Subcommittee and the External Advocacy Committee. He is a recipient of the ISACA 2017 Harold Weiss Award for Outstanding Achievement, which recognizes an individual for sustained contributions to the advancement of the governance of enterprise IT. Zororo was voted a top speaker at 2017 Asia Pacific CACS and 2017 Africa CACS conferences. He is the Immediate Past President of the ISACA South Africa chapter.

Vice-Chair Theresa Grafenstine
Past Chair Theresa Grafenstine, CISA, CGEIT, CRISC, CGAP, CGMA, CIA, CISSP, CPA, is a managing director at Deloitte & Touche LLP (USA). Before joining Deloitte, Grafenstine served as inspector general of the US House of Representatives, where she was responsible for planning and leading independent, non-partisan audits, advisories, and investigations of the financial and administrative functions of the House. Prior to joining the House Office of Inspector General (OIG), Grafenstine served at the Department of Defense (DoD) OIG, where she led acquisition audits of major weapon systems and was selected to respond to high-profile Congressional audit requests. She is a past chair of ISACA’s Audit Committee, Finance Committee, Communities Committee, and Relations Board and a past president of the ISACA National Capital Area Chapter. Grafenstine also serves on the board of directors of the American Institute of Certified Public Accountants (AICPA) and as the audit committee chair of the Pentagon Federal Credit Union. She has received numerous awards and accolades, including the Golden Gov Federal Executive of the Year and, the 2015 John W. Lainhart IV Common Body of Knowledge Award and the 2014 John Kuyers Best Speaker/Conference Contributor Award from ISACA.

Chair Christos K. Dimitriadis, Past Chair Chris K. Dimitriadis, Ph.D., CISA, CISM, CRISC, is group director of Information Security for INTRALOT (Greece). He has built INTRALOT’s Global Information Security operations and is now responsible for the alignment of the Group’s security strategy with the business needs and the oversight of its execution. In addition to leading information security, information compliance and intellectual property protection at INTRALOT Group, Dimitriadis has designed INTRALOT’s innovation program in 2013 and is heading the office of the CTO, managing business transformation projects since 2015. He has been working in the area of information security for 16 years, he holds two patents in fraud prevention and game design and has authored more than 150 publications. He has received innovation awards from the European Lotteries Association, and the John W. Lainhart IV award for major contributions to ISACA’s common body of knowledge. He has also received the ISACA Presidents Award for Illustrious Service in 2014. He has served ISACA as a Director for four terms, chaired the Knowledge Board, the External Relations Committee, the COBIT for Security Task Force, and has been a member of the Relations Board, Academic Relations Committee, Journal Editorial Committee and Business Model for Information Security Workgroup. Dimitriadis has also served as a member of the Permanent Stakeholders Group (PSG) of the European Network and Information Security Agency (ENISA) for 2012-2015. He holds a degree in Electrical and Computer Engineering and a Ph.D. in Information Security.