David Whelan
Dublin
Summary
Dynamic IT Audit Director with a proven track record at Aptiv Plc, driving cybersecurity strategy and governance. Spearheaded a risk-based audit plan, enhancing cyber resilience and compliance. Expert in incident response and team leadership, delivering measurable improvements in security architecture and operational efficiency.
Overview
16
16
years of professional experience
3
3
Certifications
Work History
Global IT Audit Director
Aptiv Plc
08.2021 - Current
- Lead the global IT audit strategy for a $20B automotive technology leader.
- Developed a risk-based audit universe and 3-year plan integrating COBIT and CIS Top 18 frameworks.
- Directed audits covering SaaS cloud governance, ISO 21434 compliance, RPA operations, and security architecture.
- Built a high-performing audit team delivering measurable improvements in cyber resilience.
Group Chief Information Security Officer
Ardagh Group
11.2014 - 07.2021
- Designed and implemented the global Information Security & Cyber Strategy for a €6.5B manufacturing group.
- Introduced Advanced Threat Detection, Cyber Analytics, and global DR/BCP frameworks.
- Managed IT SOX compliance across 17 systems, achieving Year 1 certification in 2019.
Group Risk Manager / Group Information Security Manager
Irish Water & Gas Networks Ireland
03.2010 - 10.2014
- Reported to the Board Risk Committee, overseeing enterprise risk, information security, business continuity, and crisis management.
- Developed frameworks aligning with ISO and COBIT standards, embedding governance across the organization.
Director of IT Audit, Consulting and Compliance Services
Forvis Mazars
- Designed and led the firm’s IT Audit, Security and Consultancy services, working to provide a quality service to private and public sector organizations.
- This service more than doubled its turnover in the 3 years I was in the role.
Education
MSc - Management of Information Technology (Hons)
Dublin City University
Dublin, IrelandAssociate Chartered Management Accountant (ACMA) -
CIMA
BSc - Management
Trinity College Dublin
Dublin, IrelandSkills
- Cybersecurity strategy and governance
- Information risk management
- IT audit and compliance
- Cloud and application security
- Incident response and threat management
- Business continuity and disaster recovery
- Leadership and team development
Accomplishments
- Built Aptiv’s global IT audit function, introducing a risk-based model aligned with COBIT and CIS Top 18, expanding scope beyond SOX compliance to strategic cyber audits.
- Led the design and implementation of Ardagh Group’s global Cybersecurity Strategy, deploying advanced threat detection and achieving SOX 404 certification across 17 systems.
- Directed the cybersecurity integration of 20+ manufacturing sites post-acquisition, improving overall security maturity and operational resilience.
- Established enterprise risk and information security frameworks at Ervia, aligning with ISO and NIST standards and strengthening group-wide governance.
Earlier Career
- Group Information Security & Risk Manager – Zurich Ireland
- Head of Computer Audit – Dublin Airport Authority
- Head of Computer Audit / Financial Accountant / Software Engineer – Aer Lingus
Certification
CRISC
Timeline
Global IT Audit Director
Aptiv Plc
08.2021 - Current
Group Chief Information Security Officer
Ardagh Group
11.2014 - 07.2021
Group Risk Manager / Group Information Security Manager
Irish Water & Gas Networks Ireland
03.2010 - 10.2014
Director of IT Audit, Consulting and Compliance Services
Forvis Mazars
MSc - Management of Information Technology (Hons)
Dublin City University
Associate Chartered Management Accountant (ACMA) -
CIMA
BSc - Management
Trinity College Dublin