Home / About

About Jason Wilk

I help boards, councils and leadership teams make better decisions about governance, risk and cyber by cutting through complexity and focusing on what matters.

Over the past two decades I have worked at the intersection of governance, technology and risk. I have led IT security and cyber functions in major financial institutions, co-founded and run a governance and risk advisory firm for 15 years, and facilitated board education programmes for thousands of directors across Australia.

The common thread is pragmatism. Governance frameworks, risk models and cyber strategies only work when they are built for the people who use them. My advice reflects that. It is grounded in real experience of running businesses, sitting in boardrooms, and working through the messy reality of organisational decision-making.

Experience

Three careers, one focus: helping organisations govern well.

Technology and cyber security

My career started in technology, building a deep understanding of how information and data support an organisation. A conviction that has stayed with me: data is the lifeblood of every organisation, and technology is the vessel that carries it. Getting governance right means understanding both.

From there I moved into IT security and cyber leadership roles within financial institutions, where I learned to bring pragmatic control structures to highly complex, regulated environments. That experience taught me something that still shapes my work: the best security and risk outcomes come from governance that works with people, not against them.

Governance and risk advisory

Co-founding and leading a boutique governance, strategy and risk advisory firm for 15 years broadened my perspective from IT governance into corporate governance. Working with boards, councils, executives and management teams across government, local government, financial services, utilities, peak bodies, not-for-profits and private enterprise gave me a breadth of experience that underpins everything I do today.

The consistent lesson: governance is about people first, processes second. The organisations that govern best are the ones where frameworks serve people, not the other way around.

AICD education and thought leadership

The Australian Institute of Company Directors works with the best facilitators in the country. I have been an AICD Senior Facilitator since 2010, facilitating, authoring and reviewing governance, strategy, risk and cyber courses across their flagship programmes.

As the author of all AICD cyber courses, I have helped shape how Australian directors understand and govern cyber risk. I also review the Strategy and Risk modules of the Company Directors Course, the AICD's premier director development programme.

Objective Centric Risk Management

Today, much of my work focuses on transitioning organisations to an Objective Centric approach to risk management. This reframes risk conversations from "what could go wrong?" to "what must we get right?", aligning risk culture with how people naturally think and make decisions.

Boards, councils and leadership teams across corporate, government and community organisations are making this shift. The results speak for themselves: risk discussions that drive strategy, governance that people engage with, and a risk culture that plays to human strengths rather than against them.

Credentials

Fellow of the Australian Institute of Company Directors (FAICD)
Certified in the Governance of Enterprise IT (CGEIT), ISACA
AICD Senior Facilitator since 2010
Author, all AICD Cyber Security for Directors courses
Reviewer, AICD Company Directors Course (Strategy and Risk)
Reviewer, AICD and CSCRC Cyber Security Governance Principles
Facilitator, AICD Foundations of Directorship programme
Facilitator, AICD Governance Foundations for Not-for-Profit Directors
15+ years co-founding and leading a governance and risk advisory firm
Cyber governance and IT security leadership in financial services
Advisory experience across government, local government, peak bodies, NFP, financial services, utilities and private enterprise
CGEIT Certification Verify CGEIT credential AICD Faculty profile →

My approach

Pragmatic advice built for real boardrooms.

Having owned and run multiple businesses, my guidance is never theoretical. I think about governance and risk the same way I do as a business owner and director: what is the right balance between performance and conformance?

I work across all levels of government, corporate and community sectors. State government departments, local governments and councils, ASX-listed companies, peak bodies, utilities, financial institutions and community not-for-profits all face governance challenges that differ in scale but share the same fundamentals. Boards and councils need clarity on their role, confidence in their oversight, and practical tools to make better decisions.

State and local government is a particular focus. Elected officials, council members and agency leaders face unique governance pressures: public accountability, complex stakeholder landscapes, and the challenge of balancing community expectations with operational reality. I bring a practical understanding of these environments from years of working within them.

The first board workshop that got me excited about risk management and how we should be using it.
— Non-Executive Director, Peak Body

Whether the engagement is a board strategy day, a governance framework review, director education, or helping a board or council get across cyber risk, my goal is always the same: leave the organisation better equipped to govern with confidence.

Let's talk about your board.

Every engagement starts with a conversation. Reach out and let's discuss how I can help.

Get in touch