GEORGE HAMPOURIS

Senior executive with over fifteen years experience leading enterprise risk, resilience, governance and assurance in complex, high visibility public sector environments. Recognised for transforming risk from a compliance focused function into a strategic executive capability that strengthens decision making, protects reputation, enables innovation and improves organisational preparedness. Trusted advisor to Executive Leadership Teams, Boards and Audit and Risk Committees, with deep experience in crisis preparedness, cyber and emerging risk governance, business continuity and large scale organisational transformation. Known for building confident, risk aware leadership cultures that improve effectiveness, resilience and community trust.

• Fellow, CPA Australia.
• Member, Institute of Internal Auditors.

• Lifted enterprise risk maturity to a score of thirty three out of thirty six under the NSW Continuous Risk Improvement Program, through development and integration of a strategic risk plan, resulting in improved regulatory assurance, executive confidence and a clear pathway to full maturity by 2026.
• Designed, implemented and embedded enterprise GRC platforms including CAMMS and RelianSys, digitising risk, compliance and audit workflows and delivering real time dashboards for executives and governing bodies, resulting in improved oversight, reduced manual effort and efficiency for risk team and the end user.
• Overhauled business continuity, emergency and incident management frameworks and validated organisational readiness through cyber and multi day disruption scenario exercises and executive workshops, resulting in materially improved preparedness, response confidence and service continuity.
• Introduced risk based probity and procurement controls that improved cycle times for low risk procurement while strengthening assurance for high risk activity, resulting in improved efficiency, reduced bottlenecks and better risk coverage across procurement activity. Leading to a risk based approach to procurement scrutiny.
• Achieved an Institute of Internal Auditors Quality Assessment rating of Optimising, uplifting the Internal Audit function from partial conformance and strengthening Board reliance on assurance and insight.
• Led the development and implementation of a Generative AI Risk Assessment Framework aligned to the NSW Government AI Assurance Framework, enabling the safe adoption of AI while protecting community trust, legal compliance and organisational reputation.
• Designed and implemented a Generative AI Risk Assessment Tool governing all AI use cases, including operational and non operational AI, automated decision making risk, bias, fairness and explainability, privacy, cyber security, sensitive data controls, accountability, auditability and rollback processes, resulting in clear executive oversight and responsible innovation.
• Embedded privacy by design and security by design principles into AI enabled initiatives, ensuring alignment with privacy legislation, cyber security policy and public accountability obligations, and strengthening public trust in emerging technology use.
• Established human in the loop controls and escalation thresholds for AI informed decisions, ensuring executive oversight, preventing over reliance on automated outputs and maintaining accountability for decisions.
• Established executive governance for AI and automated decision making, including risk classification, approval thresholds, legal and privacy consultation triggers and rollback mechanisms for high risk use cases, resulting in controlled innovation and reduced exposure to unintended harm.
• Streamlined governance and policy settings, removing outdated instruments and introducing a clearer policy framework, improving accountability, compliance and organisational effectiveness.

• Designed and facilitated Executive Leadership Team enterprise risk management workshops to reset the organisation risk framework from fragmented operational risks to clear executive level strategic risk themes, improving clarity, alignment and leadership ownership.
• Reframed strategic risk around financial sustainability, digital capability, social cohesion, intergovernmental relations, environmental and climate resilience, removing duplication and over granularity, and enabling more meaningful executive discussion and prioritisation.
• Led a comprehensive redesign of the Risk Appetite Statement, strengthening clarity of appetite thresholds, escalation triggers and alignment to financial exposure and community outcomes, resulting in more consistent and confident escalation decisions.
• Introduced Key Risk Indicators directly linked to risk appetite and escalation, providing early warning signals and regular Executive Leadership Team visibility of emerging risks and trends.
• Shifted reputation from a standalone risk to a consequence lens, sharpening executive focus on root cause drivers, preventative controls and underlying exposures rather than symptoms.

• Enterprise Risk Leadership Design, embed and continuously improve enterprise risk management frameworks aligned to ISO 31000 and organisational risk appetite, integrating risk into strategy, planning, investment and executive decision making, resulting in clearer prioritisation, stronger escalation and more confident leadership decisions.
• Resilience and Preparedness Design and implementation of enterprise resilience frameworks, business continuity planning including BIA, RTO and RPO, emergency and incident management, and scenario exercising including cyber and systemic shock events, resulting in improved preparedness, response confidence and service continuity during disruption.
• Executive and Board Advisory Clear, confident advisory capability to Executive Leadership Teams, Boards and Committees, delivering insight led reporting, disciplined escalation and forward looking risk narratives that support timely decisions, accountability and effective governance oversight.
• Culture and Capability Building Design and delivery of risk literacy programs, leadership workshops, practical tools and playbooks that embed accountability, shift risk from compliance to enablement, and increase organisational awareness, ownership and confidence.
• Data, Technology and Continuous Improvement Implementation of GRC systems, automation and analytics to improve visibility, timeliness and assurance coverage, supported by measurable indicators, lessons learned loops and continuous improvement, resulting in more efficient and effective risk and assurance functions.

• Independent Audit and Risk Committee Member, South Burnett Regional Council, 2020 to 2024.
• Members Assembly Representative, CivicRisk Mutual, representing twenty six councils in governance oversight of pooled insurance arrangements.
• Resilient Sydney Council Representative and Ambassador, collaborating with thirty three Greater Sydney councils, state agencies and community partners.

• Head of Audit / Chief Audit Executive, Fairfield City Council.
• Audit, Transport for NSW.
• Senior Auditor, Corrective Services NSW.
• Grants Auditor, Austrade.
• Audit and Advisory, WHK Horwath.
• Financial Audit and Assurance, PwC.