Cybersecurity and Risk Management

Information Technology Vendor Management deals with the intelligent sourcing of IT goods (procurement) and services (contracting/consulting). Vendor management requires familiarity with business needs and transforming those needs to goods and services from qualified and accredited suppliers. In investing in vendor management, organisations would look for the best way to get value out of the investment.

Companies typically spend between 2–5% of revenue on IT & 25–30% of this on software.​ SLMaaS (Software License Management as a Service) often provides savings of 10–30% by repurposing licenses to optimize software spends and maintaining compliance to reduce or eliminate risk ​of audit. Software audits typically cost 0.004% of revenue.


Michael Leung


Cybersecurity and Risk Management

Based in Vancouver, BC, Canada

Phone: 1-877-687-2826 

I have over 20 years of overall professional working experience, with more than 15 years of senior level information security management responsibilities, including executive and board level program and risk reporting. As an Independent Management Consultant, I have been helping businesses and organizations identify, prepare for and mitigate cyber risks by providing counsel and expertise in risk management, strategy, and tactics.

My specialty is the development and maintenance of cyber and information security programs based upon the assessment of an organization’s risk profile and appetite. In addition, I have a diverse background and in-depth knowledge, skills, and abilities in enterprise level strategy and management of information security; operational risk; enterprise architecture; IT services; project and systems/software development life cycle; e-commerce; cloud computing; disruptive tech; digital banking and core business systems.

I am an active volunteer and a leader within the local, national and international cyber/information security, IT governance and risk community as well as served the ISACA Vancouver Chapter for eight years as President in executive and non-executive board positions, and in various committees with ISACA International.

Assists organizations with planning, growing, building on its strengths and anticipating opportunities and risks.

Implements practical solutions for current cyber security challenges.

Providesguidance and support to executive leadership and board members on cybersecurity risks and crisis/incident management.

Performs and oversees security risk management and compliance activities at the organizational and project level.

Develops strategies and cyber security programs in alignment with a company’s goals, objectives, and leading industry information security standards/best practices.

Professional Highlights
  • Promotes the practices and the development of professionals in IT risk, governance of enterprise IT, information security management, and IT assurance within national and international communities.
  • Developed and led the information security function for a large Canadian Credit Union for over a decade.
  • Provided consulting services for MEC®, Great Canadian Gaming Corporation, BC Ferries, and sits on BC’s Provincial Security Advisory Council (PSAC).

Avantage's SLMaaS is specifically designed to help organizations control, manage and maintain software licensing compliance without adding resources or expensive toolsets.​ We have extensive experience helping businesses maximize their IT investments in the following key areas of Software License Management.

Contact Michael today and get your vendor management in order.