Ashraf Al khayyat MBA CISA CGEIT, Internal Audit Senior Manager

Ashraf Al khayyat MBA CISA CGEIT

Internal Audit Senior Manager

Department of Education and Knowledge

Location
United Arab Emirates - Abu Dhabi
Education
Master's degree, Masters of Business Administration
Experience
18 years, 7 months

Share My Profile

Block User


Work Experience

Total years of experience :18 years, 7 months

Internal Audit Senior Manager at Department of Education and Knowledge
  • United Arab Emirates - Abu Dhabi
  • My current job since April 2019

Senior Manager Internal Audit Division. IT & Operations.

Head - Systems Assurance at Dubai Airports
  • United Arab Emirates - Dubai
  • March 2016 to November 2020

Responsible for Technology and Systems Assurance, Audit and Risk management

Regional Audit Manager at Hsbc
  • United Arab Emirates - Dubai
  • April 2018 to April 2019

Regional Audit Manager - Operations, Services & Technology.

IT Audit Manager at Dubai Aviation City Corporation
  • United Arab Emirates - Dubai
  • August 2012 to January 2016

Managing the internal IT audit function in the group where we are responsible for providing the internal IT audit and assurance for the following:
o Dubai Airports
o Dubai Duty Free
o Dubai World Central
o Dubai Aviation Engineering Projects
o Dubai Air Navigation services, and others

• Established the IT Audit function in the group and developed the culture and the environment suitable for Information systems and technology Audit
• Re-engineered the audit process in the group internal audit to cater for technology challenges within the business environment where the appreciation of Information technology risks, strengths and opportunities is embedded not only in the IT audit but within the internal audit function as whole.
• Recommended and successfully implemented the usage of CAATs (ACL) for data analytics in the group
• Recommended and successfully implemented the usage of Audit Management system (TeamMate) in the group to utilize technology to maintain security, quality, centralization and to enhance communication with audit clients.
• Trained, mentored and advised internal auditors on the information security risks, governance and controls

Senior IT Auditor at Arab Bank PLC
  • Jordan - Amman
  • August 2010 to August 2012

Member of the Group Internal Audit division/Information technology Audit, I'm a senior IT Auditor. My responsibilities include :
•Conduct IT audit assignments as per the annual audit plan and according to the group's internal audit charter
•Participate in special IT audit assignments according to urgency/importance such as strategic projects.
•Check and examine compliance with regulatory and industry requirements such as Central bank/governmental requirements and PCI DSS for different processes.
•Check and examine compliance with the banks' policies and procedure by IT teams and functions
•Apply and embed best practices in our audit assignments for different processes, best practices such as Cobit, ITIL, ISO27001, CMMI, BCI, ISO25999
•Participate in building audit programs for different IT processes and embedding best practices audit requirements as applicable to the current environment, best practice audit programs such as ISACA's audit programs, IIA's GTAGs and SANS.
•IT processes in scope :
o Information Security
o Network and Infrastructure
o SDLC
o User and Identity Access Management
o Policies and procedures
o Project management
o Office Automation
o Application controls
o business continuity and disaster recovery
o IT operations and support
o General IT controls
o Other IT processes based on risk based auditing.

IT Security & Infrastructure Officer at HSBC Bank
  • Jordan - Amman
  • July 2007 to August 2010

Responsible for IT security operations, design, implementation and culture, including IT security projects implementation, risk management, users awareness and training, monitoring and IT department oversight.
Also responsible for network infrastructure design/security and analysis

Senior IT Engineer at HSBC jordan
  • Jordan
  • May 2006 to July 2007

Responsible of IT operations/monitoring/troubleshooting for 5 branches located in Abdoun, Jabal Al Hussein, Al Madina Al Munawarah street, Khalidy Street and the main branch on the 5th circle, approximately 500+ users, this includes :

1. Responsible for Troubleshooting PC/Servers, network and security malfunctions.
2. Responsible for installing software packages for client/servers and detecting/reporting any bugs.
3. Responsible for reporting and following up major problems/malfunctions with Headquarters.
4. Responsible for design/implement network structure whenever is needed.
5. Responsible for keep IT environment stable and online 24/7. That includes servers, network devices, PCs, printers and ATMs.
6. responsible for monitoring system(s) stability, backup
Operations and system analysis.

7. Co-operate with HQ in Dubai for any domestic network/Server/system upgrade projects.

Credit Associate / ORM Associate at HSBC Bank Middle East Jordan
  • Jordan - Amman
  • August 2005 to May 2006

Working as Loans and credit associate, checking and processing retail credit facilities.

Working as outward remittances associate, checking and processing money transfers.

Education

Master's degree, Masters of Business Administration
  • at University of Wollongong in Dubai
  • November 2015

Business & Leadership

Bachelor's degree, Computer Science
  • at AlZAytoonah university of Jordan
  • July 2005

Computer Science and Programming

Specialties & Skills

IT Risk
IT Audit
Information Security Management
IT Governance
IT Strategy
TeamMate
Computer Skills
Data Analytics
IT Audit
IT Governance
Cyber Security

Languages

English
Expert
Arabic
Expert

Memberships

ISACA
  • member
  • November 2010
The Institute of Internal Auditors IIA
  • Memeber
  • November 2012

Training and Certifications

Certified in the Governance of Enterprise IT CGEIT (Certificate)
Date Attended:
December 2013
Security+ (Certificate)
Date Attended:
January 2010
Valid Until:
March 2010
Cisco Certified Network Associate CCNA (Certificate)
Date Attended:
January 2009
Valid Until:
March 2009
Certified Information Systems Auditor - CISA (Certificate)
Date Attended:
March 2011
Valid Until:
June 2011