Ali Fayad

Information & Cyber Security Compliance, & Governance.
Lead the alignment and inter gratin of the bank’s information security and risk a management programs with Cybersecurity standards and frameworks.

Key responsibilities of Anti Financial Crime Sanctions Monitoring Compliance Manager:

Contributing to delivery of the Annual Compliance Monitoring Plan by producing quality reviews

Performing complex Monitoring reviews

Providing advice and guidance to the business on necessary actions to achieve regulatory compliance, addressing any issues arising from monitoring reports

Reporting to management on levels of Compliance Assurance and/or any issues arising from specific monitoring activity

Sharing Compliance expertise with the team, providing support, guidance and training when needed

Continually improve Compliance Review systems and processes, with a focus on business service levels, productivity, efficiency and customer service

Assist the Group Chief Risk Officer in Manage the implementation of all aspects of the operational risk function, including implementation of processes, tools and systems to identify, assess, measure, manage, monitor and report operational risks across Burgan Bank Group middle east, North Africa & Europe & represent as Risk Manager for Burgan Bank Financial Service Limited (BBFS) Dubai
- Support the further development of the global Risk Framework for management of Operational Risk to meet requirements from internal and external stakeholders.
- Involves the development, and monitoring of risk policies, risk methodology and tools, in line with best practice.
- Ensure that operational risks associated with their respective processes, people and systems, and from external events are identified and understood.
- Act as an internal subject matter expert and develop organization capability around risk governance and decision processes aligned with risk strategy.
- Ensures that Burgan Bank Group (Head Office and Subsidiaries) has appropriate strategies and frameworks in place to assess, manage and report on operational risks.
- Assist and coach the various entities of Burgan Bank Group (Head Office and Subsidiaries) with the implementation of operational risk framework.
- On going monitoring of the framework for management of the Operational Risks and its components
- Insure formal Risk Assessment Methodology, which involves analyzing risks as well as identifying, describing and estimating the risks affecting the business.
- Represent Risk Management on corporate policy initiatives impacting or governing risk governance and control.
- Assisting the Principal Risk Owners and Principal Risk Coordinators with the identification of key risks and mitigating controls in their business units, as well as action plans to address any gaps in the mitigating measures identified.
- Ensure regulatory compliance guidance for operational risk management.
- Interact with auditors/regulators as subject matter expert for assigned governance aspects.
- Establishing and quantifying the Banks’s 'risk appetite' e.g. Risk Mitigation Plan Methodology
- Assisting the Group Chief Risk Officer in preparing reports to the Operational Risk Forum, Risk Committee, and Executive Management.
- Considering and suggesting methods to improve risk analysis and reporting to the Operational Risk Forum, Risk Committee, Executive Management.
- Promote a culture of risk awareness throughout the Bank Group (Head Office and Subsidiaries)
- Review and Implementation of respective Policies & Procedures,
- Support of implementation of Retail Credit, Liquidity, Operational and Market risks policies and procedures.

Championing best practice in Risk Management across Zain operations. Ongoing collection of information on risk and risk treatments across the group, for maintenance of the group Risk Register and preparation of the annual Risk Management report to be presented to the Management.
Assist in designing; implementing and maintaining Zain RM process including identification of financial, operational, people security & safety risks.
Established and served as secretary of the Group Risk Management Steering Committee tasked with overseeing the unified Risk Management and Information Security strategy and determine the organization's risk appetite;
Review audit and compliance reports relating to Risk Management.
Identify issues of non-compliance with the Group RM Policy and notify and give advice to key management on status of resolutions.
Compile and maintain a consolidated Register of Risk and Risk Treatments relating to Zain Group.
Draft the annual RM report to be presented to the Management.
Provide training and guidance on Risk Management to Zain OpCos
Compare Zain Group's RM with telecoms operators in similar markets International Standard.
Perform Risk Assessments and Business Impact Analysis for Zain Operations.
Perform site visits to Zain OpCos in order to appraise the quality of their risk management framework and educate staff Qualifications and Experience.
Assist in developing Physical and Safety Security Policies, strategies and guidelines
Assist in developing Business Continuity Management policies, strategies and guidelines
Assist in a crisis management role in the event of a business disruption. This includes, but is not limited to, coordinating the initial communications and incident assessments of senior management, managing and serving in an incident command centre role, coordinating the responses of internal and external service providers, and providing ad hoc status and recommendation reports

Jan 2010 - Sep 2010 Zain Group - Bahrain
Zain Group Risk - Information Security Specialist
• To implement, test & maintain all the ISMS systems (ISO27001)
• To assist in the establishment of Information security Management Policy and procedures within the designated territories
• To participate in the Risk Assessment and Business Impact Analysis
• Promote Information Security within the respective Operations
• Maintain and embed the Information Security Management program within the Zain culture (awareness campaigns)
• Schedule, supervise, conduct and evaluate Information Security exercises
• Developing Information Security Management policies, strategies and guidelines
• Developing Business Continuity Management Policies, strategies and guidelines
• Developing Physical and Safety Security Policies, strategies and guidelines

2008 - 2010 Zain Group Bahrain
Zain Group Risk - Business Continuity Management Specialist
To assist in the launch, assessment, implementation and maintenance of Business Continuity Management within the assigned territory
• To assist in the establishment of BCM within the designated territories
• To participate in the Risk Assessment and Business Impact Analysis
• Perform RAs and BIAs
• Promote BCM within the respective Operations
• Maintain and embed the BCM program within the Zain culture (awareness campaigns)
• Schedule, supervise, conduct and evaluate BCM exercises
• Assist in developing BCM policies, strategies and guidelines
• Conduct BCP plan reviews, fieldwork and business analysis associated with the implementation or update of business continuity measures, including but not limited to risk analysis, business recovery requirements analysis, recovery option analysis and testing
• Assist in a crisis management role in the event of a business disruption. This includes, but is not limited to, coordinating the initial communications and incident assessments of senior management, managing and serving in an incident command centre role, coordinating the responses of internal and external service providers, and providing ad hoc status and recommendation reports
• Assist Department Managers in developing Business Continuity Plans, Disaster Recovery Plans, Crisis Communication Plans
• Maintain, adapt and shape DRPs, BCPs, and CMPs all over Zain Operations

October 2004 - 2008 Mobil Telecommunication Company - Zain - Kuwait
Corporate Security Department - Information Security Administrator
Assumes overall responsibility for ZAIN's central data security & Information Security policies, architecture & procedures. Works with constituent groups to create, document, implement & manage policies, procedures & practices that ensure the availability, integrity & privacy of information asset on centrally managed computer systems.

December 1995 - 2004 Mobil Telecommunication Company - Zain Kuwait (MTC)
I.T. Department - Operating and Maintenance Section - Systems Operator

1993 - 1995 - Al Qabass Newspaper -Kuwait
Computer Operator