Manager -IT Governance & Risk Management
National Bank of Abu Dhabi (NBAD)/ FAB
Total years of experience :23 years, 6 Months
IT Governance and Risk Manager
Managed the IT Risk Portfolio across NBAD globally to reduce operational exposures and provide adequate management visibility and oversight.
Established and managed the IT Risk Management Steering Committee advising on IT Security and risk issues faced by NBAD.
Provided direction to the NESA compliance initiative implementing suites of controls to protect against cybersecurity threats using a model of layered security.
Provided governance oversight and managed the compliance initiatives over regulatory requirements in 14 geographic locations and emerging markets spanning across the Middle East, Asia, Europe and North America.
Enhanced IT process efficiency and operating effectiveness by managing the COBIT 5 implementation.
Managed and advised on decisions addressing issues and challenges faced by IT Service Management.
IT Governance Group Leader
Developed IT’s balanced scorecard and reporting to better align IT to business objectives.
Developed and reported on key operational risk controls, key risk indicators, key performance indicators and other metrics for IT.
Managed IT Governance within ITD and advised on implementation of controls.
Established the IT Risk Management and Risk Assessment Frameworks and advised on their implementation. Developed the IT risk register and risk reporting to convey IT’s posture.
Developed and implemented the mandate and process to create IT policies and procedures.
IT Governance Sr. Consultant
Established charters and mandates for several steering committees including: the IT Steering Committee, Retail Operations, Change Advisory Board and Risk Management Steering Committees to enhance governance through organizational structure.
Invited by Abu Dhabi Police and recommended by NBAD executive management to assist in the security programs against e-crime in the UAE.
Developed policies and standards in line with PCI and industry best practices (COSO, COBIT, ITIL, ISO) and advised on their implementation.
Developed and managed the IT Audit, IT Security and Risk Consulting practice.
Developed sales strategies and marketing campaigns for IT audit and IT security services.
Developed customized IT audit and security programs for companies in various industries.
Defined repeatable and sustainable processes for assessing the IT and Information Security risks for clients.
Advised clients on how to remediate security gaps in their business processes.
Developed and presented IT audit, security and regulatory compliance materials at seminars to business partners and clients.
Generated a new revenue stream for the company. Built and maintained strong client relationships.