Specialist - Risk Management & Business Continuity
Aspire Zone Foundation
مجموع سنوات الخبرة :19 years, 6 أشهر
▪ Responsible for managing the group Risk Management and Business Continuity portfolio of the foundation, consisting of Aspetar Hospital, Aspire Academy, Aspire Logistics, Sports Facilities and Corporate Office.
▪ Drove area of ORM in alignment with local regulation and RM framework.
▪ Directed and supervising BCM developments, plan implementation and BC program management.
▪ Oversee semi-annual operational risk assessment exercise with all functional areas to produce the Operational Risk Register. Feed relevant inputs for the determination of the high risks.
▪ Established Key Risk Indicators (KRIs) and determined the limits and monitor these on a quarterly basis.
▪ Coordinate with Executive management and Functional leaders (Technologists, Corporate Support, Medical Advisors, Academicians) in establishing business continuity strategies and operational resilience.
▪ Established an operational risk appetite and monitored the risk profile to ensure compliance. Carried out loss data event collection and Reported quarterly dashboard to the Risk Management Committee.
▪ Optimize resources management by identifying, designing, and implementing common Operational Risk & Business Continuity strategies across the foundation.
▪ Established ORM, BCM policies, objectives, scope, framework, KPIs, success criteria, and project plans.
▪ Reviewed and evaluated subsidiaries BCM plans, strategies, BCM documentation, training needs, resources requirements, budget, test plans, test reports, BIAs, risk assessment, and mitigation plans.
▪ Established and executed three years training program; to impart alleviate the practical knowledge, hands-on experience, and resiliency maturity at the strategic, tactical, and operational levels.
▪ Digitized BCM training and awareness program to minimize operational cost.
▪ Designing and facilitating periodic emergency drills, Business relocation exercise and crisis call-outs.
▪ Conducted BCM due-diligence audits, cross functional audits.
▪ Participated in international forums to ensure adherence to regulatory expectations, global standards ISO 22301, and industry best practices for strengthening resilience directives across the foundation.
▪ Provided senior management with an oversight of Integrated Business Continuity framework to ensure resiliency and continuity of operations between Kuwait and UAE.
▪ Established collaborative approach towards response and resolution of incidents involving Information Technology, Facility Management, and business units for crisis management.
▪ Reviewed Technology transformation plan of migrating Core banking system and surround applications into a unified enterprise architecture for the new vision of “Simpler Banking”
▪ Reviewed solution architecture to ensured high availability of operational resilience during data migration and process cutovers for Treasury systems, E-channels, and Card management.
▪ Implement an internal control framework in alignment with RM macro framework. Conducted interviews with the process owners to understand the nature of existing controls against key risks within each process.
▪ Evaluated design effectiveness(DE) and operational effectiveness(OE) of existing controls and agree an action plan to address the gaps including technology migration phases and point of no return.
▪ Drove bank wide Business Impact Analysis (financial impact & non-financial impact) Threat Risk Assessment.
▪ Revamped and digitized BCM Policy, strategy, recovery plans for simpler governance and improved recovery timelines (RTO’s / RPOs) as part of bank’s new vision and strategy.
▪ Oversee DR Tests and BC exercises to ensure results are progressively improved as per defined parameters.
▪ Led team of BCP Analysts and BCP officers.
▪ Completed all pending transition formalities of BCM Department from Corporate support to Risk Management.
▪ Expanded DR capacity in terms of System, Storage as well as workstations within allocated budget.
▪ Provide DR guidelines and reviewed IT DR Plan. Managed IT DR simulation test on ETHIX- Core Banking System.
▪ Successfully performed Failover test (Systems / application / network) for core banking, branches.
▪ Ensure business & support units establish continuity measures for bank's new products and services.
▪ Supported operational risk assessment of RCSA, Investigations on Events and root cause analysis of incidents, control evaluations and preparations of reports to Risk Management committees.
▪ Analyzed loss events and created measures to protect the bank by means of recommending design workflow processes, updating policies and procedures, adding system enhancements.
▪ Reviewed changes to business operational risk profiles are adequately considered, mitigated, and addressed prior to the implementation of major projects and products.
▪ Assisted Chief Risk Officer in preparation of annual budget, and reporting BCM performance scorecard to Board Risk Committee.
▪ Led Information security implementation efforts across the bank and successfully achieved ISO 27001 Information Security Management System for the Bank.
▪ Established data classification, information labelling, CIA valuation and performed Risk assessment, Business Impact Analysis, defined recovery strategy for iMAL- Core Banking System.
▪ Established Recovery Time Objectives for Networks/ Servers/ Database/ Tools and Resources bank wide.
▪ Defined risk parameters, baselines controls and implemented PCI-DSS on Visa/Master Cards Data services.
▪ Established DR site and alternate BCP locations with workstations to cater bank’s mission critical operations.
▪ Spearhead bank’s Security Intelligence Management project, integrated bank wide physical security and building security control systems to a unified security control platform.
▪ Evaluate Branch traffic (Arrivals & Services) and design Branch Matrix for Implementing Branch Recovery plans.
▪ Implemented RPX Recovery Planner automation solution to digitize recovery planning.
▪ Performed Applications, Network Failover tests for core banking and supporting systems.
▪ Conduct DR /BCP simulation exercise, Full scaled Mock drill and successfully managed two live events.
▪ Assisted CIO in defining Policy and Procedures, end of day and cut-over process, IT Governance processes and Due diligence reports.
▪ Audited IT Controls, processes, security policy and procedures at client facilities to ensure Confidentiality, Integrity, and Availability triad, to ensure client data are secured, and recoveries are guaranteed.
▪ Introduced Integrated Resilience Management (IRMS) and performed Application Profile Indexing for the successful implementation of Living Disaster Recovery Planning System (LDRPS) to client (Citi Bank)
▪ Core team member to implement BS7799 Information Security Management Systems across India locations.
▪ Assisted in implementation planning, analyzing, and tracking security requirements for projects.
Business Administration & Information Systems
Commerce & Taxation