Senior Analyst GRC (Governance Risk & Compliance
National Bank of Pakistan
مجموع سنوات الخبرة :18 years, 2 أشهر
Policy Management life Cycle: From Creation, Communication, Management & Maintenance, contribute to, interpret and disseminate IS policy, standards development and awareness.
ERMC, BRC, BOD & Business Group: Representation, Presentation and Review of different policy matters for relevancy, accuracy, & impact after prescribed time frame as defined in the Policy Charter.
Governance, Risk & Compliance (GRC): Implementing Governance Risk & Compliance Framework issued by SBP, studied international best practices which covers different GRC suits like RSA Archer-Administration, OCEG GRC, Oracle GRC Suite etc.
Information Security Risk Management Framework: A comprehensive framework on Information Security Risk Management from establishing Risk Context to Risk Analysis, evaluation, communication and monitoring.
Risk Management Policy & Procedure: Reviewing & Coordinating Risk Management Policies for RMG at NBP, advising Controls & Procedural improvement, reviewing GAPS with other functions Groups in implementation. Advocating strategies in Remediation for Controls and Procedures in implementation.
Data Governance Framework: Development of comprehensive framework on Data Governance, creating Data Governance Council its mandate and members, Data quality focused areas etc.
Business Impact Analysis, Business Continuity & Disaster Recovery Document: In a development phase of constructing and monitoring BCP & DRD, Conduct comprehensive Business Impact analysis.
IT-Risk Management, Security, Basis & Application Controls: Tracking of information/cyber security issues arising from Different assessment program like BIA, Risk metrics, Internal, External and SBP audit.
Business Process Review & Internal Control Implementation COSO ERM Framework: Develop Process inventory and re-engineering them, and Internal Control Implementation, Enterprise risk- COSO Framework.
Project Management: Overall project management, development and implementation of software development projects. While working in at Electronic Credit Bureau Department we established the department based on the guideline provided by PMI’s Project Management Body of Knowledge (PMBOK).
Credit Bureau ERP Implementation: Net Sol Pvt LTD, Lahore (Pakistan): 02 Full Cycle implementation.
-----------Financial Analysis & Risk Management: Treasury Middle Office-----------------------------------
----------Group Financial Investment/Credit Analysis & Risk Measurement
Analyzing Credit Proposals for Disbursement and sanctioning
Calculating MCR (Minimum Capital Requirement ) for the Bank
Credit risk calculation engine on the basis of standardized approach
Credit Risk Review analysis of cases, presented to Board Risk Committee.
Capital Adequacy Ratio (CAR) calculation.
Risk Rating Analysis, Working for PACRA/JCR-VIS
Stress Testing (Scenario Based Analysis)
MIS-Analysis (Covering Peer Group Analysis, Sector Analysis, NPL’s Analysis etc.)
Start Documenting COSO Model framework (Risk Analysis and Assessment frame work)
Portfolio Analysis, Sharpe and Trenor Ration analysis.
Analyzing and forecasting Budgets for the Group
Financial Modeling and Analysis including projecting cash flows of advances and deposits.
Analyzing Future Trends.
Sector Analysis like Automotive, Cement, etc.
Financial Ratio Analysis and Trends
Analyzing EBIT (Earnings before Interest and Taxes) and projection Analysis.
Interest Income Analysis
Enterprise Risk management (ERM)/Credit Analysis (Calculating PD's, Portfolio Analysis, Diversification & Correlation analysis)
FCF (Free Cash flow) analysis.
---------Market Risk (Interest Rate-Liquidity-Forex) Measurement & Management-----
Covering Foreign Exchange limit monitoring (Foreign Currency wise exposure Limit, FEEL, Dealers Limit)
Interest Rate Risk CRR, SLR Money Market Report, Daily Inflow/Outflow, Dealers limit monitoring etc. Equity Price Risk covering Both Internal i.e. our own policy as well as SBP prudential regulations.
Liquidity up to the extent of Balance Sheet Gap Report, rate sensitivity Report etc.
-------Basel-II/Operational Risk Measurement & Management
Worked on Minimum capital requirement (MCR) and stream lining supervisory review.
Operational loss Databases and Contingency planning.
Working towards VaR(Value at Risk ) calculating on Sample Data for pre planning
COSO Model Implementation -creating Audit rating Modules.
BPR (Business Process Review) Implementation at Credit Risk Review phase.
•Core Banking Implementation-Profile module as part of integration team with eCIB.
•Implementation of ERP which includes Business Process Analysis and Redundancy management
•Monitoring of user roles and timely updating of system patches.
•ERP Disaster recovery and Business continuity planning.
•Creating common point of interaction of all Data Bases within an organization.
•SDLC analysis and Risk identification.
•Bringing operation efficiency by implementing COSO stages and Business Process Reviews analysis.
•Information Architecture Design and Implementation.
•Performing Business Data Analysis including Peer Group Analysis.
•Information system auditing and defining security policies
•Implementation of Data ware housing solutions (proposal monitoring)
•Provide online training and support to regional staffs
•Submission of Electronic Credit Information Reports to SBP.
•Supporting a team of more than 100 online and off line user of eCIB Terminal.
•MIS reporting of data of NBP all branches on national level.
Associate Chartered . U.K Qualified Stage I , II & III Qualified Professional .
Distinguish-M.B.A from I.B.A (Institute of Business Administration) Karachi. Majors in Management Information System /Financial Risk Management. Master in Business Administration from Institute of Business Administration, Karachi set up by Wharton School of the University of Pennsylvania in 1955 and amongst Top 8 Business Schools of South Asia. I am also level I & II Qualified JAIBP Banking professional and a candidate of Level III.
Bachelor of Sciences in Computer Science from Pakistan Air Force- Karachi Institute of Economics & Technology. 4 Years Degree in Computer Science.