Information Security Risk and Governance Senior Manager
Nahdi Medical Company
مجموع سنوات الخبرة :14 years, 0 أشهر
• Develop the strategic plan for the department including objectives, initiatives, and budgets, in line with the Company strategic plan, ensure that performance indicators are achieved and that delivery reports are submitted accurately and at the specified deadlines, and that the indicators meet policies and standards for an efficient and excellent performance.
• Build effective professional relationships with partners and stakeholders within and outside Company, to ensure the provision of necessary resources, the implementation of management and control activities of the expenditures to ensure the efficient and effective use of financial resources.
• Oversee the development and follow-up of the implementation of the Governance and Compliance strategy and methodology to ensure that Company’s interests and objectives are met, reduce risks, improve its reputation, and enhance the confidence of stakeholders.
• Oversee the risk analysis and assessment of Company, ensure, and update the risk register, develop controls and contingency plans to mitigate and reduce the impact on Company reputation and stability.
• Oversee the activation of the business continuity management program and disaster recovery plans.
• Oversee the ongoing follow-up of all local and regional government regulations and global best practices in the field of competition and antitrust to provide it to the relevant regulatory units and to ensure their application and compliance.
• Design, develop and monitor Control Systems to address violations of domestic legal norms and internal policies, and propose procedures and penalties that contribute to the reduction of any violations.
• Advise and support the Board and Senior management of Company on institutional governance principles for the implementation of the governance programs and effective risk management frameworks.
• Develop and follow up the implementation of policies and programs that contribute to building an environment of trust, transparency, accountability, and business integrity; to support Company in achieving its objectives and to continuously improve its reputation locally and regionally.
• Support the development, execution and monitoring of privacy strategies and programs in accordance with Saudi privacy laws and regulations.
• Align and collaborate cross functionally with stakeholders and management.
• Coordinates the completion of privacy focused risk assessments and development of risk mitigation plans. Guides development of privacy policies and sustainable frameworks to support compliance with international, federal, and state regulatory requirements.
• Plans and develops privacy training programs, communication plans and other activities Ensures privacy requirements are successfully integrated and monitored using performance metrics and other monitoring activities.
• Provides reporting and presentations to management on the status of the privacy program Provide departmental project support.
• Implement Data privacy and protection solution across the company.
• End to end security operations.
• Disaster Recovery for flexibility against cyber-attacks
• Business Continuity
- Reviewing and approving an IT governance strategy and policies around the effective use of information
technology.
- Overseeing progress reporting on strategic initiatives.
- Evaluating and monitoring the alignment and decision-making process between corporate objectives and
information technology priorities; and Ensuring that IT governance is included within the internal control
framework.
- Planning, prioritizing and organizing IT initiatives and allocating appropriate budgets within the institution;
- Directing resources toward information technology initiatives;
- Providing reports on the performance, effectiveness and security of the information technology infrastructure to
the board; and
- Providing progress reporting on major strategic IT initiatives (e.g. migrations between banking systems, new
products, etc.) to the board.
- Reporting monthly financial statement.
- Evaluating the systems internal control design and effectiveness; and
- Confirming that IT infrastructure is safeguarding assets, maintaining data integrity and operating effectively to
achieve the organizations goals or objectives.
- Managing IT Budget and expenses (Capex & Opex)
- Reporting to institutions to confirm that hosted and outsourced products have been properly audited and
assessed. (Third Party)
- Providing standards of sound business practices for IT governance and risk management;
- Assessing institutions’ adherence to standards of sound business practices around IT governance and risk
management; and
- Taking appropriate supervisory action and working with institutions to ensure that sound IT governance practices
are implemented.
Identify, understand and plan for organizational and human impacts of planned systems, and ensure that new technical requirements are properly integrated with existing processes and skill sets.
Al-Madani CV1
Plan a system flow from the ground up.
Interact with internal users and customers to learn and document requirements that are then used to produce business requirements documents.
Write technical requirements from a critical phase.
Interact with designers to understand software limitations.
Perform system testing.
Deploy the completed system and conduct Training the Stuff on how to use the system
Document requirements or contribute to user manuals.
Identify the organizations business needs by implementing Strategic planning
Define the organizations policies and procedure
standardize the organization’s workflows
Business to Customer Action List;
Responsible for Bona Adapt system, technically, help in team training, provide system administrator needs assistant and guide on the system
Implement B2C business structures
Responsible for B2C Processing development
Implement B2C policy & procedure
Responsible for B2C New Processing Training
Responsible for B2C action plan
Make sure each department received the action list after the weekly meeting
Follow up with other department regard the action plan list
Make the study & proposal for any new project or business lunched on B2C
Creates monthly, quarterly and ad hoc reports and analysis related to: Workforce Planning, Time-To-Fill, retention, and other recruiting related metrics. Ensures timely and accurate delivery of reports. Compile data from completed plans for Talent Acquisition Leadership review. Work with Talent Acquisition leadership to identify trends and complete analysis results to determine resource deployment to maximize Return on investment (ROI).
Manages recruiting charge back model; determines monthly charges to functional groups, communicates results to leaders, works with finance to ensure accuracy of charges.
Proactively outreaches to diversity organizations in each state to communicate open positions and promote employment brand in the local area.
Prepares quarterly reporting on outreach effectiveness and develop recommendations for changes in strategy to optimize efforts.
Partners with marketing in managing employment branding on social networking sites; ensure material is relevant, updated and meaningful to viewers/candidates we are trying to attract.
Provides project support for other Talent Acquisition initiatives as needed such as scheduling candidate interviews, supporting with background check process, and other recruiting assignments.
Acts as system administrator; supports all system related needs, issues, changes, etc.
• Support Finance & Accounting, Human Resources and other business units using Oracle e-Business Suite R12 platform and other core technologies.
• Provide functional support in identifying, evaluating and deploying effective business systems solutions and processes to solve complex business challenges.
• Effectively facilitate meetings and discussions within a dynamic business environment to elicit concrete and comprehensive requirements.
• Evaluate business requirements and determine capability of Oracle technologies to meet needs.
• Coordinate and manage diverse cross-functional project teams to address business and/or systems issues.
• Define and document specifications and procedures for automated systems, including system scope and objectives appropriate to the needs of the business.
• Interface with technical team members to help translate the requirements and specifications into technical design/solutions.
• Configure and test Oracle technologies to demonstrate alignment with business requirements.
• Design and prepare test plans/scripts. Conduct structured testing to validate proposed systems functionality and process improvements.
• Prepare and write functional/technical documentation and user training material.
• Conduct user training of deployed system solutions.
from October 2010 till May 2013:
• From July 2012 to April 2014:
Information System Administrator.
Team supervisor.
• From October 2011 to June 2012:
Business Support Unite Help Desk Coordinator
System Manager
IT Team Coordinator
• Qualified to work under HR, Admin and Organization development
• I was working in two department MIS (Management Information System) & HR (Human Resources) as system manager and help desk coordinator.
From October 2010 till October 2011:
• Analyzing and troubleshooting the system
• Developing the HR forms and makes it works more with both the system & HR used.
• Work as system administration for HR system called Akrebeia.
• Work as IT/IS teams assistant for 3 months
Worked at Islamic Development Bank for tow month (480 hours) as an Administrative Assistant in the Operations Policy & Services Department (OPSD), used:
• IDP ARCAD system for indexing ( for 3 weeks)
• Lotus Notes system
• IT department, basic in ADABAS database.
• IDP ARCAD system for indexing ( for 3 weeks)
• Lotus Notes system
• IT department, basic in ADABAS database.