Head IT Audit
Bank Dhofar
Total years of experience :22 years, 9 Months
Heading IT Audit Unit of the Bank to examine internal IT controls, audit information systems and projects, evaluate the design and operational effectiveness, determine exposure to risk, and compliance with applicable laws & standards.
Key Achievements:
• Cyber Security Maturity Assessment: Bank wide security maturity assessment in 2021 & 2022 to provide the Board with insight into gaps, weaknesses, and control improvements.
• PCI DSS / ISO 27001 Compliance Programs: Improving maturity by yearly reviewing the compliance of PCI-DSS and ISO 27001.
• Projects: Auditing projects to strengthen the control environment prior to go-live or deployment in production.
• Investigations: Lead several critical technology-related investigations in areas of IT Controls, Card Skimming etc.
• Security Audit: Yearly visit to Card Processing site, Bahrain for the Security Audit / Review.
• Certificate of Appreciation: Received appreciation certificate in 2013, 2014, 2015, 2017 & 2019 for outstanding
performance and significant contributions to Internal Audit Division.
Led IT Audit Unit of the Bank with responsibility for information systems audits, evaluated the internal controls and compliance with the applicable laws and standards to enhance efficiency, accuracy, and security.
Led the IT/IS Compliance Unit in one of the largest Banks in Pakistan. I led the team and promoted continuous compliance culture through RCSA within ITG, liaison with ITD team(s), and internal audit during the audit cycle for timely and accurate submission of data and to ensure proactive compliance with the applicable laws and corporate standards.
Key Achievements:
• Outstanding Observations: 1000+ IT/IS Audit observations complied/closed in a year which were outstanding since last 3-4 years and bring the outstanding number to minimum level.
• Audit Report Grading: Received report grading “Good” or higher on more than 60% Internal Audit Reports in year 2012.
• Service Team: Achieved Service team of the Quarter (Jan2012 - Mar2012) award in appreciation of Outstanding
Commitment.
Initially, worked for 7 years in the IT Infrastructure unit of the IT Division, and in June 2008, I transferred to the Audit & Inspection Group and led the IT Audit Unit with the responsibility to audit the information systems in local and international locations (Bangladesh) and recommend control improvements for a secure and effective control environment and compliance with the applicable laws and standards.
Key Achievements:
• Led the team to conduct the international audit at Bangladesh, oversee control and operational effectiveness, and recommended the controls in compliance with applicable laws and corporate standards.
• Led & evaluate the project implementation audit for the new T24 banking platform, one of the largest system implementations in our Bank’s history. This resulted in a complete change in our banking strategy where we moved to a centralized model leading to more customer friendly products and reduce Turnaround time for customer services
• Assist in Managing Infrastructure Department of IT Division, Head Office which support to all over the Bank including Islamic & overseas branches.
• Implementation and management of IT strategies, policies and security procedures for all related areas in the bank including Islamic & Overseas.
• Identify and address infrastructure bottlenecks and areas of improvement. Provision of reports for higher management.
• Correspondence to Risk Management & Audit Division regarding IT security, infrastructure deployment & implement IT security in all branches.
• Supervised installation, configuration, implementation, & troubleshooting of application software, hardware, Exchange Server, Operations related Issues to all over Pakistan and overseas branches.
• Coordinate with IT Coordinators to resolve IT Infrastructure related issues of branches / regional hubs.
• Coordinate with the different vendors for Annual Maintenance Contract.
• Supervision of duties of Operation Unit of IT Division.
• Supervised Installation, Configuration and Troubleshooting of Windows Server 2000/2003 on Compaq / HP ProLiant ML 330/350/370/530 & DL 380 Series Machines and Windows 9x/2000/XP clients.
• Management for email and internet client support to Head Office and branches all over Pakistan
• Supervised management & troubleshooting of centralized Antivirus software and Group Policies to implement security for Information Systems from different viruses & intruders all over Pakistan and overseas branches.
• Live & Up-to-date backup server’s in case of any disaster of primary server.
• Oversee and participate in systems side implementation of the Application Software namely, BankSmart, all over Pakistan and overseas branches in Bangladesh.
• Coordination with the different vendors for warranty claims, repair and maintenance.
M.C.S. (Computer Science) University of Karachi 1999-2000
B.Sc. (Hons.) Statistics University of Karachi 1996-1998
URL removed due to policy violation. Please contact support for further information.