Technology Risk - Consultant
Protiviti Middle East Member Firm
Total years of experience :2 years, 2 Months
1. Performing External & Internal Audit planning and fieldwork including but not limited to IT Systems &
ISMS Audits based on ISO 27001:2013, IS/ IT Process Audits, General IS/ IT Controls & Application Controls Testing.
2. Conducted current state assessments as per the CBK CSF Framework for multiple banks in Kuwait.
3. Implementation of information security management system in line with ISO 27001:2013 requirements for multiple clients.
4. Assisting the consulting team in designing of project and audit plans by identifying and documenting risks associated with IT, Information Security, IT Governance, and Cybersecurity acknowledged during the audit fieldwork.
5. Developing recommendations for improvement including progress and refinement of working papers, final reports, and wrap-up of engagements.
1. Responsible for performing IT Internal Audit planning, fieldwork which includes General IT Controls
Testing.
2. Assisting in completion of the annual audit plan by identifying and documenting issues acknowledged
during the audit.
3. Performing Internal Control Reviews (ICR) & Implementation of Segregation of Duties (SOD) Matrix.
4. Conducted current state assessments as per the CBK CSF Framework for multiple banks in Kuwait.
5. Developing recommendations for improvement including progress and refinement of work programs,
final reports, and wrap-up of engagements.