Taysir Ahmad PMP® ISO Lead Implementer-BCM CFE CICA OSHA

Scope of Work
Establishing a robust risk management and information security framework encompassing the review, assessment, and evaluation of risks that could adversely impact on the company's reputation, operations, safety, security, and financial standing. It requires designing and implementing frameworks to instill a risk prevention and mitigation mindset for all functions in the company including information security, crisis management, disaster recovery, business continuity, fraud detection and prevention and complying with industry certificationrequirements.

Role:
• Lead enterprise-wide risk governance within a regulated Credit Bureau environment, ensuring alignment with UAE Central Bank regulations, supervisory directives, and financial sector risk requirements.
• Review, interpret, and operationalize UAE Central Bank circulars, regulations, and supervisory notices, translating them into internal policies, control enhancements, and compliance action plans.
• Act as focal point for risk-related regulatory communications, ensuring timely assessment, gap analysis, and implementation of corrective measures in response to Central Bank directives.
• Ensure organizational adherence to regulatory requirements governing credit reporting, data protection, cyber resilience, outsourcing risk, and operational continuity.
• Design and implement an integrated ERM framework tailored to credit data operations, financial exposure, system resilience, and regulatory compliance.
• Establish and enforce the Three Lines of Defense model, embedding accountability across business, technology, and data governance functions.
• Oversee information security governance and cyber risk management for sensitive financial and credit data in line with regulatory expectations.
• Lead ISO 27001 and ISO 22301 renewals and ensure mitigation of audit findings to maintain regulatory and industry compliance posture.
• Conduct enterprise-wide RCSA exercises; maintain risk registers, regulatory action logs, and executive dashboards for reporting to the Director General and Audit & Risk Committee.
• Manage third-party and outsourcing risk assessments in alignment with regulatory outsourcing guidelines and information security standards.
• Act as central coordinator for crisis and major incidents, ensuring regulatory reporting considerations are assessed and addressed when required.
• Collaborate with Internal Audit to align annual risk assessments with regulatory priorities and supervisory focus areas.
• Establish Key Risk Indicators (KRIs) linked to the enterprise risk register to monitor top risks, enabling early detection, trend analysis, and timely escalation to senior management.
• Conduct enterprise-wide RCSA exercises; maintain risk registers, regulatory action logs, and executive dashboards for reporting to the Director General and Audit & Risk Committee.
• Establish the Risk Appetite and Risk Tolerance framework, including setting KRI thresholds for high and critical risks to support proactive risk monitoring and escalation.

Scope of Work
Analyze and manage risk management issues by identifying, measuring, and making decisions on operational or enterprise risks for an organization.

Role:
• Formulating & implementing long-term & short-term objectives/ policies, detailed procedures, framework of Enterprise Risk Management function
• Drafts and delivers reports and presentations outlining findings, identifying, and explaining potential risks, and recommending solutions.
• Reviews of financial data and other information related to business operations.
• Gathers and compiles data related to risk from internal and external resources.
• Identifies potential risks by analyzing data, observing process, and talking to staff.
• Selects or develops and implements appropriate risk assessment models or methodologies.
• Develops and implements contingency plans to manage business interruptions, volatile market
events, and other emergencies.
• Devise scenario analysis reflection of possible severe market events
• Conduct statistical analyses to quantify risk using statistical analysis software or econometric models.
• Ensure and/or facilitate adequate communication concerning key risks.
• Drafts and/or evaluates risk disclosures and similar documentation.
• Maintains knowledge of existing and developing laws and regulations related to the organizations industry; assesses and explains how new requirements may affect the organization in terms of risk exposure.
• Reviews of any new major contracts or internal business proposals.
• Build risk awareness amongst staff by providing support and training within the company.
• To assist the Head of Risk in developing & updating standard instructional documents/procedures for the departments and ensure effective discharge of department’s functions.
• Assist Head of Risk in developing, organizing, and following document control mechanisms for the ERM.
• Develop training/ workshop material and workshops across the organization on various topics relevant for risk assessment and BCM.
• Advising Top and senior managers on policy strategies for reducing liability and preventing losses.
• Promoting enterprise-level risk management practices and helping instill strong culture focused on protective policies and procedures.
• Developing, deploying and enhancing procedures to reduce institution's exposure to fraud.
• Following up on all subject related follow-up on topics related to the National Emergency, Crisis and Disaster Authority
• Establish the Risk Appetite and Risk Tolerance framework, including setting KRI thresholds for high and critical risks to support proactive risk monitoring and escalation.

Scope of Work
Analyze and manage risk management issues by identifying, measuring, and making decisions on operational or enterprise risks for an organization.

Role:
• Formulating & implementing long-term & short-term objectives/ policies, detailed procedures, framework of Enterprise Risk Management function
• Drafts and delivers reports and presentations outlining findings, identifying, and explaining potential risks, and recommending solutions.
• Reviews of financial data and other information related to business operations.
• Gathers and compiles data related to risk from internal and external resources.
• Identifies potential risks by analyzing data, observing process, and talking to staff.
• Selects or develops and implements appropriate risk assessment models or methodologies.
• Develops and implements contingency plans to manage business interruptions, volatile market
events, and other emergencies.
• Devise scenario analysis reflection of possible severe market events
• Conduct statistical analyses to quantify risk using statistical analysis software or econometric models.
• Ensure and/or facilitate adequate communication concerning key risks.
• Drafts and/or evaluates risk disclosures and similar documentation.
• Maintains knowledge of existing and developing laws and regulations related to the organizations industry; assesses and explains how new requirements may affect the organization in terms of risk exposure.
• Reviews of any new major contracts or internal business proposals.
• Build risk awareness amongst staff by providing support and training within the company.
• To assist the Head of Risk in developing & updating standard instructional documents/procedures for the departments and ensure effective discharge of department’s functions.
• Assist Head of Risk in developing, organizing, and following document control mechanisms for the ERM.
• Develop training/ workshop material and workshops across the organization on various topics relevant for risk assessment and BCM.
• Advising Top and senior managers on policy strategies for reducing liability and preventing losses.
• Promoting enterprise-level risk management practices and helping instill strong culture focused on protective policies and procedures.
• Developing, deploying and enhancing procedures to reduce institution's exposure to fraud.
• Following up on all subject related follow-up on topics related to the National Emergency, Crisis and Disaster Authority
• Establish the Risk Appetite and Risk Tolerance framework, including setting KRI thresholds for high and critical risks to support proactive risk monitoring and escalation.

Scope of Work
Analyze and manage risk management issues by identifying, measuring, and making decisions on operational or enterprise risks for an organization. In addition to developing contingency plans to deal with emergencies.
Role:
• Formulating & implementing long-term & short-term objectives/ policies, detailed procedures, framework of Risk Management
function
• Drafts and delivers reports and presentations outlining findings, identifying, and explaining potential risks, and recommending
solutions
• Reviews financial data and other information related to business operations
• Gathers and compiles data related to risk from internal and external resources
• Identifies potential risks by analyzing data, observing process, and talking to staff
• Selects or develops and implements appropriate risk assessment models or methodologies
• Develops and implements contingency plans to manage business interruptions, volatile market
events, and other emergencies
• Devise scenario analysis reflection possible severe market events
• Conduct statistical analyses to quantify risk using statistical analysis software or econometric models
• Ensures and/or facilitates adequate communication concerning key risks
• Drafts and/or evaluates risk disclosures and similar documentation
• Maintains knowledge of existing and developing laws and regulations related to the organizations industry; assesses and explains
how new requirements may affect the organization in terms of risk exposure
• Reviews any new major contracts or internal business proposals
• Builds risk awareness amongst staff by providing support and training within the company
• To assist the Department Manager in developing & updating standard instructional documents/procedures for the departments
and ensure effective discharge of department’s functions
• Assist Department Manager in developing, organizing, and following document control mechanisms for the ERM
• Develop training/ workshop material and workshops across the organization on various topics relevant for risk assessment and
BCM
• Advising senior managers on policy strategies for reducing liability and preventing losses
• Promoting enterprise-level risk management practices and helped instill strong culture focused on protective policies and
procedures
• Developing, deploying and enhancing procedures to reduce institutions exposure to fraud
• Following up on all subject related follow-up on topics related to the National Emergency, Crisis and Disaster Authority
• Working to implementing the GRCs governance system in the company
• Creates business continuity plans to limit risks

Formulating & implementing long-term & short-term objectives/ policies, detailed procedures, framework of Risk Management
function
• Assisting Emirates Transport to achieve all the mitigation plans of the first top twenty risks and reduce the significance of top risks
• Analyzing feasibility studies and relevant documents of new business lines and new projects, and then providing related
recommendations to improve the controls
• Maintaining Risk Process, identifying risk, evaluating, analyzing, reviewing acceptable level, identifying risk response &
implementation and facilitation of the Enterprise Risk Management processes and infrastructure as a key enabler to achieving the
strategic objectives of the organization
• Ensuring that all risk managements polices & Procedures are in line with the ISO 31000 Risk Management System
• Working as Risk Manager in absence of Risk Manager
• Designing follow-up report with the respective departments and update the risk register accordingly
• Analyzing the results & data on the main risk indicators of all financial statements receiving from the Department of Finance
• Studying the risks associated with new project studies & associated risk analysis and developing risk management plans to mitigate
them
• Participating in the establishment of a report on the new operational risks arising from the work environment and the analysis of
all inputs and risks resulting from the conditions of the work environment
• Formulating reports to compare the rise or fall in risk outcomes based on the effectiveness of treatment plans and analyses risk
outcomes through a report to senior management
• Developing detailed reports in which risks are analyzed based on similar periods of the previous year and a review of the reasons
that led to it, and plans are developed to address these reasons
• Preparing reports of any emerging risks so that the reasons are analyzed, and plans are developed to avoid risk or mitigate the risk-
related impact after an analytical risk study is carried out
• Working with GRCs governance system
• Following up on all subject related follow-up on topics related to the National Emergency, Crisis and Disaster Authority
• Encouraging stakeholders to approach assessments analytically and offer unique insights to bring new understanding to risk
management programs
• Educating employees how to control risks at front line, including how to interpret and apply sound policies
• Investigating allegations to check validity and recommend actions to minimize risk
• Completing statistical reviews to uncover trends, patterns and variations
• Advising senior managers on policy strategies for reducing liability and preventing losses
• Promoting enterprise-level risk management practices and helped instill strong culture focused on protective policies and
procedures
• Developing, deploying and enhancing procedures to reduce institutions exposure to fraud

Role:
• Analyzed the risk and followed the financial risk and client-related risk analysis
• Gathered the corporate risk register and facilitated workshops to evaluate Residual Risk after analyzing the risks associated with
the customer and their impact on financial profitability
• Conducted risk analysis based on the inputs from the business & document mitigation strategies associated with each risk provided
• Ensured to follow up on the classification of the customer in the Central Bank and followed up any observations raised by the other
banks to be used as one of the inputs in analyzing and assessed the financial risk of the client
• Estimated the financial liabilities of the customer at all banks in relation to the cash flows and analyze the customers ability to meet
the financial obligations
• Arranged the customers account to high, medium, low risk after analyzing all the data, inputs and financial balance of the client to
make the appropriate decision regarding the customers obligations with the bank
• Shared the non-responding customer accounts to the field visits department to inspect the customers work site. The results of the
field visit are used as one of the inputs in the risk analysis
• Monitored, followed-up and escalated cases to meet customer response commitments
• Reviewed and analyzed client support usage and formulated recommendations in collaboration with Risk management teams
• Compiled database of loan applicants credit histories, corporate financial statements and other financial information
• Reviewed and edited loan agreements to promote efficiency and accuracy

Role:
• Functioned on FC system and OBIEE report and all reports issued by OBIEE report
• Reported the risks of working procedures and its conformity with the decisions and actions and give birth to extreme risks
orientation or report
• Monitored risk of daily operational vouchers received from bank branches and departments against computer reports received
from ISD
• Exanimated operational risk of non-financial transactions, so called Easy Data, such as New Accounts Data and changes of Accounts
status
• Ensured checking and approval of interest Rates also Checking of Foreign Currency Rates
• Verified new ATM & Credit information and modifications
• Checked ATM rolls upon request from Related Branch or Card Dept.
• Monitored and adjusting of financial differences such as:
o Audit Trial, (Single Sided Entries)
o Assurance of incoming and outgoing Transfer Accounts Clearance and written the point of risk review of income reversals and
Expense increase forms
o Checking of All Out Going Payments either related to, Expense invoice, such as telephone bills, stationary, Electricity bills, Staff
Training, Invoices, Donations and Petty cash expenses or Contract instalment payments such as insurance or Maintenance
o Checking of Staff medical Expenses, i.e. Doctors, Pharmacies, Hospitals and Medical Labs
o Checking of limit maintenance report against documents received from risk management dept.
• Reset all intermediate accounts (Suspense account) after launching the OBIEE system