Total years of experience :16 years, 7 Months
Working in Risk Associates as Manager IT Governance, Risk & Compliance, Karachi Pakistan
Conduct & finalize IT Internal and External audit engagements including core business application controls review, IT General Controls, Entity level controls program - IT Portion, network & database review, financial audit queries with respect to information system controls;
•Manage and participate in business development activities including Proposal writing, scope determining, project planning and budgeting etc.
Worked in Al Mobarak CPA & Financial Consulting as Senior IT & Financial Auditor, Al Khobar, KSA
Conduct & finalize IT Internal audit engagements including core business application controls review, IT General Controls, Entity level controls program - IT Portion, network/ database review, financial audit queries of information system controls;
•Preparation of customized audit programs and checklist;
•Perform ratio, variance and trend data analysis of financial statements, bank payments and GL transactions and to identify irregularities or unusual entries;
•Perform detail audit & analytical reviews of Purchases, Sales, Inventory, HR, Insurance and Payroll processes with the help of data analysis;
•Vouching of invoices, payments and customer receipts based on selected data analysis;
•Review company's policies & procedures, code of conduct, contract & SLA and check their compliance and implementation.
•Assist audit manager in evaluation of financial & operational audit evidences, compilation of audit results/ research work
•Preparation of internal audit report and participation in client management meetings.
Responsible for reporting to the Information Risk Management (IRM) Manager and Director.
•Lead and conduct IRM external audit reviews of statutory/ interim audits of multinational, local companies and banks.
•Perform special type of engagements such as Agreed upon Procedures (AUP), data migration and transaction settlement review in Oracle financials.
•Review of internal controls, appraising management of significant weaknesses identified and make recommendation to follow best practices;
•Review of Business Processes and underlying system controls;
•Review integration controls btw systems and review system change management procedure and its implementation process;
•Assist to Manager in IRM Audit Support planning and team allocation;
•Meetings with client management for audit findings and finalization of audit report.
•Training and guidance to new audit trainees.
Trainings/Workshops
•Attended IDEAS software, Computer Assisted Audit Tools (CAAT) integrated with KPMG Audit Methodology.
•Attended workshop on Risk Based IS Audit Approach conducted by ISACA Karachi Chapter.
•Attended CSX Cyber Security (ISACA), ITIL, COBIT Foundation, COBIT Assessor, PRINCE2 Foundation and CCNA (routing and switching) training courses.
•Attended two (2) months CISA & CISSP training courses.
•Attended ISO 27001: 2013 ISMS Lead Auditor training conducted by SGS Pakistan.
Major courses comprise on the following: - Information Security - Database Management System - Knowledge Management System
