Gustav Mphusu
Chief Information Security Officer at BANK OF AFRICA TANZANIA LIMITED- Claim this Profile
Click to upgrade to our gold package
for the full feature experience.
Topline Score
Bio
0
/5.0 / Based on 0 ratingsFilter reviews by:
Experience
-
BANK OF AFRICA TANZANIA LIMITED
-
Tanzania
-
Banking
-
200 - 300 Employee
-
Chief Information Security Officer
-
Mar 2022 - Present
Tanzania
-
-
-
-
Head of Technology Risk, Compliance and Information Risk Management
-
Feb 2020 - Mar 2022
Dar Es Salaam, Tanzania
-
-
-
-
Head of Technology Risk, Compliance and Information Risk Management
-
Aug 2017 - Feb 2020
-
-
Assistant Vice President - IT Risk and Compliance
-
Apr 2013 - Feb 2020
Tanzania Accountable: IT Risk Monitoring & Compliance AND People Management • Managing and reporting for all IT Governance and technology Risk initiatives both in-country and from regional office. • Fronting and managing all IT Audits end-to-end. • Ensuring closure of all audit observations within agreed timelines. • Perform and manage Risk control assessment and control testing to evidence if all the controls are audit proof and evidenced. • Drafting, enhancing and implementing policies,… Show more Accountable: IT Risk Monitoring & Compliance AND People Management • Managing and reporting for all IT Governance and technology Risk initiatives both in-country and from regional office. • Fronting and managing all IT Audits end-to-end. • Ensuring closure of all audit observations within agreed timelines. • Perform and manage Risk control assessment and control testing to evidence if all the controls are audit proof and evidenced. • Drafting, enhancing and implementing policies, processes and information security framework across the enterprise. • Periodic review of all controls as per defined Technology Key Risk policy, standards and guidelines. Managing all Risk assessments and providing top management an impartial and independent view of Technology Risk. • Adhere to and understand own responsibilities in terms of all compliance requirements and call for the area's Compliance Officer to conduct briefing sessions if gaps are identified • Spot test and snap testing of control adherence and process embedding. • Work with operational risk consultants and other risk champions during the scoping of policies/initiatives/projects/plans to ensure fair coverage, protection of the bank’s reputation and income and the overall sustainability of the bank. • Identity and Access Management • Oversee the activities of the change delivery team to ensure effective delivery of related support and project services to the business • Interview and recruit new members of the team, including determining appropriate compensation levels with input from Human Resources. • Determine and analyse development needs for the team and ensure that identified training requirements are budgeted for and executed. • Resolve grievances that are raised by team members and escalate only if required.
-
-
-
Barclays
-
India
-
Outsourcing/Offshoring
-
1 - 100 Employee
-
IT RISK AND GOVERNANCE MANAGER
-
Nov 2009 - Apr 2012
Responsible for ensuring the specific IT Security controls and solutions are applied and comply with the GRB/Group Information security policies and consequently meet the business requirements and safeguard the banks reputation. IT Security Risk Assessments and Monitoring, Logical Access management, Vulnerability and Threat Management. Network Security Management, IT Security Incident Management, Data Privacy Monitoring, conducting IT Security user awareness program and IT Security snap… Show more Responsible for ensuring the specific IT Security controls and solutions are applied and comply with the GRB/Group Information security policies and consequently meet the business requirements and safeguard the banks reputation. IT Security Risk Assessments and Monitoring, Logical Access management, Vulnerability and Threat Management. Network Security Management, IT Security Incident Management, Data Privacy Monitoring, conducting IT Security user awareness program and IT Security snap checks. Fronting and Managing all internal and external IT Audits end-to-end. IT Security Incident handling. Managing and reporting for all IT Governance and technology Risk initiatives in country.
-
-
IT Risk and Governance Manager
-
Oct 2009 - Apr 2012
• Managing and reporting for all IT Governance and technology Risk initiatives both in-country and from the centre. • Fronting and managing all IT Audits end-to-end. • Ensuring closure of all audit observations within agreed timelines. • Creation of All Operating procedures, Standard Operating procedures, Creation and updating of all process and procedure documentation and aligning them to Barclays GRCB T Baseline controls. • Own and manage version control of all documentation for… Show more • Managing and reporting for all IT Governance and technology Risk initiatives both in-country and from the centre. • Fronting and managing all IT Audits end-to-end. • Ensuring closure of all audit observations within agreed timelines. • Creation of All Operating procedures, Standard Operating procedures, Creation and updating of all process and procedure documentation and aligning them to Barclays GRCB T Baseline controls. • Own and manage version control of all documentation for IT. Ensuring that all versions are current and version history maintained. • Ensuring compliance to all CIBULS/ CIGLS and CIELS standards including timelines. • Score carding and assessment of controls maturity compliance and creation of gap analysis documents for aligning the processes periodically as per Governance calendar. • Vulnerability assessment/ Pen-test management end-to-end. • Identity and Access Management • Information Security Auditing • Perform and manage Risk control assessment and control testing to evidence if all the controls are audit proof and evidenced. • Incident Handling • Drafting, enhancing and implementing policies, processes and information security framework across the enterprise. • Testing and recommending/implementing improvements in information security for various information systems. • Creation, managing and owning of Governance calendar for all periodic reviews. • Periodic review of all controls as per defined Barclays Global standards and guidelines. • Spot test and snap testing of control adherence and process embedding. • Overall responsible for managing all Risk assessments and providing top management an impartial and independent view of Technology Risk in the enterprise. • Owning and managing all third party and vendor risk management issues and ensuring compliance to Barclay’s standards. •Owning and managing relationship with all global stakeholders and attending all Risk meetings and closing actionable within timelines.
-
-
-
-
IT HELPDESK ANALYST
-
Dec 2007 - Nov 2009
Overseeing and scheduling of daily IT Administrators' duties. Act as a first contact point between the business and/ or other technological partners (local and international) and the IT department at the bank. Receive and Distribute different financial and non financial reports from the processing centre (BCP.) Microsoft Exchange Server Administration. Microsoft Windows 200/2003 Administration. Blackberry Enterprise Server Management. End user support and training. Ensuring… Show more Overseeing and scheduling of daily IT Administrators' duties. Act as a first contact point between the business and/ or other technological partners (local and international) and the IT department at the bank. Receive and Distribute different financial and non financial reports from the processing centre (BCP.) Microsoft Exchange Server Administration. Microsoft Windows 200/2003 Administration. Blackberry Enterprise Server Management. End user support and training. Ensuring all incoming IT queries are logged and updated on the ARS (Action Request System) tool to keep track of the queries and ensuring that they are met in time and with the desired results. To own and follow up resolution to all queries and ensure that they are resolved within prescribed SLA (Service Level Agreement) time. To ensure that the IT service Level Deliverance is at the highest degree as per the Banks standards Show less
-
-
-
Tanzania Global Development Learning Centre
-
Professional Training and Coaching
-
1 - 100 Employee
-
IT TECHNICAL SUPPORT ANALYST
-
Oct 2006 - Feb 2007
Database administration Video Conferencing Technical support.
-
-
Education
-
ISACA
Certified Information Systems Auditor (CISA) -
Coventry University
MBA, MBA in IT Management -
Coventry University
MBA, IT Management -
Mzumbe University
Bachelor of Science; Bsc ICTM, Information and Communication Technology -
Chuo Kikuu Mzumbe
Bsc ICTM, ICT and Management -
Lenana School