Khalid Waheed

Head of IT Audit at Alawwal Bank
  • Claim this Profile
Contact Information
us****@****om
(386) 825-5501
Location
SA
Languages
  • Urdu -
  • English Full professional proficiency

Topline Score

Topline score feature will be out soon.

Bio

Generated by
Topline AI

You need to have a working account to view this content.
Join now
You need to have a working account to view this content.
Join now

Credentials

  • CISA
    ISACA

Experience

  • Alawwal Bank
    • Saudi Arabia
    • Banking
    • 1 - 100 Employee
    • Head of IT Audit
      • Mar 2012 - Present

      Main responsibilities are: - Performing IT risk assessment across the Bank processes, systems and applications - Preparing annual IT audit plan - Audit scope and objectives are risk-focused; - Observations and work done are well-traceable to documents, facts and analysis, - Risk statements are measurable as much as possible; - Recommendations are actionable; - Execute allocated audits in line with the schedule, agreed at the time of announcement - Audit files and work-papers are organized - Work program addresses key risks and controls and its corresponding test procedures. - Preparing quarterly reports for Audit Committee - Providing input for Operation Risk Assessment before launching any new product Further, some of below audits were performed: - Gap report based on Cobit Maturity Assessment Model - Data center - IT Infrastructure - ATM switch - Net banking - Information security monitoring and vulnerability assessment - IT Disaster Recovery Planning - System Development Life Cycle

  • Petro Rabigh
    • Saudi Arabia
    • Oil and Gas
    • 700 & Above Employee
    • Internal Auditor
      • Jan 2011 - Feb 2012

      The present employer, Petro Rabigh is one of the world’s largest integrated refining and petrochemical complex and owned jointly by Saudi Aramco and Japan’s Sumitomo Chemical. The company is an extension of Saudi Aramco’s oil refining operations in Rabigh and represents the single largest investment by the company in the Kingdom of Saudi Arabia. Some of the following audits were performed during my stay in this organization: • SAP Purchase to Pay Process • SAP Basis • SAP Human Resources

  • Bank AL Habib Limited
    • Pakistan
    • Banking
    • 700 & Above Employee
    • Head of Information Security Department
      • Jul 2005 - Dec 2010

      I worked as Head of Information Security Department and performed the duty as Chief Information Security Officer (CISO) for the Bank and a member of Bank’s IT Steering Committee. I was responsible for the following tasks; - Overall planning & implementation of Information System Security and supervising user management security in all applications running bank wide, - Supervising Risk Based Business Process Security Reviews (prepared in the light of international standards and best practices) for the Bank, and presenting the report to Executive Management. I have been involved in performing reviews and assignments for the Bank on the following areas, • Centralized User Access management • IT General Controls over IT Department • Credit Card (MasterCard) – AFS Bahrain • Internet Banking and Fund Transfer over ATM / Net Banking • ATM Card Production • Networks • Re-engineering Procedure for Securing Backup Data • Oracle Financial (Procurement, Inventory, Payable, GL) • Review and Re-Engineering of Human, Resource and Payroll for the entire Bank. • AL Habib Capital Market Ltd. (Subsidiary company of Bank Al Habib Limited) • Centralized time and calendar basis biometric entrance system

  • EY
    • United Kingdom
    • IT Services and IT Consulting
    • 700 & Above Employee
    • Manager - Technology & Security Risk Services
      • 2000 - 2007

      performed IT risk assessment and IT audits on various clients wihtin Pakistan and in Saudi Arabia which includes Banks and other financial institution. performed IT risk assessment and IT audits on various clients wihtin Pakistan and in Saudi Arabia which includes Banks and other financial institution.

Education

  • CISA - Information Systems Audit and Control Association, USA
    Certified Information Systems Auditor, Systems Audit
    2010 - 2010
  • I-Total Security Consulting
    Certified ISO 27001 Information Security Management System, Information Security Management
    2006 - 2006
  • The Business Continuity Institute
    Business Continuity Course, BCP and DRP
    2006 - 2006
  • Karachi University
    Master of Arts (Economics), Economics
    1996 - 1998
  • Karachi University
    Bachelor of Commerce (B.Com.), Accounting and Finance
    1994 - 1996
  • New Institute of Data Processing
    Two Years Diploma in Computer Science, Computer Science
    1994 - 1996

Community

You need to have a working account to view this content. Click here to join now