ASHRAF AL KHAIAT, MBA, CGEIT, CISA
Dubai, United Arab Emirates ½ +971 (55) 966 5446½ [email protected]
IT Audit Manager – IT Governance professional
Highly motivated and result oriented Business and Technology Professional with 10+ years of experience in IT audit, risk, assurance, governance, information security and banking operations. IT Audit Manager with diversified technical skills in IT, operational, compliance, due-diligence, and process improvements within top performing organisations. Specific expertise in audit team management, audit risk and strategy, audit budgeting, special projects, writing audit programs and reports, as well as developing findings and communicating with clients to develop action plans. Proven track record mentoring and training audit staff, identifying controls and risk, and reviewing complex business processes. Demonstrate ability to succeed in positions of increasing responsibility; exceptional project management abilities with excellent organisational and writing skills.
Areas of Expertise
DUBAI AIRPORTS 03/2016 – Present
Head of Systems Assurance
Effectively manage internal technology, systems assurance and audit in Dubai Airports. Deliver expertise and guidance on regulatory requirements related to IT, Cyber Security and engineering services.
Analyse and implement strategies to minimise IT risk and combine with corporate risk management and business continuity function to deliver a comprehensive corporate resilience services.
Interconnect with government and external audit to achieve value added assurance services; approve world-wide assurance & risk management standards and lead practices for ISO 27001 information security, ISO 31000 risk management, ISO 22301 business continuity and Dubai government information security regulations.
DUBAI AVIATION CITY CORPORATION 08/2012 – 01/2016
IT Audit Manager
Spearheaded IT audit function, formulated the IT audit function’s strategy and road map and expertly delivered IT audit & assurance services for multiple major government entities.
Instigated IT audit methodology, efficiently developed IT audit plans and delivered IT audits, risk assessments, as well as advisory services for all entities in scope. Headed IT Audit team of UAE nationals and presented continuous advisory to group management, about the technology and risk.
Expertly implemented 2 major systems (TeamMate & ACL).
ARAB BANK GROUP 10/2010 – 07/2012
Senior IT Auditor
Led IT internal audit and assessed compliance with industry requirements; implemented world-wide auditing standards and leading practices such as COBIT, ITIL, ISO2700K, ISO31000, BCI/DRII, ISO22301, PCI DSS
HSBC BANK MIDDLE EAST JORDAN 08/2005 – 10/2010
IT Security & Infrastructure Officer (08/2007 – 10/2010)
Effectively supervised all facets of business continuity, as well as information security & risk management and organised business impact analysis, disaster recovery, and business continuity plans, programs, and testing.
Skilfully provided daily operations of enterprise security consulting, in the area of information asset management, risk and vulnerability management, audit and compliance, security awareness and training.
Senior IT Support/System Administration Associate (06/2006 – 07/2007)
Successfully controlled all facets of IT operations, disaster recovery, and information security, core banking systems and data centre operations and facilitated in analysing software updates as well as management directives.
Banking Operations Clerk (08/2005 – 05/2006)
Proficiently directed outward remittance transfers processing and analysed credit or loans in an efficient manner.
Education & Certifications
Master in Business Administration, University of Wollongong, Dubai, 2016
Bachelor in Computer Science, Al – Zaytoonah University of Jordan, 2005
CISA, Certified Information Systems Auditor
CGEIT, Certified in the Governance of Enterprise IT
CCNA, Cisco Certified Network Associate | CompTIA Security+
The Information Systems Audit and Control Association (ISACA)
The Institute of Internal Auditors (IIA)
Jordan Computer Society
Arabic & English
Governance of enterprise IT
Disaster Recovery Planning
Security Audits/ Awareness
IT Project Management
IT Audit Management
IT Risk Assessment
Information Security Management
System & Application Management
Training & Development