Professional Documents
Culture Documents
CISA, CIA, CISM, CHFI, CEH, ISO-22301, ISO-27001, COBIT, SABSA, TOGAF, ITIL, CCNP, MCSE,
Profile Summary:
Highly motivated and results-oriented BWise (SAI360) Consultant with 23+ years of experience in Governance, Risk, and
Compliance (GRC) implementations. Proven ability to support enterprise applications, including BWise (SAI360), Archer,
and ServiceNow, for seamless upgrades, efficient incident resolution, and robust eGRC systems. Master Level Studies in
Risk Management from University of Oxford and Certified professional with CISA, CIA, and ISO 9000:2000 qualifications,
demonstrating a strong commitment to business & technology Governance, Risk Assessment and Management,
Regulatory Compliance and Quality management. Proven ability to design and implement solutions for GRC platforms,
ensuring alignment with business needs and regulatory requirements. Strong track record of developing user stories and
conducting user testing for GRC platforms, fostering user adoption and satisfaction. Adept at knowledge transfer, with
experience in training and supporting teams on new technologies like BWise(SAI360) eGRC
ACHIEVEMENTS
Reduced Downtime: Successfully implemented BWise (SAI360) upgrades with thorough regression testing,
resulting in a 20% reduction in post-upgrade downtime for enterprise applications.
Improved Incident Resolution: Leveraged expertise in Archer, BWise (SAI360), and ServiceNow to troubleshoot
and resolve incidents within enterprise applications, achieving an average 30% decrease in incident resolution
time.
Enhanced Collaboration: Designed and implemented efficient SharePoint sites for eGRC purposes, leading to
a 15% increase in team collaboration measured by document sharing and communication metrics.
Maintained System Uptime: Proactive maintenance and swift incident resolution efforts maintained a 99.5%
uptime for critical GRC applications
PROFESSIONAL SKILLS:
GRC Tools Exposure: BWISE(SAI360), Archer GRC, Lockheed Martin Agility GRC, MetricStream, IBM Security
Guardium, Onspring, ProcessUnity GRC, VirtusaPolaris GRC, Auditor, OneTrust GRC
BWise GRC Experience (15+ years):
Led the implementation of BWise GRC's RCSA program for a multinational corporation, resulting in
a 25% reduction in identified high-risk areas within the first year.
Utilized BWise GRC to streamline risk assessments for a large organization, achieving a 30%
improvement in assessment completion time.
Strong SQL Experience:
Developed and implemented complex SQL queries to extract and analyze risk data from BWise GRC,
enabling data-driven risk management decisions.
BWise One UI Expertise:
Designed and conducted 100+ One Assessments within BWise One UI, effectively identifying and
mitigating operational risks for a leading manufacturer.
Created and implemented standardized Function Libraries in BWise One UI, leading to a 20% increase
in efficiency for risk control assignment across the organization. (
Strong Communication:
Successfully facilitated cross-functional workshops on BWise GRC for business and IT teams, resulting in
a 90% user satisfaction rate with the platform rollout.
Developed clear and concise user guides for BWise One UI, contributing to a 15% decrease in support
tickets related to platform usage.
ETL Experience (Pentaho):
Leveraged Pentaho to build efficient data pipelines for migrating risk data to BWise GRC, ensuring a
smooth and accurate data transition.
Led BWise (SAI360) implementation projects, customizing the platform for specific risk management and
compliance needs within the power and utility sector.
Partnered with IT and business teams to ensure successful integration of BWise (SAI360) with existing enterprise
systems.
Played a key role in the successful implementation of BWise (SAI360) for managing compliance obligations
across the LNG facility.
Provided ongoing support for BWise (SAI360) users, resolving technical issues and ensuring efficient platform
utilization.
Collaborated with cross-functional teams (engineering, operations) to ensure adherence to safety regulations
and environmental permits.
Deepened expertise in GRC specifically for the LNG industry.
Led the implementation and ongoing management of BWise (SAI360) for the LNG facility, ensuring compliance
with safety regulations and environmental permits.
Conducted regular risk assessments and audits to identify and address potential hazards within the LNG
processing operations.
Improved incident reporting efficiency by 50% through BWise (SAI360) implementation.
Supported the implementation and maintenance of a GRC platform for managing environmental
regulations and safety protocols.
Conducted risk assessments and developed mitigation plans to minimize operational risks.
Utilized data analysis tools to identify trends and patterns in incident reports, leading to a 20%
reduction in recurring safety incidents.
Led and managed complex GRC initiatives for clients, providing strategic guidance and expertise in
governance, risk, and compliance.
Conducted comprehensive assessments of clients' existing GRC frameworks, identifying areas for
improvement and recommending tailored solutions.
Developed and implemented robust risk management strategies, frameworks, and processes to
mitigate risks and ensure regulatory compliance.
Advised clients on establishing effective governance structures, policies, and procedures aligned with
industry best practices.
Conducted compliance audits and reviews, assessing adherence to relevant regulations, standards, and
internal policies.
Collaborated with cross-functional teams to design and deliver customized GRC solutions, meeting
clients' specific requirements.
Created high-quality deliverables, including reports, presentations, policies, and procedures, ensuring
excellence in content and design.
Maintained strong client relationships, providing ongoing support and guidance to drive long-term GRC
success.
2006 TO2008-SR. IT CONSULTANT (NETWORK/SECURITY/BCP) MOHSIN HAIDER DARWISH LLC, SULTANATE
OF OMAN.
Led and successfully delivered diverse projects, ensuring adherence to timelines, budgets, and quality standards.
Developed project plans, defined deliverables, and established milestones to guide project execution.
Led cross-functional project teams, fostering collaboration and effective communication.
Conducted comprehensive risk assessments, implementing strategies to mitigate project risks and ensure
successful outcomes.
Monitored project progress, identified deviations, and implemented corrective actions to maintain project
trajectory.
Prepared and presented project updates to stakeholders, ensuring transparency and alignment.
Managed project budgets, tracked expenses, and optimized resource allocation for maximum efficiency.
Implemented project management best practices and methodologies to drive consistent project success.
EDUCATION &TRAINING
MASTER OF SCIENCE - INFORMATION TECHNOLOGY.
BACHELOR OF SCIENCE -INFORMATION TECHNOLOGY.
HIGHER NATIONAL DIPLOMA IN SOFTWARE ENGINEERING.
MASTER LEVEL STUDIES ON “RISK MANAGEMENT” FROM OXFORD UNIVERSITY
MASTER LEVEL STUDIES ON “STRATEGIC MANAGEMENT” FROM IIM BANAGALORE.
CERTIFICATION& TRAINING
Certified Information System Auditor( CISA)
ISO9000:2000 Certified Internal Quality Auditor(CIA)
Certified Computer Hacking Forensic Investigator (CHFI)v8
Certified Information System Security Manager(CISM)
Information Technology Infrastructure Library (ITIL) v3.
TOGAF 9.2 Certified Enterprise Architecture Governance Expert
Advanced Training on Strategy &Performance Management/ Balanced Scorecards Solution
Deployment.