IMTEYAZ AHMAD

CISA, CIA, CISM, CHFI, CEH, ISO-22301, ISO-27001, COBIT, SABSA, TOGAF, ITIL, CCNP, MCSE,

Plot 105, Sangam Nagar, Ring Road, Nagpur -440013

Cell: /WhatsApp+91-8600038911/7208835363
Email:imteyazahmad05@gmail.com Skype: imteyazbabu
Passport Validity: 2029
Profile Summary:
Dedicated and highly experienced IT Audits Leader with a remarkable track record in leading and supervising IT audit
teams in the dynamic and Diverse Industries. Seeking to leverage my extensive background in IT auditing, risk
assessment, and leadership to contribute to the success of Client’s Internal Audit Department, driving business
growth and operational excellence.
As a CISA, CIA Certified IT Auditor with over 23+ years of experience, I bring a wealth of expertise to organizations,
aiding them in accomplishing their objectives by implementing a systematic and disciplined approach to evaluate and
enhance the effectiveness of risk management, control, and governance processes. I specialize in proactively initiating
preventive measures alongside a detective/reactive approach to ensure effective risk management and control. I am
highly skilled in managing a diverse range of stakeholders, including business leaders, external regulators, and
auditing agencies, addressing their needs effectively in internal audit matters.
I excel in managing a diverse range of stakeholders, including business leaders, external regulators, and auditing
agencies, addressing their needs effectively in internal audit matters. My strong leadership and communication skills
enable me to articulate technical findings to non-technical stakeholders, facilitating successful results. I have a proven
ability to navigate complex IT issues and effectively oversee audit projects, budgets, and timelines, ensuring optimal
outcomes.

AREAS OF EXPERTISE
 IT audit and its Automation.  Information security  Leadership and Team
Management
 Risk assessment & management  Data privacy
 Communication and presentation
 Compliance management  Project management
skills
 IT governance  Stakeholder Engagement
 Audit management software
 ISO/GSO/NIST/ISA-IEC/OGPME
 Control Evaluation and
ictQATAR/CRA/MOTC regulations  Data analysis tools and
Improvement
and standards. techniques

ACHIEVEMENTS
Cost Reduction and Efficiency:
 Streamlined IT audit processes, reducing the annual IT audit budget by 15% while maintaining or improving the quality of
audits.
 Improved audit cycle times, resulting in a 25% reduction in operational downtime and production losses, saving the
company $1.2 million annually.
 Identified and mitigated IT security vulnerabilities, leading to a 30% decrease in security breach incidents and saving the
company $1.5 million in potential damages.

Compliance Achievements:
 Ensured 100% compliance with industry-specific regulations, such as API/GSO/ISO/OGPME standards, and international
standards like ISO 27001, preventing regulatory fines and penalties.
 Led the successful completion of a major regulatory audit with zero non-compliance findings, demonstrating the company's
commitment to industry standards.
  Successfully led the IT audit team to achieve a 100% compliance rate with international standards such as ISO 27001,
ISA/IEC 62443 and NIST, ensuring the company's adherence to industry-specific regulations.
 Developed and executed an audit plan that resulted in a 95% compliance rate with regulatory requirements, reducing non-
compliance fines by $300,000.

Risk Mitigation:

 Implemented a proactive risk assessment process that reduced high-priority IT-related risks by 25% over the course of one
year, enhancing the company's overall risk posture.
 Implemented a comprehensive risk assessment program that reduced high-priority IT-related risks by 30%, enhancing the
company's overall risk management strategy.
 Proactively identified and mitigated vulnerabilities in critical IT systems, resulting in a 40% reduction in cybersecurity
incidents and minimizing potential financial losses.
 Conducted a comprehensive audit of critical IT systems, reducing system downtime by 15% and minimizing business
interruptions, resulting in annual cost savings of $1 million.

Audit Team Performance:

 Mentored and developed a high-performing IT audit team that consistently met or exceeded audit quality benchmarks,
achieving a 98% audit completion rate and 100% report submission rate.
 Increased the number of audits conducted by 20% year-over-year by optimizing the audit team's productivity, contributing
to improved overall compliance.
 Improved team productivity by implementing advanced data analytics tools, resulting in a 30% reduction in audit man-
hours and a 15% increase in the number of audits conducted.
 Implemented a comprehensive training program for the IT audit team, resulting in a 20% increase in professional
certifications and skills development among team members.

Project Management:
 Successfully managed complex IT audit projects with budgets exceeding $2 million, consistently delivering projects on time
and within budget, meeting stakeholder expectations.
 Achieved a 95% on-time completion rate for IT audit projects, ensuring minimal disruption to critical operational activities.
 Achieved a 98% on-time completion rate for all IT audit projects, enhancing the department's reputation for reliability and
efficiency.

Crisis Response:
 Orchestrated the company's response to a major IT security incident, minimizing potential data loss and reducing downtime
to just six hours, saving an estimated $3 million in potential losses.
Technology Integration:
 Led the integration of advanced technology solutions for IT auditing, resulting in a 30% reduction in audit man-hours and a
20% improvement in audit data accuracy.
Energy Efficiency and Environmental Responsibility:
 Collaborated with cross-functional teams to identify and implement IT solutions that reduced energy consumption by 15%,
aligning with the company's sustainability goals and contributing to cost savings.

LEADERSHIP CAREER HISTORY:

 2021 TO PRESENT– HEAD/PRINCIPAL IT AUDIT CONSULTANT -TECHANVIOUS SOLUTIONS PVT LTD.
 Led and managed a team of IT auditors to plan and execute IT audits, including risk assessments, control
evaluations, and compliance reviews.
 Developed and maintained the IT audit strategy, ensuring alignment with the organization's objectives and
industry best practices.
 Conducted in-depth reviews of IT systems, applications, and infrastructure to identify vulnerabilities,
weaknesses, and areas for improvement.
 Collaborated with cross-functional teams to establish and implement risk mitigation strategies and internal
control improvements.
  Ensured compliance with relevant industry standards and regulations, such as FIFA CSF 2022, MOTC/QCERT-
NICSSS & NIA, ISO 27001, NIST, ISA-62443 and GDPR, through comprehensive audits and assessments.
 Produced detailed audit reports with findings and recommendations, and communicated results to senior
management and key stakeholders.
 Monitored and tracked the resolution of audit findings, ensuring timely corrective actions were taken.
 Managed audit project timelines and budgets effectively, optimizing resources for maximum efficiency.
 Stayed current with emerging technologies and industry trends to enhance audit methodologies and tools.
 Managed audit projects, budgets, and timelines effectively, delivering results within set deadlines.
 Utilized data analysis tools and techniques to extract insights from audit data, improving audit efficiency and
effectiveness.
 Collaborated with various departments and external partners to ensure audit findings are addressed
appropriately and provide valuable recommendations.
 Adapt to evolving IT environments, lead the audit function through technological transformations, and respond
to IT-related crises and incidents.
 Fostered innovation and excellence within the IT audit team while upholding the highest standards of
sustainability and environmental responsibility.
 Maintained a strong focus on health and safety in line with client's policies and corporate values.

 2018 TO 2020 – CONSULTANT- IT PLANNING &GOVERNANCE, QATARGAS OPERATING COMPANY LTD.ON PAYROLL
OF ABATS LLC.

 Led and supervised the planning and execution of IT audits in accordance with International Auditing Standards,
ensuring the effectiveness, integrity, and availability of the company's information technology systems and
processes.
 Collaborated with cross-functional teams to identify, assess, and prioritize IT-related risks that could impact the
company's operations and financials.
 Ensured compliance with relevant international and industry-specific regulations and standards, such as ISO
27001, ISA-IEC 62443 and NIST.
 Managed a team of auditors, set strategic directions, and consistently achieved audit objectives.
 Communicated complex technical findings and recommendations to non-technical stakeholders effectively.
 Employed analytical and critical thinking abilities to address complex IT issues and find practical solutions.
 Proficiently managed audit projects, budgets, and timelines, and used data analysis tools to extract insights from
audit data.
 Collaborated with other departments and external partners to ensure audit findings were addressed
appropriately.
 Adapted to evolving IT environments and led the audit function through technological transformations.
 Utilized audit management software and data analysis tools for efficient audit processes.
 Demonstrated preparedness to respond to and mitigate IT-related crises and incidents.

 2011 TO 2017- PRINCIPAL CONSULTANT (OT& IT SECURITY AUDIT, COMPLIANCE & GOVERNANCE), INDIAN
CONSULTANCY SERVICES. (MIDDLE EAST& AFRICA).
 Assisted in the development of an OT security governance framework, establishing clear roles, responsibilities,
and decision-making processes based on MOTC/QCERT National ICS security & ISA-62443 Standards.
 Conducted compliance assessments and gap analyses against industry standards and regulatory requirements,
ensuring alignment with ISA-IEC62443/NIST 800-XX, NIA-QCERT, NERC CIP and other applicable regulations.
 Collaborated with internal and external auditors to facilitate successful audits and address audit findings
effectively.
 Contributed to the design and implementation of incident response plans and disaster recovery strategies for
critical ICS.
 Participated in incident investigations and coordinated with incident response teams to mitigate security
breaches and minimize potential damage.
 Led and executed IT audits of a variety of IT systems, Network, Security, DC and Business Application systems
 Drafted and reviewed relative IT Principles, Policies, Standards, Procedures, Guidelines, and IT Baselines.
  Ensured the governance framework is best suited for the organizations, enhancing business agility while ensuing
the implementation of controls commensurate with risks.
 Identified and assessed IT risks, and developed and implemented effective IT controls

 2008-2010 –DGM (MANAGED SECURITY SERVICES & IDC) BHARTI AIRTEL ENTERPRISE SERVICES LTD.
 Established effective governance risk and planning within AIRTEL IT to align with AIRTEL strategic objectives,
through developing and implementing IT Risk Management Policies and Processes.
 Developed and implemented IT Incident Management policies and processes, in compliance to ISO20000 and
business requirements.
 Developed and implemented IT Policies and Processes, in compliance to ISO20000, 27001, regulations and
business requirements (change management, incident management, problem management, configuration
management, asset management, BCM, DR, support models, security models, configuration baselines,
Continuous Service Improvement).
 Led efforts on establishing IT governance on Security and Service Management based on standards and ensuring
best fit practices for the organizations.
 Drafted and reviewed relative IT Principles, Policies, Standards, Procedures, Guidelines, and IT Baselines.
 Ensured the governance framework is best suited for the organizations, enhancing business agility while ensuing
the implementation of controls commensurate with risks.
 Developed a risk management process aligned with globally accepted best practices made fit in the organization.
 Ensured separation and segregation of duties are established through all IT processes such as change and
incident management.
 Established self-assessment practices to review compliance against process and identifying gaps and
opportunities for continual service and security improvement.
 Established and managed an organizational portfolio and demand management process ensure adequate
evaluation and prioritization of projects in alignment with AIRTEL strategic direction.
 Established effective project planning, execution and reporting practices for IT and non-IT audiences.
 Established effective resource allocation practices for estimation and commitment in light of competing
demands.
 Managed the IT Portfolio by ensuring effective commissioning and decommissioning of service, service release
and transition.
 Supported service owner in developing necessary documentation such as support models, security models,
configuration baselines, and relevant processes.
 Managed the RCA development processes to ensure completeness and relevance oof the findings, and ensure
Cas and Pas are implemented on time.
 Created and managed the demand management cycles to meet emerging trends and competing business
demands.
 Planed and monitored IT budget to ensure quality budget estimation and financial management.
 Effective management and reporting of IT projects and IT Programs both to internal and external stakeholders to
ensure customer satisfaction.
 Acted as an independent body within IT for relevant tasks such as reviewing RCA to ensure segregation and
separation of duties.
 Managed and report on internal and external gap assessments and establish control calendars to ensure
corrective and preventive actions are implemented on time.
 Established efficient IT risk management processes to ensure risks are identified and responded according to risk
appetites to protect AIRTEL operation, AIRTEL reputation and ensure compliance to relevant laws such as Privacy
and Cyber Crime.
 Inspected incidents per incident handling process, performing impartial root cause analysis and building lessons
learned.
 2006 TO2008-SR. TECHNOLOGY RISK ANALYST - MOHSIN HAIDER DARWISH LLC, SULTANATE OF OMAN.
 Implemented the companywide Operational Risk framework for Technology Risk.
 Identified technology risks, ensured technology controls are working optimally and validate root cause and
corrective action plans for any lapses in IT.
 Reported on IT audit findings to management
  Developed/Formulated Companywide Technology Risk framework and methodology in line with Company’s
operational risk framework as well as recommended Companywide risk tolerance for Technology risk and
related technology risk indicators to ensure alignment with the Company’s overall strategy and objectives.
 Reviewed and monitored the design and operational effectiveness of IT controls and processes.
 Recommended robust IT Risk related controls and monitor to ensure that controls are implemented,
maintained and adhered to by all stakeholders.
 Perform technology risk assessments of existing IT systems, processes, implementation / upgrade of new
systems and technology related change management to identify and assess technology risk from a 2nd line of
defense / risk management perspective.
 Recommend appropriate risk mitigation measures to close gaps from technology risk assessments. Monitor
progress in implementation of these remediation measures.
 Supported Operational Risk team in reviewing technology related incidents and near misses by providing
specialist review of root cause and proposed action plans to prevent recurrence.
 Advised the Company s senior management and risk committees of technological trends and emerging IT risks
that can affect the business objectives.
 Reviewed adequacy of IT disaster Recovery plan and recommend enhancements to the same as required.
 Analyzed technology risk trends / risk inter-relationships from risk assessments, incidents, control testing etc.
and highlighted key learnings and results along with recommended action plans to senior management and risk
committees.
 Managed, maintained and continuously developed the Technology Risk management process including strategy,
policy, procedures and metrics.
 Recommended improvements to departmental policy and direct the implementation of procedures.
 Ensured compliance with all operational procedures, Risk and policies

 2000-2005 INTERNAL IT&QMS AUDITOR, SKJ GROUP, BRUNEI DARUSSALAM

 Directed and managed the IT audit function, overseeing a team of IT audit professionals.
 Developed and executed IT audit strategies aligned with organizational objectives and industry best practices.
 Led the planning, execution, and reporting of comprehensive IT audits, including risk assessments, control
evaluations, and compliance reviews.
 Worked closely with cross-functional teams to establish and implement risk mitigation strategies and internal
control improvements.
 Ensured compliance with relevant industry standards and regulations.
 Produced detailed audit reports with findings and recommendations, and presented results to executive
leadership and key stakeholders.
 Monitored and tracked the resolution of audit findings, ensuring timely corrective actions were taken.
 Managed IT audit projects, including resource allocation, timelines, and budgets, optimizing efficiency and
effectiveness.
 Stayed abreast of emerging technologies and industry trends to enhance audit methodologies and tools.
 Fostered a culture of excellence within the IT audit team through training, mentoring, and professional
development.
1996-1999 LECTURER/INSTRUCTOR, PATHAK INSTITUTE OF TECHNOLOGY, PATNA

 Designed and delivered lectures on computer science topics, including C, C++, Java, Data Science etc.
 Fostered an interactive and inclusive learning environment, resulted improved student engagement and exam
scores.
 Developed and updated course materials, ensuring alignment with industry standards and best practices.
 Conducted student assessments, provided constructive feedback, and contributed to student growth and
development.
 Mentored and advised students on academic and career-related matters, guiding them towards academic
success.
 Collaborated with colleagues on curriculum development and program enhancement initiatives.
  Stayed up-to-date with emerging technologies and industry trends, integrating relevant concepts into the
curriculum.
 Recognized for superb teaching skills and the ability to convey complex technologies effectively.
 Proven track record in delivering technical training to senior students and diverse audiences, resulting
in a 95%+ increase in participant satisfaction.
 Successfully led the delivery of over 150 technical training sessions, consistently exceeding
performance targets by 20%.
 Contributed to curriculum development, resulting in a 30% improvement in training materials' impact
and relevance.
 Strong commitment to providing exceptional training experiences, validating course materials, and
ensuring learner satisfaction.
 Proficient in supporting training activities at marketing events and contributing to curriculum
development.

EDUCATION &TRAINING
 MASTER OF SCIENCE - INFORMATION TECHNOLOGY.
 BACHELOR OF SCIENCE - INFORMATION TECHNOLOGY.
 HND IN DATA SCIENCE & SOFTWARE ENGINEERING
 MASTER LEVEL STUDIES ON “RISK MANAGEMENT” FROM UNIVERSITY OF OXFORD
 MASTER LEVEL STUDIES ON “STRATEGIC MANAGEMENT” FROM IIM BANAGALORE.
CERTIFICATION& TRAINING
 Certified Information System Auditor( CISA)
 ISO9000:2000 Certified Internal Quality Auditor(CIA)
 TOGAF9.2 Level2 Certified Professional
 ITILV3 Certified ITSM professional
 CCNP/MCSE/CEH/CHFI/CISM certified Professional
 Advanced Training on Strategy &Performance Management/ Balanced Scorecards Solution Deployment.
 Advanced Training in Business Continuity& High Availability Management.