Upload
saif-siddiqui
View
17
Download
1
Embed Size (px)
Citation preview
1 | P a g e
Saif Ahmed Siddiqui Cell: +971 50 3565808B.Tech (Electronics), CISA Email: [email protected]
EXECUTIVE PROFILE
An experienced SAP professional with 11 yearsof experience in SAP Project Management, SAPQuality Assurance, Business ProcessConfiguration Reviews, Data Analytics, SAPSecurity Audit, IT General Controls andContinuous Control Monitoring.
OBJECTIVECurrently looking for professional growththrough a challenging role in Governance, Risk &Compliance, Internal Audit, and InformationSecurity.
PROFESSIONAL CERTIFICATIONS CISA CoBIT 4.01 ISO 27001:Information Security Management
Lead Auditor& Implementer SAP NetWeaver Exchange Infrastructure ISO 20000:Information Service Management
Lead Auditor BS25999:Business Continuity Management
Lead Auditor
TRAININGS ATTENDED Project Management (PMP) Audit Command Language ( ACL) Beginner &
Advanced Concepts SAP Application Security Controls SAP GRC Access Control
INDUSTRY EXPERIENCE Retail Oil & Gas Manufacturing Automobile Utilities
AWARDS
Client Appreciation Letter from NationalDrilling Company for performing SAP licenseutilization audit.
Best Performer award for year 2011 fromProtiviti Middle East Consultancy.
Best Team award for implementation of firstSAP DBM module in South East Asia.
AREAS OF EXPERTISE
Worked as SAP Techno-Functional Consultant in5 end to end Implementation projects using SAPASAP methodology and have good exposure ofSAP FICO, MM, SD, CRM, ABAP, HR modules.
Good understanding of SAP ProjectManagement principles from project planning,execution, monitoring& control and closure.
Good Knowledge of Data Migration techniquesto transfer Master Data from Legacy Systems toSAP using Batch Data Communication / LSMWmethod.
Expertise in reviewing SAP Business Processes &Master Data configurations such as GeneralLedger, Asset Management, Accounts Payableand Receivable, Payroll, Vendor & CustomerMaster Data etc.
Good knowledge of SAP GRC Access Control,Process Control ,SAP Basis Security, HR Infotypes & SAP Infrastructure.
Highly experienced in Data Analytics &Continuous Control Monitoring of variousbusiness processes using CAAT tools such asACL, Excel etc. Areas include Billing, Inventory,PR to PO Lead Time & KPI Analysis, Payroll & HRMaster Data analysis etc.
Compliance audits of ISO standards like ISO/IECISMS 27001, ISO/IEC 20000 ServiceManagement, BS 25999 Business ContinuityManagement & ISO 55001.
Reviews of IT General Controls and AutomatedApplication Controls over ERP applications.
IT Infrastructure Audits, such as DatabaseSecurity, Operating System Security,Virtualization Security.
In-depth understanding of IT Governanceprinciples, COBIT and ITIL v3 framework.
2 | P a g e
SUMMARY OF PROFESSIONAL EXPERIENCE
DUBAI ELECTRICITY & WATER AUTHORITY – Dubai April 2013 till DateWorking as “Audit Specialist for SAP, ITGC Audits and Data Analytics” and directly reporting to VicePresident Internal Audit.Responsible to plan, supervise and conduct SAP Quality Assurance, SAP Security & Authorizations reviewand business processes data analytics engagements. This includes identification of high-risk areas, follow-up audits, supervisory reviews and preparation of Executive Summary Presentations for the TopManagement. Responsibilities include:
SAP Quality Assurance & Security Review Review of project plan, Business process Blueprints, SAP system configurations & parameters
of processes such as Procure to Pay, Billing, Hire-2-Retire, Payroll, Journal Entry Testing, FixedAssets etc.
Review of Master Data migration from ORION to SAP across Finance, Supply Chain, and HumanResource module.
Review all SAP configurations based on best on standard best practices and customizationsdone to map the current business processes.
Review of Change Management policy & procedures, SAP Security, User access authorizations& Segregation of duties.
Identify control weaknesses across all business processes and develop risk mitigation planalong with stakeholders.
Participate in the Unit and System Integration testing and report feedback to concernedbusiness process owner.
Prepare Audit report along with Executive Management summary and give presentations tothe CEO during management meetings.
Data Analytics & Continuous Control Monitoring Supervise & Conduct data analysis engagements and Continuous Control Monitoring (CCM)
using Audit Command Language (ACL) Scripting, Direct Link & AuditExchange. Sound expertise in data analytics and forensic investigations. Well versed with CAATs tool i.e.
ACL, AuditExchange, ACL Direct Link tool. Critical Data Analytics engagements include Billing, Inventory Ageing, PR to PO Lead Time &
KPI Analysis, Payroll & HR Master Data analysis etc. Played a key role during SAP ERP Go-Live to give reasonable assurance about data integrity,
completeness & accuracy, such as Billing, Inventory, Open POs, COA Mapping etc. In-depth knowledge of ERP Tables & Fields information to perform data analytics.
IT / ISMS / Operational AuditsSupervise and conduct reviews on Information Security Management Systems such as ISO27001Compliance Reviews, IT General Controls, Operating System (Windows/AIX) and Database SecurityReviews (Oracle), Change Management, Backup & Restoration, Logical & Physical Access Control etc.
3 | P a g e
Protiviti Middle East FZCO - DUBAI July 2011 – March 2013Senior ConsultantReported directly to Senior Manager and mainly responsible for the following: Review of Business Blueprints, configurations & parameters of various processes such as P2P, Billing,
Hire-2-Retire, Payroll, Journal Entry Testing, Fixed Assets etc. ERP Quality Assurance which includes review of Identity & Access Management, Security
configurations, Program Change Control, Audit Trails and Business Process reviews of various ERPssuch as Oracle E-Business Suite, SAP & other in-house developed applications. Conduct IT Infrastructure Audits including Oracle Database Security, Windows/AIX/Unix Operating
System Security Reviews, Change Management, Backup & Restoration, etc. Review Business Continuity & Disaster Recovery Plan including Business Impact analysis, Threat & Risk
Assessment, & suggested cost effective & efficient Recovery Solutions. Develop IT Audit and Advisory proposals for perspective clients. Supervise and conduct SAP Access review, Security configurations, IT General Controls & Business
Process Reviews and other Advisory assignments.
CANPACK Middle East - DUBAI June 2010 – June 2011SAP SpecialistReported directly to Director Finance and mainly responsible for the following: Provide first level of support in resolving the issues faced by end users in across SAP FICO, SD, MM
modules in performing day to day operational activities. Single Point of Contact between the business users in Dubai and SAP project team in Krakow, Poland
to review the business processes implemented in SAP. Identify the challenges faced by users and work with SAP development team to perform the
customization. Provide Training to new Users in understanding the business process and use of SAP transaction codes
in performing the daily tasks.
Tata Consultancy Services - India October 2005 – May 2010Assistant Systems EngineerReported directly to SAP Program Manager and mainly responsible for the following: Direct interaction with client for requirement gathering and analysis. Understanding the complex
business requirements/ process being followed. Preparation of functional & technical specification documents. Perform complex ABAP programming, testing and debugging functions related to the implementation
of SAP modules. Perform Unit Testing and System Integration Testing before Go Live. Provide appropriate documentation and release plans to manage handover activity for smooth
transition from development into Quality and Go-Live.
4 | P a g e
PERSONAL DETAILS
Nationality Indian D.O.B 28 April 1983 Marital Status Married Languages English (Fluent), Urdu/Hindi (Native) Driving License UAE, INDIA