Omer Shafiq

Experience

• 

  Centritek Intl (Pvt) Ltd

  Nov 2005 - Oct 2007

  Assistant Manager Accounts

  Major Roles & Responsibilities Included:- Budgeting and Planning- Managing Cash flows and Financing- Approving Bank Payments- Financial Reporting

• 

  PwC

  Jun 2008 - Jun 2012

  Consultant

  -Business Process Re-engineering (BPR): @ [WorldCall Telecom Ltd (An Omantel Company)] -Procurement Manual and SOPs in compliance with US-AID and PPRA Regulations: @ [Lahore University of Management Sciences (LUMS)]-Sarbanes Oxley (SOX) / COSO Framework Compliance: @ [Pepsi-Cola International (Pvt) Ltd]-Oracle E-Business Suite (R.12.1.3) Implementation: @ [Master Textiles (Pvt) Ltd] -Systems and Process Assurance (SPA): @ [MCB Bank Ltd] -Formulation of Strategic Business Plan:@ [Wasil Foundation formerly CWCD] Show less

• 

  TANVEER Group of Companies

  Jun 2012 - May 2016

  Manager BPR & ERP

  Major Roles & Responsibilities Included:-Development and enhancement of Internal Controls by developing In house ERP system for Tanveergroup-Setting up Internal Audit Department, Resource Planning, Developing Internal Audit Charter, Policies& Procedures and Reporting frequency.-Developing Internal Audit Committee, Risk Assessment, Planning, Evaluation, Reporting, follow upand feedback-Risk Assessment Procedures involving Inquiries from management, Analytical procedures,Inspection and observation, preparation of risk assessment document and audit committee approval.-Planning Internal audit involving establishment of audit objectives, obtaining background information,Audit Scheduling, Resource Planning and developing audit work programs.-Conducting Internal Audit Involving collection of audit information and evidence, evaluatinginformation and audit evidence, evaluating internal controls, testing of information and discussionwith management.-Interim / Periodic / Final Reporting-Feedback and follow ups involving communication of results to the executive committee.-Developing Internal Audit Manual including Standard Operating Procedures (SOPs) and Code ofEthics-Compliance of Standards for the Professional Practice of Internal Auditing (Institute of InternalAuditors).-Compliance of Standards for Information Systems Auditing (Information Systems Audit and ControlAssociation).-Performing financial audits of Payroll, Assets management, incomes and expenditures,-Performing operational as well as procedural audits of following:-Production-Logistics-Purchasing, Receiving, Inventory Show less

• 

  Allied Bank Limited

  Jun 2016 - May 2019

  Information System / Technology Auditor

  Major Roles & Responsibilities Included: -Review of IT Control Environment including IT Governance structure and Roles & Responsibilities -Risk Assessment and Annual audit planning.-Engagement Planning, execution and report writing.-IT Strategy & IT Related Policies and relevant Service Level Agreements (SLAs) -Review of Business Continuity Plan / Disaster Recovery Planning -Review of IT Security Policies & Procedures Access Management Controls at Network, User and Database Level -Review of Access Management Controls at User and Database Level in accordance with Authorization Matrix -Review of Change Management Controls -Review of System / Program Development Controls -Review of Backup and recovery Controls -Review of Program Logging and Issue Resolution KPIs -Review of Application Controls (Input, Processing, Output Controls) -Documenting or testing internal controls over financial reporting.-Verification of Penetration Testing by Third Party-Verification of System Integration Testing and Vulnerability testing by IT and InfoSec Department. Show less

• 

  Expertise Contracting Co. Ltd.

  May 2019 - Mar 2020

  Section Head - Internal Audit

  Major Roles & Responsibilities Included: -Requirement Definition and Analysis for ERP System evaluation for Construction / Contracting Sector.-Business Process Re-engineering, Gap Analysis, Remediation planning and Control testing-Development and enhancement of Business Processes Internal Controls -Setting up Internal Audit Department, Resource Planning, Developing Internal Audit Charter, Policies& Procedures and Reporting frequency.-Developing Internal Audit Committee, Risk Assessment, Planning, Evaluation, Reporting, follow upand feedback-Risk Assessment Procedures involving Inquiries from management, Analytical procedures,Inspection and observation, preparation of risk assessment document and audit committee approval.-Planning Internal audit involving establishment of audit objectives, obtaining background information,Audit Scheduling, Resource Planning and developing audit work programs.-Conducting Internal Audit Involving collection of audit information and evidence, evaluatinginformation and audit evidence, evaluating internal controls, testing of information and discussionwith management.-Interim / Periodic / Final Reporting-Feedback and follow ups involving communication of results to the executive committee.-Developing Internal Audit Manual including Standard Operating Procedures (SOPs) and Code ofEthics-Compliance of Standards for the Professional Practice of Internal Auditing (Institute of InternalAuditors).-Compliance of Standards for Information Systems Auditing (Information Systems Audit and ControlAssociation).-Performing financial audits of Payroll, Assets management, incomes and expenditures,-Performing operational as well as procedural audits of following:-Production-Logistics-Purchasing, Receiving, Inventory-Performing the Forensic Audit of any fraudulent activities, investigating the activities, identification ofinvolved ones and suggesting controls after finalization Show less

• 

  Protiviti Middle East Member Firm

  Jul 2020 - Sept 2021

  Technology Consultant - Audit & Risk Management

  Major Roles and responsibilities include: - Fintech and large-scale payment solutions audit- SAP and Oracle ERP Audits - Risk Management, Internal audit & Controls over IT and Finance business processes- Governance Risk and Compliance audit- SAMA CSF framework compliance

• 

  KPMG Saudi Arabia

  Sept 2021 - now

  • Associate Director - Tech Assurance

    May 2024 - now

  • Manager IT Audit

    Sept 2021 - May 2024