Taimur Ansar Sheikh is an Information Systems Auditor and Data Analytics professional currently working as an Assistant Vice President at the National Bank of Pakistan. He has over 15 years of experience in conducting IT audits, risk assessments, and developing audit reporting and analytics tools. Some of his responsibilities include performing risk ratings of branches and applications, evaluating internal controls, and conducting off-site reviews of branches through data analysis. He is certified in various information security and audit standards and has expertise in databases, data analytics, and developing customized audit and reporting systems using business intelligence techniques.
Hospitals currently use a manual system for visiting Doctor Slip as a token. The current system
requires numerous paper forms, with data stores spread throughout the hospital management infrastructure.
Often information (on forms) is incomplete, or does not follow management standards. Forms are often lost
in transit between departments requiring a comprehensive auditing process to ensure that no vital
information is lost. Multiple copies of the same information exist in the hospital and may lead to
inconsistencies in data in various data stores.
A significant part of the operation of any hospital involves the acquisition, management and timely
retrieval of great volumes of information. This information typically involves; Doctor, Room, Department
and Patient personal Information. All of this information must be managed in an efficient and cost wise
fashion so that an institution's resources may be effectively utilized Hospital E-Token management will
automate the management of the hospital making it more efficient and error free for outdoor patient. It aims
at standardizing data, consolidating data ensuring data integrity and reducing inconsistencies.
Hospitals currently use a manual system for visiting Doctor Slip as a token. The current system
requires numerous paper forms, with data stores spread throughout the hospital management infrastructure.
Often information (on forms) is incomplete, or does not follow management standards. Forms are often lost
in transit between departments requiring a comprehensive auditing process to ensure that no vital
information is lost. Multiple copies of the same information exist in the hospital and may lead to
inconsistencies in data in various data stores.
A significant part of the operation of any hospital involves the acquisition, management and timely
retrieval of great volumes of information. This information typically involves; Doctor, Room, Department
and Patient personal Information. All of this information must be managed in an efficient and cost wise
fashion so that an institution's resources may be effectively utilized Hospital E-Token management will
automate the management of the hospital making it more efficient and error free for outdoor patient. It aims
at standardizing data, consolidating data ensuring data integrity and reducing inconsistencies.
Actor-Dependency technique, change management, risk management in organizatio...VIKAS KUMAR SINHA
An Actor-dependency technique for modeling strategic actor relationships, change management and risk management in organizations undergoing Business Processes Re-engineering due to Information System adoption.
Actor-Dependency technique, change management, risk management in organizatio...VIKAS KUMAR SINHA
An Actor-dependency technique for modeling strategic actor relationships, change management and risk management in organizations undergoing Business Processes Re-engineering due to Information System adoption.
Development and implementation of MBO and KPI systems in a bankВиктор Степанов
This presentation represents a variant of system approach to the implementation of management by objectives and KPI in the bank. Offer for your bank must be based on your business need, the features of the corporate culture and IT infrastructure. Looking forward to meet you for presentation of our comprehensive services, to know out about your needs and then to prepare a proposal.
1. Taimur Ansar Sheikh
Address : 259-C, UET Society near NFC Society & Wapda Town, Lahore, Pakistan
Email: taimuransar@hotmail.com
Website: https://www.youracclaim.com/users/taimur-ansar
Phone: +(92) (42) - 359468468 Mobile: +(92) (42) - 3004498332
Personal Information
╣ Birth Date : 02 November, 1976
╣ Nationality : Pakistan
╣ Gender : Male
╣ Marital Status : Married
Career Goals, Objective & Purpose
╣ Help organization to build complete Offsite Review/ Branchless Auditing framework to reduce overhead.
╣ Support Top management by assisting and developing Analytical Reporting Tools based on BI.
╣ Help organization in developing future strategy by vision to move ahead.
╣ Guide organization to find new ways and opportunities by creative and innovative thinking.
Education & Professional Qualification
Professional Degrees:
╣ MCS - Master in Computer Sciences,
Hamdard University, Pakistan.
╣ BCOM – Bachelors in Commerce,
Punjab University, Pakistan.
2000
1997
Achievements
Information System (IS) Auditor MIS / BI Analyst & Database Analytics Professional Certifications:
Performed and conducted various independent, analytical
reviews and audits in key risk areas of Groups/Regional
Offices/Branches and IT Applications with the objective to
provide assistance to management:-
Developed eAudit Warehouse & Reporting System
based on business intelligence (BI). By using
business intelligence techniques i.e. ETL (Extract,
Transform & Load) for extraction of data from any
operational database platform and load to eAudit
Warehouse for auditing, analytical and reporting
purpose.
╣ System performs critical and analytical audit
reporting as per audit frame guidelines.
╣ System review, analyze and drill audit data in
multiple dimensions to make smart decisions
for higher management.
╣ System performs Risk Rating calculation
Report for annual audit plan
╣ System performs planning and scheduling of
audit engagements for timely preparation and
delivering of engagement plans to the field
auditors.
╣ System generates standardized Annual Audit
Reports for processing and marking of
significant audit findings.
╣ System performs post-Audit Rating Model
review for finalization of audit rating of
branches.
╣ System analyzes and reviews Leakage of
Income (LOI) head-wise Position of Deposits,
Advances, Trade, Remittance and Others.
╣ System generates presentation slides for Tri-
Annual Meeting with Regional offices.
╣ CIA (In-Progress)
╣ CRISC - Certified in Risk and Information
Systems Control, ISACA, USA.
╣ CISA – Certified Information Systems
Auditor, ISACA, USA.
╣ CIISA – Certified International
Information System Auditing, ICM, UK.
2011
2009
2008
Off-Site Review of Branches & Branchless Auditing:
╣ Offsite/branchless auditing review and analyze financial
and non-financial data of branches through CAAT tool &
technique.
╣ Approximately 3.000(M) savings to the Bank.
Professional Skills & Achievements
IS Audit of Govt. Pension System (GPS) & EOBI System: Audit Skills:
╣ Invalid processes and validation procedures implemented
in GPS due to non-updation of SOPs.
╣ Any user can log into System without User ID/password
authentication due to multisession problem.
╣ GPS has no provision to block the pension payments in GPS
whose life and non-marriage certificates not submitted
after defined time period.
╣ Single operator responsible for marking of ‘stop pension
payment’ and ‘remove pension payment’ in GPS which is
violation of segregation of duties (SoDs).
╣ Supervisor operator can reverse the End of Day to any
previous working day and perform transaction in the
previous working date in GPS.
╣ No audit trail maintained and generated from GPS.
╣ Knowledge of ISACA auditing standards.
╣ Knowledge of contemporary internal control
frameworks i.e. COSO and COBIT.
╣ Knowledge of IT Auditing Information Security
Management framework.
╣ Knowledge of IT Risk Management.
╣ Expert knowledge of audit analysis tools like ACL &
HAT (In-house developed tool) for analysis, scanning,
testing and mapping of financial data.
╣ Technical Skills:
╣ Knowledge of IT Governance.
╣ Expert knowledge of data analytics to identify
reasons for major deviations in bank financial data.
╣ Expert knowledge of databases like SQL Server
engine, SQL Server (BI) Integration & Reporting
Services.
╣ Expert Knowledge of banking and audit processes
and translates into ERP applications development
through SDLC approach and CMM model.
╣ Knowledge of MS Active Directory.
╣ Knowledge of ISO 27001 & BS 25999.
╣ Network Security i.e. Routers, Switches, Firewalls,
VPN and IDS/IPS.
IS Audit of Electronic Banking System (EBS) Application:
╣ EBS not restricted the user for sanctioning the NBP
Advance Salary Account; if date of retirement age of
applicant is less than six (06) months with the maturity
date of loan of the borrower.
╣ EBS not restricted the user for activation of Dormant/Inoperative Account to Operative.
╣ Mis-Utliization Of transaction code In EBS.
╣ Same CNIC number entered in EBS against different account holders.
╣ Non-Balancing of remittance in CAOP and EBS due to improper implementation and integration of systems
╣ Users rights are not properly segregated between cash/transfer users and super users; which is violation of SoDs.
Other Skills:
╣ High aptitude for continuous leaning & vision to
move ahead.
╣ Conducted IT & IS Audit related in-house trainings.
╣ Strong analytical thinker and find new ways by
creative & innovative thinking to solve problems.
╣ Effective communications and presentation skills.
IS Audit Of Human Resource Migration System (HRMS):
╣ User ID ‘Admin’ has been issued to user; who creates User IDs for Regional Offices and sets passwords. User can
view/ change the Appraisal related data of any employee of the Region/ Group through the User ID created by
him. On the other hand, same official is also involved in checking/ verification of Appraisal data/ forms submitted
by Regional Offices, which is against the best practices and indicates non-segregation of duties with respect to
Application User Administration and functional tasks i.e. checking/ verification of data entered in system. Professional Courses
IS Audit Of Call Centre CRM Application: Courses:
╣ Non-implementation of ‘Customer Complaints Escalation Matrix’ in the CRM Application
╣ Non-implementation of ‘User Session’ by the development team in the Application.
╣ Call Centre Application database is not periodically updates /synchronizes with the NBP back-end banking Systems.
╣ Non-existence of ‘Capacity Planning’ (Usage of CRM Application and Utilization of number of terminals for CRM
Application are adequate for CSRs) of Call Centre.
╣ Microsoft SQL Server 2008
╣ Certified Inf. Systems Auditor (CISA)
╣ Interpersonal Business Communication
╣ Cisco Certified Network Ass. (CCNA)
╣ IS Audit / IT Securities
╣ Ethical Hacking & Penetration Testing
4-Months
4-Months
4-Months
3-Months
1-Week
2-Days
Work Experience:
Assistant Vice President
(IS Auditor & Data Analytics)
National Bank of Pakistan
Jan 2005 - till Date
IT/ERP Business Development
Analyst
Nexgen Technologies Inc.
2003 - 2004
IT Business Development &
Database Analyst,
Future Souls (Pvt.) Ltd
2002 – 2003
IT & Database Coordinator,
Ashcraft Insur. Company Inc. USA
2001 - 2002
╣ Performs risk rating of branches and major IT
applications.
╣ Performs risk assessments for the
development of the annual audit plan
focusing on IT applications, information,
processes, and governance.
╣ Evaluating the adequacy and effectiveness of
internal IT controls and related processes by
evaluating their effectiveness and efficiency
and by promoting continuous improvement.
╣ Performs applications controls reviews.
╣ Review IT Security Systems based on
approved information security framework and
NBP IT Security Policy.
╣ Coordinate and provide an adequate support
to Financial and Operational Audit Teams by
carrying-out of IT audit of business groups.
╣ Conduct offsite and branchless audit reviews
of branches through CAAT tool & technique.
╣ Prepare Tri-Annual presentations.
╣ Coordinated meetings with the IT wing, regional data
centers, branch management to bring together IT
operations support.
╣ Analyze, designed and developed ERP
solution for rice industries including
sample evaluation module, purchase
module, accounts payable module,
material warehouse module, processing
module, sale & receivables module,
general ledger module and
administration and security module.
╣ Improved efficiency and track able ROI
on business processes of rice industries
through deployment of ERP solution.
╣ Identifying options for potential
solutions and assessing them for both
technical and business suitability.
╣ Working closely with developers and a
variety of end users to ensure technical
compatibility and user satisfaction
╣ Drawing up a testing schedule for the
complete system
╣ Examined and analyzed the business
processes of the textile industry.
╣ Designed, developed and
implemented domain registration,
web hosting, and web & software
development strategies.
╣ Design and developed remote IT
support agreements.
╣ Designed, developed business
continuity planning by replicated
of hosting sites at an alternate site
after a disaster.
╣ Evaluated and designed web
hosting packages to meet business
requirements.
╣ Regularly monitor and perform
web hosting business impact
analysis through KPIs.
╣ Analyzed, designed and developed
customer relationship
management (CRM) system.
╣ Delivered Company Presentations
regarding web hosting and training
programs for client.
╣ Designed and implemented IT
strategy for business expansion
through web.
╣ To gain control and
improvement business
processes of software & web
applications by capability
maturity model (CMM).
╣ Conduct software quality
control tests (i.e. white box &
black box).
╣ Provide interactive web based
fully compatible network
services to the clients.
╣ Monitoring and updating of
web site and its services.