Samir Shah

CA, CISSP, CISA, CIA, CFE

Summary

• Senior professional with core skills in IT Audit, IT Risk Governance, Information Security & BCP domains.
• 15+ years of experience in Information Technology Risk and Auditing.
• Worked for top notch Financial Services Company and Big 4 consulting firm.

• Expert knowledge of business processes and Information systems.

• Extensive project execution for the Financial Services and IT / ITES companies.
• Exposure to project execution in various countries like USA, UK, Canada, Singapore, Hong Kong etc.
• Sound knowledge of various compliance requirements like SOX, GLBA, FCPA.
• Expert knowledge on Methodologies and standards like ISO 27001, ISO 31000, COSO and COBIT.

Teaching Background

• Coached several batches of DISA (ICAI) course
• Conducted several workshops and served as speaker at BCAS and ISACA for topics related to IT Audit, Business Continuity, Fraud Investigation, Information Security and CAAT’s.

• Significant contribution to Thought Leadership publications and research materials
• Worked in publications department and as a faculty with a leading coaching classes in Mumbai

Functional Skills and Technical Skills

• Core skills in planning, execution and reporting for Risk based audits
• In depth understanding of IT Systems and underlying business processes for Financial services and IT / ITES Companies
• Expert knowledge of Business Continuity and Disaster Recovery domain
• In depth understanding of Information Security concepts
• In depth Knowledge of standards and methodologies like COSO, COBIT, ISO 27001, BS 25999
• Knowledge of SOX, GLBA, SAS 70, PCI requirements
• Expert knowledge of in house tools and third party CAATS like ACL
• Knowledge and understanding of Windows & UNIX operating Systems
• Knowledge and understanding of operational and security aspects of  MS-SQL and Oracle databases                                                                 
• Knowledge and understanding of networking and related security aspects

Education

• Chartered Accountant (CA)
• CISA (Certified Information Systems Auditor) from ISACA, USA
• CISSP from ISC²
• CIA (Certified Internal Auditor) from “The Institute of Internal Auditors, USA”
• BS7799 Lead Auditor from British Standards Institute, UK
• DISA (Diploma in Information Systems Audit from The Institute of Charted Accountants of India (ICAI)
• CFE (Certified Fraud Examiner) from ACFE
• Bachelor Degree in Commerce

Work Experience

Nomura

Vice President and Head of IT Governance and Control, India                     

www.nomura.com

Job Content:

• Technology Risk identification, classification, measurement and remediation
• Managing the Governance office for Operational Risk, Internal Audit, External Audit and Regulators
• Managing the Project office for ITGC initiatives in risk management
• Management of the Global program of Source Code Repositories access management
• Management of the Global program of Identity and Access Control
• Risk assessment and mitigation of the global data organization and job schedulers
• Set up and conduct of the Technology Risk Forum and Technology Risk Information Exchange Programs