Abdulaziz Ahmed Al-Duaij, Information Technology Manager, KNPC, Kuwait

Topic

Communicating IT Risk to stakeholders

Biography

Abdulaziz Ahmed Al-Duaij is the Information Technology Manager at KNPC. He has worked for KNPC since 1989. Mr. Abdulaziz received his BS in Computer Engineering from UOP California in 1988. Currently the manager of IT Department in KNPC, he is also a member of the Kuwait Engineering Society since 1988 and an active member of the Kuwait IT Society since 1989

Topic

GRC Transformation, Supporting New Age Digital Organizations

Abstract

This session focuses on the demand for a change in the way emerging technology as well as regulatory landscape is driving the business needs for a robust GRC program and systems that support it. Today’s digital business needs a GRC solutions with more intelligence than just handling the rudimentary tasks. This sessions highlights the need for transforming GRC to improve business performance and support its adoption of disruptive technologies and business models.

Biography

Ahmed is an internationally recognized cybersecurity executive, Entrepreneur & prominent speaker, working in Information / Cybersecurity industry for almost 20 years as CISO (Chief Information Security Officer), Security Advisory & Strategist. Ahmed has a Master’s in Strategic Business IT (Portsmouth, UK) and has several global certifications to his credit, some of which are CRISC, CBCP, CISM, CISA, CISSP, ITIL, ISO 27001 / 20000, ISO 22301 and others. Ahmed Baig is also a Board Member at POLCYB (The Society for the Policing of Cyberspace) has previously been in security management role heading information / cyber security at various government, Semi Government and large conglomerates.

He’s also Chief Architect for CGMS (Corporate Governance Management System) and ITGMS (IT Governance Management System) frameworks covering Risk Management, IT Governance, Information / Cyber Security, and Business Continuity that has been successfully implemented in service providers and government entities in GCC also leading third party certification of international standards. He has been a key member of eSecurity domain within Interstandards (Web Security Standard) developed middle east region and also a working committee member at Online Trust Alliance (OTA).

Ahmed’s key assignments also include implementation of various cybersecurity programs, standards to help organizations comply with industry regulations and government mandates.

Topic

GRC, A holistic Road Map for Digital transformation

Abstract

GRC is an evolving set of business management processes that companies use to establish unified business management techniques. GRC technologies introduce a holistic platform for ERM, automated techniques for processes governance and enhanced standards and regulatory compliance processes. Many organisations utilise the GRC platform in the implementation of ISO 27001 in order to obtain more visibility, enable proactive decision-making and of course to increase return on investment (ROI) from compliance. The basics of GRC processes and its features, however, are still unclear for many GRC users. In addition, the integration approach of GRC with other frameworks or standards is currently immature and ineffective; top management’s needs for integration between GRC and ISO 27001 are not a high priority. Compliance with ISO 27001:2013 and its controls is complicated and is both money- and time-consuming. For this reason, the automation of ISO 27001:2013 processes through integration with GRC technology has become a new trend in the information security arena.

Biography

Mohamed Mousa is Chief Information Security Officer (CISO) with MSc. In Information security from Royal Holloway University, University of London alongside numerous technical and management professional certificates. For more than 15 years, Mr. Mousa has a wide experience in working with government and private sector, implementing and auditing different Governance, Risk and Compliance (GRC) cyber security frameworks. As CISO, Mr. Mousa has extensive exposure to different Digital Transformation programs, Governance frameworks and international standards in dealing with securing e-commerce channels. Mr. Mousa’ core competencies include Information security management, strategic business orientation, risk management, penetration tests, network security, and business continuity planning and incidents/threats management. Mr. Mousa design and conduct several information security awareness programs in different business models. The last but not least Mr. Mousa was key speaker in different information security conferences around EMEA region and is continually invited to give lectures in different academic forums.

Topic

Highly Effective Risk Management in Decision-Making Process
Abstract: Risk Management is a tool that facilitates the accomplishments the goals and objectives of organizations. Risk Management is not an Objective by itself. This fact should be highly considered while taking strategic or day-to day Business Decisions. In short, Risk Management is the process that support taking the right decisions with Risks-in-Minds

Biography

Hassan Al Bakri is highly experienced in the field of Risk Management, Compliance and Corporate Governance. He derives his knowledge from practical experience in Financial Investment Companies and Banks in addition to advisory-based companies.
Beside his Bachelor Degree in Business Administration from Damascus University, Hassan has Completed Post-graduate Diploma in Islamic Finance from Kuwait University. He obtained International Advance Certificate in Compliance form International Compliance Association in England as well as Certified Management Accountant (CMA) and Project Management Professional (PMP).