SlideShare a Scribd company logo

Nasser's GRC and ERP Expertise

Nasser J Khan
Nasser J Khan

Nasser Khan is a seasoned leader with over 21 years of experience in professional services and industry. He specializes in governance, risk, and compliance (GRC) and has extensive experience implementing GRC systems and managing audit operations. Nasser has led business-critical implementations and risk assessments. He is skilled in application and infrastructure security, controls, and regulatory compliance.

1 of 9
Download to read offline
PITCHBOOK Nasser Khan, MBA, CISA
NASSER’S BRAND AND PROFILE Brand Nasser is a seasoned leader and a growth visionary supporting senior executive leadership in taking the companies to the next level of enhancing profitability by managing enterprise risk. Nasser Khan’s experience, skills, training and background brings a unique perspective to enterprise growth efforts. No matter what the economic times are, Nasser Khan is able to add value with his deep and broad experience. Some of the elements that build Nasser’s brand are: Client-Centric 1. Governance, Risk & Compliance (GRC) Professional 2. ERP Application Security and Controls 3. Business Systems & Process Transformation 4. Information Systems Auditor Service 5. MBA … Philosophy 6. Deep Multi-Industry Experience 7. Build Knowledge Networks 8. Educator & Trusted Adviser Integrity Excellence Profile •Over twenty one years of combined industry and •A proven track record in business development and client professional services experience including Leadership, management involving all levels of executives belonging to Operations, Management, Audit, Security & Controls Fortune 100 organizations. Implementation. Business consulting experience spans •GRC experience encompasses implementing GRC systems, across industries with clients in Education, Financial Services, performing and managing audit operations, User Access Energy, Manufacturing, Healthcare, and Public Sectors. Management, Security in PeopleSoft and other ERP systems, •Led business-critical implementations and performed risk Enterprise Risk Management and Identity Management. management assessments within the information systems •Led the Application Integrity Center of Excellence, focused functions. Key focus areas have been Application & on Oracle ERP packages offered by Deloitte nationally Infrastructure Security, Controls, Privacy and Compliance •Delivered presentations at several conventions held in the with COSO, COBIT (ITGC), SOX, Privacy Act, and MFIPPA U.S., Canada and Europe covering topics relating to I.T Audit, regulations. Areas of expertise extend to Governance, Risk, GRC, and Security & Compliance (GRC) tools where he utilizes best practices in Audit Approach & Implementation Methodology Nasser Khan’s Pitchbook
ACHIEVEMENTS & CAPABILITIES
ACHIEVEMENTS AND CAPABILITIES GRC Practice Development Technology Risk Advisory Built Oracle GRC capabilities across the US, by driving key Designed and implemented Governance, Risk & Compliance enablement initiatives including growth, delivery and (GRC), Identity Management projects, strategy, planning, training. coordinating, and consulting on the analysis and Assisted the regional centers develop and grow the practice identification of key risks, development of business and by improving their skill set of pursuing sales, enhancing systems. relationships and increasing footprints at existing clients. Performed assessment of security and controls in ERP and Educated to implement Oracle’s GRC applications and tools supporting applications and systems against various including the Oracle GRC Controls Suite, Oracle GRC regulatory compliance frameworks. Manager and Oracle GRC Intelligence products, and the Designed, built or assessed risk and controls objectives, technologies of Oracle GRC applications. design of controls activities, narratives, flowcharts, test Teamed cross-functionally to build joint capabilities of plans and testing of operating effectiveness. delivery and sales of solutions. Joint tasks included building Conducted Privacy Impact Assessments in systems and the pipeline, pursuing sales leads and assisting in the processes. delivery of solutions. Spearheaded the initiatives to build solutions labs for Businessand use-case demo purposes. learning Process Transformation Application Security & Controls Consulted on application use optimization and business Designed security management best practices, controls in process re-engineering of PeopleSoft modules, and environment management, access management, access decommissioning of redundant processes and sub- provisioning, and security administration processes. processes. Lead Security & Control build workshop sessions for Reviewed of As-Is payroll processes in order to streamline PeopleSoft and JD Edwards with functional areas Subject diverse operations, identify efficiencies and synergies Matter Expert Teams to determine organizational roles and between operating regions and reduce expenses. functions. Consulted on system configuration alternatives and Designed and built Security testing strategy. opportunities for standardization. Identified data owners, control table responsibilities and Reformed current business processes that vary from row level security structure for various business units. delivered ‘best-practices’ in PeopleSoft. Determine gaps, Designed authentication interface within the enterprise success criteria and recommendations. context for PeopleSoft applications, HCM and Financials. Lead the Fit/Gap effort and specified gap resolutions. Nasser Khan’s Pitchbook
ERP IMPLEMENTATIONS AND I.T. AUDIT PeopleSoft Work Highlights Application supports role based in I.T. supporting HRMS, Benefits, Payroll, GL, A/P, P/O and AR modules as a business analyst Frequently applied minor upgrades working with data models of configuration and transaction tables Worked with Data Mover, App Engine, Component Interface and other integration tools Deep understanding of security implications , control capabilities and sensitivity of configuration and transaction tables in PeopleSoft HCM and Financials 7.0 to 9.0 Designed, implemented and configured HCM modules I.T Audit and Controls Work Assessed PeopleSoft for security and controls design Assessed PeopleSoft implementations for optimization of use Assessed PeopleSoft implementations of quality of project management, governance, security and controls Several SOD analysis and redesigns I.T. A Built own SOD tool for PeopleSoft HCM, Financials and JD Edwards Conducted system compliance audits for compliance with Municipal Freedom of Information and Privacy Act (Privacy Act) Mapped statutes and sections in regulations to data elements and controls activities in PeopleSoft and Infrastructure environment to demonstrate how and where the control is compliance. Taught Auditing I.T function on behalf of IIA Participated in design course for auditing PeopleSoft on behalf of IIA Nasser Khan’s Pitchbook
EMPLOYERS &TIMELINES
CAREER TIMELINE Career progression PeopleSoft Formed Sr. HCM Nasrhuma Inc. Crown Cork Consultant Oracle Commercial Acquires MBA Manager PeopleSoft CISA Manufacturing 1986 1987 1992 1998 2000 2005 2007 2008 2009 Agfa Region of York Named Deloitte Product PeopleSoft BSA Security Manager Manager Product Enterprise Risk SAB, Inc. Lead Deloitte Sales Manager B2B Sales Sr. Manager Enterprise Risk Nasser Khan’s Pitchbook 7
EMPLOYMENT Employers and Positions •February 2009-Current •Formed Nasrhuma Inc. in US and Canada. •A system integration professional services organization providing consulting advice in Technology Risk, GRC, ERP Roadmap and Strategy, and ERP implementation. • August 2005-February 2009 •Deloitte & Touché LLP- Costa Mesa, CA (managed team of max 11) •Senior Manager in Enterprise Applications Integrity Practice-Technology Risk •Lead the Oracle GRC Enablement Initiative Nationally •SME for PeopleSoft Security & Controls •Deloitte & Touché Ltd.- Toronto, ON (managed teams of max 7) •Manager in Enterprise Applications Integrity Practice-Technology Risk •Technology Risk Management •PeopleSoft & JD Edwards Security & Controls • June 2000- August 2005 •Oracle Consulting Services-Mississauga, ON •Principal Consultant in Business Consulting HCM, Financials & Security •PeopleSoft Consulting Services •Senior HCM Consultant Business •Global Security Product Co-Lead •December 1998-June 2000 Nasser Khan’s Pitchbook •Region of York •PeopleSoft Business Systems Analyst •Implemented and supported production environments of PeopleSoft HR and Financials •July 1992-December 1998 •Crown Cork & Seal Co., Inc •Commercial Manager •B2B Sales and marketing at a manufacturing unit for packaging
QUALIFICATIONS Education & Certification Certified Information Systems Auditor, ISACA, USA Certified PeopleSoft Consultant MBA Finance & Marketing-1986 Institute of Business Administration University of Karachi, Pakistan BBA Marketing-1985 Institute of Business Administration University of Karachi, Pakistan Bcomm-Accounting-1982 St Patrick’s College, Karachi Memberships: Project Management Institute Canadian Management Association ISACA ISC2 • 15333 Culver Drive, Suite The Indus Entrepreneurs, TiE Irvine 340 # 586, Irvine, CA 92604 • (949) 551-6080 Website • Russell View Rd. http://nasserkhan.com Toronto Mississauga, ON L5M 5V8 (647) 829-6850 Email: NasserKhan@Nasrhuma.com Nasser Khan’s Pitchbook

Recommended

IT Competence Framework In Shell SFIA
IT Competence Framework In Shell SFIAIT Competence Framework In Shell SFIA
IT Competence Framework In Shell SFIASFIA User Forum
 
Oracle Consulting Practise
Oracle Consulting PractiseOracle Consulting Practise
Oracle Consulting Practiseviveksharma14
 
Ds Erp Practice Overview 0403081
Ds Erp Practice Overview 0403081Ds Erp Practice Overview 0403081
Ds Erp Practice Overview 0403081kcompton
 
Bpm Agile Bucharest Nov 2011
Bpm Agile Bucharest Nov 2011Bpm Agile Bucharest Nov 2011
Bpm Agile Bucharest Nov 2011lucainog
 
Itil 2011 Mind Maps
Itil 2011 Mind MapsItil 2011 Mind Maps
Itil 2011 Mind MapsHussein Elmenshawy
 
SilverStorm "Credibility and Collaboration to achieve excellence in IT Govern...
SilverStorm "Credibility and Collaboration to achieve excellence in IT Govern...SilverStorm "Credibility and Collaboration to achieve excellence in IT Govern...
SilverStorm "Credibility and Collaboration to achieve excellence in IT Govern...SilverStormSolutions
 
[StepTalks2011] Agility @ Scale - Rien Schot
[StepTalks2011] Agility @ Scale - Rien Schot[StepTalks2011] Agility @ Scale - Rien Schot
[StepTalks2011] Agility @ Scale - Rien SchotStrongstep - Innovation in software quality
 
Acto.IT Consulting Presentation
Acto.IT Consulting PresentationActo.IT Consulting Presentation
Acto.IT Consulting PresentationAlex Bomjardim
 

Recommended

IT Competence Framework In Shell SFIA
IT Competence Framework In Shell SFIAIT Competence Framework In Shell SFIA
IT Competence Framework In Shell SFIASFIA User Forum
 
Oracle Consulting Practise
Oracle Consulting PractiseOracle Consulting Practise
Oracle Consulting Practiseviveksharma14
 
Ds Erp Practice Overview 0403081
Ds Erp Practice Overview 0403081Ds Erp Practice Overview 0403081
Ds Erp Practice Overview 0403081kcompton
 
Bpm Agile Bucharest Nov 2011
Bpm Agile Bucharest Nov 2011Bpm Agile Bucharest Nov 2011
Bpm Agile Bucharest Nov 2011lucainog
 
Itil 2011 Mind Maps
Itil 2011 Mind MapsItil 2011 Mind Maps
Itil 2011 Mind MapsHussein Elmenshawy
 
SilverStorm "Credibility and Collaboration to achieve excellence in IT Govern...
SilverStorm "Credibility and Collaboration to achieve excellence in IT Govern...SilverStorm "Credibility and Collaboration to achieve excellence in IT Govern...
SilverStorm "Credibility and Collaboration to achieve excellence in IT Govern...SilverStormSolutions
 
[StepTalks2011] Agility @ Scale - Rien Schot
[StepTalks2011] Agility @ Scale - Rien Schot[StepTalks2011] Agility @ Scale - Rien Schot
[StepTalks2011] Agility @ Scale - Rien SchotStrongstep - Innovation in software quality
 
Acto.IT Consulting Presentation
Acto.IT Consulting PresentationActo.IT Consulting Presentation
Acto.IT Consulting PresentationAlex Bomjardim
 
Application Lifecycle Management & VSTS
Application Lifecycle Management & VSTSApplication Lifecycle Management & VSTS
Application Lifecycle Management & VSTSMicrosoft Iceland
 
ELO Group Process Day Austrália
ELO Group Process Day AustráliaELO Group Process Day Austrália
ELO Group Process Day AustráliaEloGroup
 
Optimising and prioritising your SDLC using business intelligence
Optimising and prioritising your SDLC using business intelligenceOptimising and prioritising your SDLC using business intelligence
Optimising and prioritising your SDLC using business intelligenceKurt Solarte
 
Info360 2012 Built for Success - Creating an Effective ECM Org Structure
Info360 2012 Built for Success - Creating an Effective ECM Org StructureInfo360 2012 Built for Success - Creating an Effective ECM Org Structure
Info360 2012 Built for Success - Creating an Effective ECM Org StructureGreg Clark
 
IDC & Gomez Webinar --Best Practices: Protect Your Online Revenue Through Web...
IDC & Gomez Webinar --Best Practices: Protect Your Online Revenue Through Web...IDC & Gomez Webinar --Best Practices: Protect Your Online Revenue Through Web...
IDC & Gomez Webinar --Best Practices: Protect Your Online Revenue Through Web...Compuware APM
 
Rachel Rutti Resume 8 23
Rachel Rutti Resume 8 23Rachel Rutti Resume 8 23
Rachel Rutti Resume 8 23rachelrutti
 
Integrating ITSM Frameworks, Standards and Processes - ITSM Academy Webinar
Integrating ITSM Frameworks, Standards and Processes - ITSM Academy WebinarIntegrating ITSM Frameworks, Standards and Processes - ITSM Academy Webinar
Integrating ITSM Frameworks, Standards and Processes - ITSM Academy WebinarITSM Academy, Inc.
 
How to implement effective ITSM System
How to implement effective ITSM SystemHow to implement effective ITSM System
How to implement effective ITSM SystemAna Meskovska
 
Keith Carpenter
Keith CarpenterKeith Carpenter
Keith Carpentercarpka
 
Managing The Portfolio
Managing The PortfolioManaging The Portfolio
Managing The Portfoliostuart1403
 
iBuild
iBuildiBuild
iBuildibuildsolutions
 
Services & Solutions
Services & SolutionsServices & Solutions
Services & SolutionsAitent
 
Needa corporate profile v3
Needa corporate profile v3Needa corporate profile v3
Needa corporate profile v3durgamahesh9
 
11.06.28 staffing analysis case study for distribution
11.06.28 staffing analysis case study for distribution11.06.28 staffing analysis case study for distribution
11.06.28 staffing analysis case study for distributionEncompass Group, LLC
 
SAP Application Mangement
SAP Application MangementSAP Application Mangement
SAP Application Mangementcaldnambi
 
Catalyze Webcast Facilitating JAD Sessions - Jackie Parker 082307
Catalyze Webcast Facilitating JAD Sessions - Jackie Parker 082307Catalyze Webcast Facilitating JAD Sessions - Jackie Parker 082307
Catalyze Webcast Facilitating JAD Sessions - Jackie Parker 082307Tom Humbarger
 
Net@Work Client Presentation with Security
Net@Work Client Presentation with Security Net@Work Client Presentation with Security
Net@Work Client Presentation with Security Ray Glass
 
M&A Pitch Book- Costco and Target Proposed Merger
M&A Pitch Book- Costco and Target Proposed MergerM&A Pitch Book- Costco and Target Proposed Merger
M&A Pitch Book- Costco and Target Proposed MergerMohammad Al Sabeeh
 
Bond Market in Korea
Bond Market in KoreaBond Market in Korea
Bond Market in Koreayuvrajsamant
 
Prairie Creation!
Prairie Creation!Prairie Creation!
Prairie Creation!sehrhardt
 
Blockchain Solution for the Global Bond Markets
Blockchain Solution for the Global Bond MarketsBlockchain Solution for the Global Bond Markets
Blockchain Solution for the Global Bond MarketsPrajeesh Jayaram FRM
 
Liabilitas jangka panjang
Liabilitas jangka panjangLiabilitas jangka panjang
Liabilitas jangka panjangiyandri tiluk wahyono
 

More Related Content

What's hot

Application Lifecycle Management & VSTS
Application Lifecycle Management & VSTSApplication Lifecycle Management & VSTS
Application Lifecycle Management & VSTSMicrosoft Iceland
 
ELO Group Process Day Austrália
ELO Group Process Day AustráliaELO Group Process Day Austrália
ELO Group Process Day AustráliaEloGroup
 
Optimising and prioritising your SDLC using business intelligence
Optimising and prioritising your SDLC using business intelligenceOptimising and prioritising your SDLC using business intelligence
Optimising and prioritising your SDLC using business intelligenceKurt Solarte
 
Info360 2012 Built for Success - Creating an Effective ECM Org Structure
Info360 2012 Built for Success - Creating an Effective ECM Org StructureInfo360 2012 Built for Success - Creating an Effective ECM Org Structure
Info360 2012 Built for Success - Creating an Effective ECM Org StructureGreg Clark
 
IDC & Gomez Webinar --Best Practices: Protect Your Online Revenue Through Web...
IDC & Gomez Webinar --Best Practices: Protect Your Online Revenue Through Web...IDC & Gomez Webinar --Best Practices: Protect Your Online Revenue Through Web...
IDC & Gomez Webinar --Best Practices: Protect Your Online Revenue Through Web...Compuware APM
 
Rachel Rutti Resume 8 23
Rachel Rutti Resume 8 23Rachel Rutti Resume 8 23
Rachel Rutti Resume 8 23rachelrutti
 
Integrating ITSM Frameworks, Standards and Processes - ITSM Academy Webinar
Integrating ITSM Frameworks, Standards and Processes - ITSM Academy WebinarIntegrating ITSM Frameworks, Standards and Processes - ITSM Academy Webinar
Integrating ITSM Frameworks, Standards and Processes - ITSM Academy WebinarITSM Academy, Inc.
 
How to implement effective ITSM System
How to implement effective ITSM SystemHow to implement effective ITSM System
How to implement effective ITSM SystemAna Meskovska
 
Keith Carpenter
Keith CarpenterKeith Carpenter
Keith Carpentercarpka
 
Managing The Portfolio
Managing The PortfolioManaging The Portfolio
Managing The Portfoliostuart1403
 
Services & Solutions
Services & SolutionsServices & Solutions
Services & SolutionsAitent
 
Needa corporate profile v3
Needa corporate profile v3Needa corporate profile v3
Needa corporate profile v3durgamahesh9
 
11.06.28 staffing analysis case study for distribution
11.06.28 staffing analysis case study for distribution11.06.28 staffing analysis case study for distribution
11.06.28 staffing analysis case study for distributionEncompass Group, LLC
 
SAP Application Mangement
SAP Application MangementSAP Application Mangement
SAP Application Mangementcaldnambi
 
Catalyze Webcast Facilitating JAD Sessions - Jackie Parker 082307
Catalyze Webcast Facilitating JAD Sessions - Jackie Parker 082307Catalyze Webcast Facilitating JAD Sessions - Jackie Parker 082307
Catalyze Webcast Facilitating JAD Sessions - Jackie Parker 082307Tom Humbarger
 
Net@Work Client Presentation with Security
Net@Work Client Presentation with Security Net@Work Client Presentation with Security
Net@Work Client Presentation with Security Ray Glass
 

What's hot (17)

Application Lifecycle Management & VSTS
Application Lifecycle Management & VSTSApplication Lifecycle Management & VSTS
Application Lifecycle Management & VSTS
 
ELO Group Process Day Austrália
ELO Group Process Day AustráliaELO Group Process Day Austrália
ELO Group Process Day Austrália
 
Optimising and prioritising your SDLC using business intelligence
Optimising and prioritising your SDLC using business intelligenceOptimising and prioritising your SDLC using business intelligence
Optimising and prioritising your SDLC using business intelligence
 
Info360 2012 Built for Success - Creating an Effective ECM Org Structure
Info360 2012 Built for Success - Creating an Effective ECM Org StructureInfo360 2012 Built for Success - Creating an Effective ECM Org Structure
Info360 2012 Built for Success - Creating an Effective ECM Org Structure
 
IDC & Gomez Webinar --Best Practices: Protect Your Online Revenue Through Web...
IDC & Gomez Webinar --Best Practices: Protect Your Online Revenue Through Web...IDC & Gomez Webinar --Best Practices: Protect Your Online Revenue Through Web...
IDC & Gomez Webinar --Best Practices: Protect Your Online Revenue Through Web...
 
Rachel Rutti Resume 8 23
Rachel Rutti Resume 8 23Rachel Rutti Resume 8 23
Rachel Rutti Resume 8 23
 
Integrating ITSM Frameworks, Standards and Processes - ITSM Academy Webinar
Integrating ITSM Frameworks, Standards and Processes - ITSM Academy WebinarIntegrating ITSM Frameworks, Standards and Processes - ITSM Academy Webinar
Integrating ITSM Frameworks, Standards and Processes - ITSM Academy Webinar
 
How to implement effective ITSM System
How to implement effective ITSM SystemHow to implement effective ITSM System
How to implement effective ITSM System
 
Keith Carpenter
Keith CarpenterKeith Carpenter
Keith Carpenter
 
Managing The Portfolio
Managing The PortfolioManaging The Portfolio
Managing The Portfolio
 
iBuild
iBuildiBuild
iBuild
 
Services & Solutions
Services & SolutionsServices & Solutions
Services & Solutions
 
Needa corporate profile v3
Needa corporate profile v3Needa corporate profile v3
Needa corporate profile v3
 
11.06.28 staffing analysis case study for distribution
11.06.28 staffing analysis case study for distribution11.06.28 staffing analysis case study for distribution
11.06.28 staffing analysis case study for distribution
 
SAP Application Mangement
SAP Application MangementSAP Application Mangement
SAP Application Mangement
 
Catalyze Webcast Facilitating JAD Sessions - Jackie Parker 082307
Catalyze Webcast Facilitating JAD Sessions - Jackie Parker 082307Catalyze Webcast Facilitating JAD Sessions - Jackie Parker 082307
Catalyze Webcast Facilitating JAD Sessions - Jackie Parker 082307
 
Net@Work Client Presentation with Security
Net@Work Client Presentation with Security Net@Work Client Presentation with Security
Net@Work Client Presentation with Security
 

Viewers also liked

M&A Pitch Book- Costco and Target Proposed Merger
M&A Pitch Book- Costco and Target Proposed MergerM&A Pitch Book- Costco and Target Proposed Merger
M&A Pitch Book- Costco and Target Proposed MergerMohammad Al Sabeeh
 
Bond Market in Korea
Bond Market in KoreaBond Market in Korea
Bond Market in Koreayuvrajsamant
 
Prairie Creation!
Prairie Creation!Prairie Creation!
Prairie Creation!sehrhardt
 
Blockchain Solution for the Global Bond Markets
Blockchain Solution for the Global Bond MarketsBlockchain Solution for the Global Bond Markets
Blockchain Solution for the Global Bond MarketsPrajeesh Jayaram FRM
 
Fittr Pitch Deck
Fittr Pitch DeckFittr Pitch Deck
Fittr Pitch Decknolanperk
 

Viewers also liked (6)

M&A Pitch Book- Costco and Target Proposed Merger
M&A Pitch Book- Costco and Target Proposed MergerM&A Pitch Book- Costco and Target Proposed Merger
M&A Pitch Book- Costco and Target Proposed Merger
 
Bond Market in Korea
Bond Market in KoreaBond Market in Korea
Bond Market in Korea
 
Prairie Creation!
Prairie Creation!Prairie Creation!
Prairie Creation!
 
Blockchain Solution for the Global Bond Markets
Blockchain Solution for the Global Bond MarketsBlockchain Solution for the Global Bond Markets
Blockchain Solution for the Global Bond Markets
 
Liabilitas jangka panjang
Liabilitas jangka panjangLiabilitas jangka panjang
Liabilitas jangka panjang
 
Fittr Pitch Deck
Fittr Pitch DeckFittr Pitch Deck
Fittr Pitch Deck
 

Similar to Nasser's GRC and ERP Expertise

Nassers Pitchbook 03032010
Nassers Pitchbook 03032010Nassers Pitchbook 03032010
Nassers Pitchbook 03032010Nasser J Khan
 
Nassers Pitchbook 03032010
Nassers Pitchbook 03032010Nassers Pitchbook 03032010
Nassers Pitchbook 03032010Nasser J Khan
 
Fayol Principles Applied To TCS
Fayol Principles Applied To TCSFayol Principles Applied To TCS
Fayol Principles Applied To TCSdeepudost
 
JD Edwards & Peoplesoft 3 _ Kristina Webb _ Seeing through the clouds - A gui...
JD Edwards & Peoplesoft 3 _ Kristina Webb _ Seeing through the clouds - A gui...JD Edwards & Peoplesoft 3 _ Kristina Webb _ Seeing through the clouds - A gui...
JD Edwards & Peoplesoft 3 _ Kristina Webb _ Seeing through the clouds - A gui...InSync2011
 
RameshResume
RameshResumeRameshResume
RameshResumeRamesh k
 
Rachel Rutti Resume 8 23-2010
Rachel Rutti Resume 8 23-2010Rachel Rutti Resume 8 23-2010
Rachel Rutti Resume 8 23-2010rachelrutti
 
Skyward HRMiS
Skyward HRMiSSkyward HRMiS
Skyward HRMiSkshukla5
 
FourBridge Technologies - Company Profile
FourBridge Technologies - Company Profile FourBridge Technologies - Company Profile
FourBridge Technologies - Company Profile FourBridgeTechnologies
 
Resorcetek Presentation
Resorcetek PresentationResorcetek Presentation
Resorcetek PresentationNaitik Vyas
 
Debra_Evans_Resume
Debra_Evans_ResumeDebra_Evans_Resume
Debra_Evans_Resumedevans00
 
Salesforce Platform: Governance and the Social Enterprise
Salesforce Platform: Governance and the Social EnterpriseSalesforce Platform: Governance and the Social Enterprise
Salesforce Platform: Governance and the Social EnterpriseJames Hindes
 
AdvisorAssist Presentation: Cloud Computing and Compliance For RIAs
AdvisorAssist Presentation: Cloud Computing and Compliance For RIAsAdvisorAssist Presentation: Cloud Computing and Compliance For RIAs
AdvisorAssist Presentation: Cloud Computing and Compliance For RIAsAdvisorAssist, LLC
 
IMPLEMENTATION BEST PRACTICES Sep 22.pdf
IMPLEMENTATION BEST PRACTICES Sep 22.pdfIMPLEMENTATION BEST PRACTICES Sep 22.pdf
IMPLEMENTATION BEST PRACTICES Sep 22.pdfudayabhaskar42
 

Similar to Nasser's GRC and ERP Expertise (20)

Nassers Pitchbook 03032010
Nassers Pitchbook 03032010Nassers Pitchbook 03032010
Nassers Pitchbook 03032010
 
Nassers Pitchbook 03032010
Nassers Pitchbook 03032010Nassers Pitchbook 03032010
Nassers Pitchbook 03032010
 
Career Summary
Career SummaryCareer Summary
Career Summary
 
Fayol Principles Applied To TCS
Fayol Principles Applied To TCSFayol Principles Applied To TCS
Fayol Principles Applied To TCS
 
CRM- A Game Changer for Logistics
CRM- A Game Changer for LogisticsCRM- A Game Changer for Logistics
CRM- A Game Changer for Logistics
 
Wilma Harrelson Resume
Wilma Harrelson ResumeWilma Harrelson Resume
Wilma Harrelson Resume
 
Shiva j asthana
Shiva j asthanaShiva j asthana
Shiva j asthana
 
JD Edwards & Peoplesoft 3 _ Kristina Webb _ Seeing through the clouds - A gui...
JD Edwards & Peoplesoft 3 _ Kristina Webb _ Seeing through the clouds - A gui...JD Edwards & Peoplesoft 3 _ Kristina Webb _ Seeing through the clouds - A gui...
JD Edwards & Peoplesoft 3 _ Kristina Webb _ Seeing through the clouds - A gui...
 
RameshResume
RameshResumeRameshResume
RameshResume
 
Rachel Rutti Resume 8 23-2010
Rachel Rutti Resume 8 23-2010Rachel Rutti Resume 8 23-2010
Rachel Rutti Resume 8 23-2010
 
Coherent Executive Summary
Coherent Executive SummaryCoherent Executive Summary
Coherent Executive Summary
 
Skyward HRMiS
Skyward HRMiSSkyward HRMiS
Skyward HRMiS
 
FourBridge Technologies - Company Profile
FourBridge Technologies - Company Profile FourBridge Technologies - Company Profile
FourBridge Technologies - Company Profile
 
Resorcetek Presentation
Resorcetek PresentationResorcetek Presentation
Resorcetek Presentation
 
Debra_Evans_Resume
Debra_Evans_ResumeDebra_Evans_Resume
Debra_Evans_Resume
 
Salesforce Platform: Governance and the Social Enterprise
Salesforce Platform: Governance and the Social EnterpriseSalesforce Platform: Governance and the Social Enterprise
Salesforce Platform: Governance and the Social Enterprise
 
AdvisorAssist Presentation: Cloud Computing and Compliance For RIAs
AdvisorAssist Presentation: Cloud Computing and Compliance For RIAsAdvisorAssist Presentation: Cloud Computing and Compliance For RIAs
AdvisorAssist Presentation: Cloud Computing and Compliance For RIAs
 
Rajesh unni krishna resume
Rajesh unni krishna resumeRajesh unni krishna resume
Rajesh unni krishna resume
 
IMPLEMENTATION BEST PRACTICES Sep 22.pdf
IMPLEMENTATION BEST PRACTICES Sep 22.pdfIMPLEMENTATION BEST PRACTICES Sep 22.pdf
IMPLEMENTATION BEST PRACTICES Sep 22.pdf
 
egyprog
egyprogegyprog
egyprog
 

Nasser's GRC and ERP Expertise

  • 2. NASSER’S BRAND AND PROFILE Brand Nasser is a seasoned leader and a growth visionary supporting senior executive leadership in taking the companies to the next level of enhancing profitability by managing enterprise risk. Nasser Khan’s experience, skills, training and background brings a unique perspective to enterprise growth efforts. No matter what the economic times are, Nasser Khan is able to add value with his deep and broad experience. Some of the elements that build Nasser’s brand are: Client-Centric 1. Governance, Risk & Compliance (GRC) Professional 2. ERP Application Security and Controls 3. Business Systems & Process Transformation 4. Information Systems Auditor Service 5. MBA … Philosophy 6. Deep Multi-Industry Experience 7. Build Knowledge Networks 8. Educator & Trusted Adviser Integrity Excellence Profile •Over twenty one years of combined industry and •A proven track record in business development and client professional services experience including Leadership, management involving all levels of executives belonging to Operations, Management, Audit, Security & Controls Fortune 100 organizations. Implementation. Business consulting experience spans •GRC experience encompasses implementing GRC systems, across industries with clients in Education, Financial Services, performing and managing audit operations, User Access Energy, Manufacturing, Healthcare, and Public Sectors. Management, Security in PeopleSoft and other ERP systems, •Led business-critical implementations and performed risk Enterprise Risk Management and Identity Management. management assessments within the information systems •Led the Application Integrity Center of Excellence, focused functions. Key focus areas have been Application & on Oracle ERP packages offered by Deloitte nationally Infrastructure Security, Controls, Privacy and Compliance •Delivered presentations at several conventions held in the with COSO, COBIT (ITGC), SOX, Privacy Act, and MFIPPA U.S., Canada and Europe covering topics relating to I.T Audit, regulations. Areas of expertise extend to Governance, Risk, GRC, and Security & Compliance (GRC) tools where he utilizes best practices in Audit Approach & Implementation Methodology Nasser Khan’s Pitchbook
  • 4. ACHIEVEMENTS AND CAPABILITIES GRC Practice Development Technology Risk Advisory Built Oracle GRC capabilities across the US, by driving key Designed and implemented Governance, Risk & Compliance enablement initiatives including growth, delivery and (GRC), Identity Management projects, strategy, planning, training. coordinating, and consulting on the analysis and Assisted the regional centers develop and grow the practice identification of key risks, development of business and by improving their skill set of pursuing sales, enhancing systems. relationships and increasing footprints at existing clients. Performed assessment of security and controls in ERP and Educated to implement Oracle’s GRC applications and tools supporting applications and systems against various including the Oracle GRC Controls Suite, Oracle GRC regulatory compliance frameworks. Manager and Oracle GRC Intelligence products, and the Designed, built or assessed risk and controls objectives, technologies of Oracle GRC applications. design of controls activities, narratives, flowcharts, test Teamed cross-functionally to build joint capabilities of plans and testing of operating effectiveness. delivery and sales of solutions. Joint tasks included building Conducted Privacy Impact Assessments in systems and the pipeline, pursuing sales leads and assisting in the processes. delivery of solutions. Spearheaded the initiatives to build solutions labs for Businessand use-case demo purposes. learning Process Transformation Application Security & Controls Consulted on application use optimization and business Designed security management best practices, controls in process re-engineering of PeopleSoft modules, and environment management, access management, access decommissioning of redundant processes and sub- provisioning, and security administration processes. processes. Lead Security & Control build workshop sessions for Reviewed of As-Is payroll processes in order to streamline PeopleSoft and JD Edwards with functional areas Subject diverse operations, identify efficiencies and synergies Matter Expert Teams to determine organizational roles and between operating regions and reduce expenses. functions. Consulted on system configuration alternatives and Designed and built Security testing strategy. opportunities for standardization. Identified data owners, control table responsibilities and Reformed current business processes that vary from row level security structure for various business units. delivered ‘best-practices’ in PeopleSoft. Determine gaps, Designed authentication interface within the enterprise success criteria and recommendations. context for PeopleSoft applications, HCM and Financials. Lead the Fit/Gap effort and specified gap resolutions. Nasser Khan’s Pitchbook
  • 5. ERP IMPLEMENTATIONS AND I.T. AUDIT PeopleSoft Work Highlights Application supports role based in I.T. supporting HRMS, Benefits, Payroll, GL, A/P, P/O and AR modules as a business analyst Frequently applied minor upgrades working with data models of configuration and transaction tables Worked with Data Mover, App Engine, Component Interface and other integration tools Deep understanding of security implications , control capabilities and sensitivity of configuration and transaction tables in PeopleSoft HCM and Financials 7.0 to 9.0 Designed, implemented and configured HCM modules I.T Audit and Controls Work Assessed PeopleSoft for security and controls design Assessed PeopleSoft implementations for optimization of use Assessed PeopleSoft implementations of quality of project management, governance, security and controls Several SOD analysis and redesigns I.T. A Built own SOD tool for PeopleSoft HCM, Financials and JD Edwards Conducted system compliance audits for compliance with Municipal Freedom of Information and Privacy Act (Privacy Act) Mapped statutes and sections in regulations to data elements and controls activities in PeopleSoft and Infrastructure environment to demonstrate how and where the control is compliance. Taught Auditing I.T function on behalf of IIA Participated in design course for auditing PeopleSoft on behalf of IIA Nasser Khan’s Pitchbook
  • 7. CAREER TIMELINE Career progression PeopleSoft Formed Sr. HCM Nasrhuma Inc. Crown Cork Consultant Oracle Commercial Acquires MBA Manager PeopleSoft CISA Manufacturing 1986 1987 1992 1998 2000 2005 2007 2008 2009 Agfa Region of York Named Deloitte Product PeopleSoft BSA Security Manager Manager Product Enterprise Risk SAB, Inc. Lead Deloitte Sales Manager B2B Sales Sr. Manager Enterprise Risk Nasser Khan’s Pitchbook 7
  • 8. EMPLOYMENT Employers and Positions •February 2009-Current •Formed Nasrhuma Inc. in US and Canada. •A system integration professional services organization providing consulting advice in Technology Risk, GRC, ERP Roadmap and Strategy, and ERP implementation. • August 2005-February 2009 •Deloitte & Touché LLP- Costa Mesa, CA (managed team of max 11) •Senior Manager in Enterprise Applications Integrity Practice-Technology Risk •Lead the Oracle GRC Enablement Initiative Nationally •SME for PeopleSoft Security & Controls •Deloitte & Touché Ltd.- Toronto, ON (managed teams of max 7) •Manager in Enterprise Applications Integrity Practice-Technology Risk •Technology Risk Management •PeopleSoft & JD Edwards Security & Controls • June 2000- August 2005 •Oracle Consulting Services-Mississauga, ON •Principal Consultant in Business Consulting HCM, Financials & Security •PeopleSoft Consulting Services •Senior HCM Consultant Business •Global Security Product Co-Lead •December 1998-June 2000 Nasser Khan’s Pitchbook •Region of York •PeopleSoft Business Systems Analyst •Implemented and supported production environments of PeopleSoft HR and Financials •July 1992-December 1998 •Crown Cork & Seal Co., Inc •Commercial Manager •B2B Sales and marketing at a manufacturing unit for packaging
  • 9. QUALIFICATIONS Education & Certification Certified Information Systems Auditor, ISACA, USA Certified PeopleSoft Consultant MBA Finance & Marketing-1986 Institute of Business Administration University of Karachi, Pakistan BBA Marketing-1985 Institute of Business Administration University of Karachi, Pakistan Bcomm-Accounting-1982 St Patrick’s College, Karachi Memberships: Project Management Institute Canadian Management Association ISACA ISC2 • 15333 Culver Drive, Suite The Indus Entrepreneurs, TiE Irvine 340 # 586, Irvine, CA 92604 • (949) 551-6080 Website • Russell View Rd. http://nasserkhan.com Toronto Mississauga, ON L5M 5V8 (647) 829-6850 Email: NasserKhan@Nasrhuma.com Nasser Khan’s Pitchbook