Najeem Adedayo Oyeyemi

I am responsible for the overall IT Risk management, SOX and other regulatory compliance focusing on the adequacy of design and effectiveness of the implemented control. Drive IT SOX compliance by working with the different control owners. Plan and manage the periodic SOX review across the in-scoped applications and systems while operating the assigned SOX controls. Coordinate statutory SOX 302 and 404 compliance audits with the external Auditors. Interface with internal and external auditors and drive remediation of all gaps identified during the audit. Collaborate with the relevant stakeholders to implement appropriate IT controls Conduct continuous risk assessments and business impact analyses for new and existing solutions. Liaise with Enterprise Risk, Internal Audit, and other relevant functions across the business to ensure that all risk registers and compliance-related documentation are up to date in line with the overall enterprise risk management approach. Conduct IT compliance reviews including user access reviews, risk assessments, control objectives monitoring, and vendor assessments across thirteen operating countries.

Establish an acceptable IT risk profile and promote adherence to information risk standards, and procedures to ensure IHS’s systems are protected from internal and external threats, and end-to-end security (frontline to back-end/ data centre) is maintained. Manage IT risk portfolio through proactive risk management and ensure timely management reporting to facilitate accurate decision making Effectively manage stakeholders to ensure to deliver on IT risk management and compliance and ultimately partner with all required function to promote an effective IT controlled environment Build awareness of new and evolving IT risks across the business and implement appropriate systems and processes which ensure that information risks are detected early and proactively managed with timely remediation when undesired events occur. Collaborate with the project team to timely identify risk, recommend controls, ensure the control implementation, and proactively monitor the risk. Liaise with Enterprise Risk, Internal Audit, compliance, and other relevant functions across the business to ensure that all risk registers and compliance-related documentation are up to date in line with the overall enterprise risk management approach. Drive continuous improvement embedding technology to provide greater assurance and insight to IT risk and compliance activities and proactively identify improvement in IT Governance, Risk, and compliance.

Work with the manager to plan, manage, execute the annual audit plan across IT and Network operation Ascertain that MTN IT Governance, Compliance and Information/Network Security Strategy aligns with the business strategy and best practice. Lead, coordinate, direct and supervise the team on various audit across multiple functional areas within MTN Nigeria. Audit Reporting detailing the key audit deliverables, providing accurate and timely information to key partners Perform engagements relating to risk management, information security audit, quality assurance audit, internal controls reviews, and IT governance reviews. Provide input to the overall audit methodology and promote efficient practices by recommending improvements in processing capability, user interface and security designs. Conduct data extraction and analytical reviews utilizing various databases, software tools and techniques. Ensure findings are remediated and closed out on timely basis. Liaise with the Regulatory Affairs team to identify IT compliance requirements and benchmark against company’s practice.

Providing technical leadership and direction in performing security reviews across the organization’s internal and external network, identifying risks associated with the company’s strategic objectives and making appropriate recommendations Liaise with all stakeholders in respect of the IT governance, control standards, and best practices. Support internal/external audit activities and drive the implementation of audit recommendations. Prepare quality reports by collecting, analyzing, and summarizing information and trends including failed processes, control gaps, corrective actions, and issue status. Coordinate and review IT business processes, identifying process dysfunctions and provide effective recommendation with the aim of enhancing effectiveness and overall operational efficiency. Technical Risk Assessment, Controls Design and Testing of various IT services, Systems, and Processes Evaluated and assessed security and control built into applications by conducting application penetration testing pre-go-live and post go-live – This effort resulted in reducing the risk of fraud been perpetrated on the application upon deployment and adherence to the Application deployment policy. Provide consulting services during the implementation of ISO 27001, ISO 20000 and COBIT 5 framework

First level troubleshooting of customer circuit and IP related issue before escalation to the respective 2nd level support team - As a member of Network support team, ensured that end-user complaints were promptly treated by the respective support team as required by the agreed Service Level Agreement (SLA) – Trouble/Fault ticket management with timely escalation and follow up till issue resolution. Monitoring and maintenance of SDH, IP and DWDM platforms using Huawei (iManager and U2000), InfoVista, IBM Cisco Info Connect (CIC) and TYCO (TEMS-NMS) network monitoring tools to ensure 24/7 network availability – carryout system health check on various infrastructures in the organization.