yara abdulaziz alshiban

Held responsibility for maintaining, reviewing, and updating IT policies and procedures.
Worked on the correction plans and requirements for the IT department's risk register.
Worked on the correction plans for external/internal audits and provided the evidence to close the findings.
Led the development of Business Continuity enhancements (BIA, BCP, DRP) for the IT department.

Monitored and reported on key IT performance indicators (KPIs) to drive continuous improvement and strategic decision-making.

Implemented ISO 38500 principles for IT governance.

Write proposals to align with the RFP requirements.

Served as Project Manager for the BCM automation project.

Define, review, and edit the Cybersecurity policies based on SAMA requirements.

Maintain RCSA [Risk Control Self-Assessment] document & perform RCSA testing against IT processes.

Managed the risk register - tracking all risks and reviewing them on a quarterly basis.

Develop Cybersecurity policies and procedures to align with NCA requirements.

Conduct Cybersecurity compliance self-assessments and audits to comply with NCA-ECC controls.

follow up with CCHI stakeholders to close the findings.

Report to the management the status and the maturity of the compliance.

Conduct self-assessment and collect evidence from different departments.

Develop a Cybersecurity awareness campaign to target all CCHI employees and contractors.

Report to the management about the activities of Cybersecurity awareness.