Project: Project for Improvement of Cyber ResilienceIn order to improve the cybersecurity capabilities of Cambodia as a whole, the project will strengthen the capacity of the Department of ICT Security, which plays a central role in the field of cybersecurity, cooperate with other ministries and agencies, conduct awareness-raising activities for the general public, and identify the cybersecurity laws that are necessary for Cambodia.On November 29, 2022, the Japan International Cooperation Agency (JICA) signed a Record of Discussions with the Government of the Kingdom of Cambodia in Phnom Penh for the Project for Improvement of Cyber Resilience, a technical cooperation project.In Cambodia, CamCERT, a National CSIRT, is affiliated with the Department of ICT Security of the Ministry of Post and Telecommunications. The project aims to support the Department of ICT Security in the improvement of its cybersecurity capacity, and to strengthen the cyber security resilience of the digital society of Cambodia in the future. The project will contribute to the achievement of SDGs (Sustainable Development Goals) Goals 9 (Industry, Innovation and Infrastructure) and 17 (Partnerships for the Goals).Reference: https://www.jica.go.jp/Resource/english/news/press/2022/20221205_41.html?fbclid=IwAR1Uws5opiLsa_P5a4mC20h1F8zHCSLeBN6Qoa3Rg_8K_EJwTmeZ4DFMW68

Conduct a full audit of an organization's Management Systems in accordance with ISO standards requirements.

Expertise: • Information system & technology (IS/IT), cybersecurity, business continuity management (BCM), disaster recovery planning (DRP), digital banking auditsDuties and responsibilities:• Managing and leading team:- Developed valuable and positive relationships with IT and business partners by executing efficient audit work and offering suggestions to enhancing risk management;- Directed audit team reviewing the bank's IT systems, security and infrastructure to ensure they follow policies/ procedures and also for possible mismanagement, fraud and inefficiency;- Motivates leaders and executives to act and resolve issues in complex or sensitive settings;• IT Audit and Assurance:- Participated in ongoing enterprise risk assessment process and assist in developing and executing a dynamic audit plan to address high risk areas for the Bank;- Identified issues, investigated, analyzed evidences, proposed strategies, and made recommendations for improvement of the Bank processes based on the work performed;- Promote efficient practices by recommending improvements in processing capability, user interface, and security designs;• Coaching and Capacity Development:- Prepared and maintained related technical training documentation and provided technical training;- Acted as mentors so each team member has the proper expertise to ensure that staff has a solid understanding of auditing procedures and necessary independence to conduct their own investigations;- Provided supervising, coaching, counselling, and mentoring and conduct performance reviews and contribute to performance feedback for staff to help them to develop professionally and personally.Key achievement and deliverable:• Developed Internal IS/IT, security, BCM/DRP, and Project audit methodologies, procedures, testing & documentation tools, audit report templates

Expertise:• Information Security (IS) review & assessment• IS policies, procedures, standards, guideline development• IS consulting & implementation; IT governance; project management.Duties & responsibilities:• Led & directed the IS management function• Developed, implemented the IS programme & governance optimising company’s IS posture• Developed & implemented effective policies, procedures & guidelines to secure sensitive data ensuring IS & compliance with relevant legislation & legal interpretation• Developed, implemented, administered technical security standards, as well as a suite of security services & tools to address & mitigate security risk• Developed & maintained project DR & BCM for information systems; monitors changes in legislation & standards that affect IS• Established annual & long-range security & compliance goals, define security strategies, metrics, reporting mechanisms & roadmap for continual program improvement• Liaised with & offered strategic direction to related governance functions i.e. physical security, risk management, IT, HR, legal & compliance plus management on IS matters such as routine security activities, emerging security risks & control technologies• Provided management consultancy advice & practical assistance on IS risk & control matters & promoting commercial advantages of managing IS risks more efficiently• Provided leadership, direction & guidance in assessing & evaluating IS risks & monitor compliance with security standards, appropriate policies & applicable laws & regulations• Reviewed implementation of new technologies/services to ensure security compliance• Led IS risk assessments, controls selection, IS awareness, training & educational activities• Led the execution of security risk analysis, risk management & security testsAchievement:• Developed Information Security Policies based on ISO 27001:2013, Mobile Financial Services Security Guideline• Led BCM, DRP, VAPT, Security review projects

Expertise :• IT General Controls (ITGC), Automated Application Controls, IT Dependent Business Controls, ERP Systems, IT Infrastructure and various IT Platforms, Financial audit IT integration, Regulatory Compliance Audit and Assurance based on COSO, COBIT, ISO, SOX, and territory frameworks/standards;• IT Risk & Control Assessments and Remediation;• IT and Internal Controls Design and Optimisation;• Data Analytics and CAAT-related Delivery;• Project Management and Implementation.Key achievement and deliverable:• Developed mySoD Review tool for reviewing Segregation of Duties report of Oracle EBS application• Developed chart of services and marketing materials that ITRA team of PwC Vietnam offers• Instructed Technical core skills on Linux/UNIX, SQL Servers and Oracle databases for ITRA team• Instructed ITGC for Assurance courses for Associate and Senior Auditors (Assurance team)• Provided training and support on data analytic and CAAT-related matters to ITRA and Assurance teams• Provided IT Risk Assurance & advisory services to over 30 clients in the following industries: Finance Service Institution (Bank, Insurance, Finance, Securities), Oil & Gas, Food & Beverages, others.

•Managed multiple IT audit, assurance, advisory projects simultaneously•Led various IT assurance projects including reviews of IT general control, automated application control, system change & development, computer operation, security of various IT system infrastructure & platforms, internal control regulatory compliance, data quality assurance using CAAT•Led scoping, planning, selecting & tailoring of approach, method, tool, solution for project•Led delivery of fieldwork, setting objective of deliverable, allocating resources•Review quality of fieldwork & documents prepared by team to ensure deliverable meet firms’ methodologies & quality standards•Verified that optimal control relating to system & implementation are in place & operating effectively•Identified issues, investigated, analysed evidences, recommended strategy for improvement•Helped clients in assessing & defining policies & procedures to align IT strategy to corporate strategy & responsive to a changing & competitive business•Helped clients to understand, identify, assess, mitigate & consider emerging risks associated with project, control & technology that support business & to identify opportunity to effectively improve business performance•Identified & evaluated design & effectiveness of business & IT risks, IT management control, IT governance practice supporting business & operation, control mitigating risk & related improvement opportunity•Presented & discussed findings with clients’ senior management to finalise deliverable and to advice on IT performance improvement opportunity•Participated in decision making with leaders & contributed to improving operational efficiency on project•Assisted leaders in creating opportunities through development and presentation of marketing materials & proposals•Provided technical training & support to financial & IT risk assurance teams on IT audit/assurance and data analytic•Built, maintained, strengthened internal & external relationships

Expertise :• IT General Controls (ITGC), Automated Application Controls, IT Dependent Business Controls, ERP Systems, IT Infrastructure and various IT Platforms, Financial audit IT integration, Regulatory Compliance Audit and Assurance based on COSO, COBIT, ISO, SOX, and territory frameworks/standards;• IT Risk & Control Assessments and Remediation;• IT and Internal Controls Design and Optimisation;• Data Analytics and CAAT-related Delivery;• Project Management and Implementation.Key achievement and deliverable:• Developed myIQ-Test game for Assurance training course• Designed Risks Vs Controls diagram for Assurance training course• Provided training and support on data analytic and CAAT-related matters.• Provided IT Risk Assurance & advisory services to over 20 clients in the following industries: Finance Service Institution (Bank, Insurance), Telco & ISP, other services.

Expertise :• IT General Controls (ITGC), Automated Application Controls, IT Dependent Business Controls, ERP Systems, IT Infrastructure and various IT Platforms, Financial audit IT integration, Regulatory Compliance Audit and Assurance based on COSO, COBIT, ISO, SOX, and territory frameworks/standards;• IT Risk & Control Assessments and Remediation;• IT and Internal Controls Design and Optimisation;• Data Analytics and CAAT-related Delivery;• Project Management and Implementation.Key achievement and deliverable:• Developed mySampling tool for generating the random samples for IT General Controls and Non-Monetary based controls testing• Developed myConversion tools for converting journal entries data from SmartBank and Moneta core banking system and SUN accounting system report format to EY Global Analytics format for Journal Entries testing• Developed request for proposal (RFP), contracts, and vendor selection criteria for advisory clients• Provided training and support on data analytic and CAAT-related matters to offices across Indochina• Provided IT Risk Assurance & advisory services to over 40 clients in the following industries: Finance Service Institution (Bank, Insurance, Finance, Securities), Oil & Gas, Telco & ISP, Food & Beverages, others.

I outsourced from Ernst & Young to Johnson & Johnson Medical Vietnam as Senior Consultant and Analyst for new ERP (SAP) application software implementation project in the scope of six (Singapore, Malaysia, Indonesia, Philippines, Thailand, and Vietnam) countries in the South-East Asia. Expertise: ERP Consulting, Analysis, and Project CoordinationDuties and responsibilities and key achievement and deliverable:• Reviewed Chart of Accounts (CoA) of and master files of the current system (JDE); checked for errors & arranged to rectify them; removed duplicated and unused records, filled the blank fields;• Identified missing accounts in SAP & escalated to finance director; modified the current data format to suit SAP requirements and mapped to appropriate accounts in CoA and modules of new system (SAP);• Reviewed the existing balance sheet reconciliations & checked for old items; followed up with internal & external customers to clear the items and identified records which need to be deleted then worked with Accenture to remove them from the books before going live in SAP; • Checked the new record creation requests to ensure that new records are error free;• Provided bank SWIFT codes of all countries to the regional project teams in other six countries;• Reviewed the reports in SAP to ensure the being-used reports in current system are available in SAP;• Reviewed and looked for opportunities to replaced current manual activities by SAP reports and in order to ease with local legal statutory requirements.

Expertise: -Electronic Banking Products & Services;-ATM Account Reconciliation;-Disputed Transaction Identification, Investigation, and Resolution;-Electronic Banking Transaction Chargeback;-Training, Customer Support, and Troubleshooting.Duties and responsibilities:-Provided exemplary support to the EBS department and EBS units including ATM, POS, Card units;-Assisted EBS management on team management and tasks allocation;-Captured and presented EBS data including preparing HUB, ATM Cut Off Time, and ATM daily service reports and monthly management reports;-Developed workflow and work instruction documents regarding the EBS processes;-Reconciled ATM and international payment card scheme settlement accounts;-Investigated and resolved the reconciliation and electronic banking issues;-Processed of retrieval requests and electronic banking transaction chargebacks;-Ordered Mobile Phone Top-Up (MPTU) data from Telco partners and loaded into ATM system;-Processed Diskpay [ANZ’s Payroll Application] file and International Card Scheme settlement files-Installed Diskpay at corporate clients’ premises;-Provided training and support on Diskpay, Personal Internet Banking, and eBiz to customers. -Provided countrywide training, coaching, support, and troubleshooting to on EBS.Key achievement and deliverable:-Developed work flow and work instructions for the ATM Cash Account Reconciliations-Developed manual for installation, usage, and troubleshooting of Diskpay [ANZ’s payroll application]-Provided training to Bank staff on the Electronic Banking Services-Provided training on Diskpay, Personal Internet Banking, and eBiz to customers.

Expertise:•Project Management•Business System and Process Analysis and Design•Relationship Management and Business Development•Training, Customer Support, Troubleshooting.Duties & Responsibilities:+Project management:•Planned & managed work schedule for development & project staff•Coordinated key tasks on projects including setting up plan, allocating resources, scheduling, managing, monitoring, prioritizing the task of projects•Managed multiple software development & implementation projects simultaneously•Collected & check spot schedule & cost data & analysed project cost & budget control activities to provide the directors for management & decision•making•Monitored & evaluated project implementation schedule & cost & produced project progress report for directors, business development, clients•Led development & execution of test plans, test cases, walk•through to ensure quality of software meet standard & successful of projects+Business System & Process Analysis & Design:•Researched & analysed current & emerging technologies specifically on business & finance software•Discussed with clients to gather business requirement, analysed & produced technical documents i.e. diagrams, use cases, specifications of new & customised features; designed data & work•flow of software system•Reviewed business, developers, support teams to analyse defects/bugs of the products•Adviced software developers on software design & development.+Business development:•Established, maintained, managed stakeholders relationship including clients & suppliers •Actively involved in business development activities including leading in designing marketing materials, setting up promotion program, marketing plan & budgeting, contact, prepare products & services quotation for customers, follow up & negotiate with customers.Key achievement:•Provided business process analysis & design customised financial software to over 10 governmental, not-for-profit & profit organisations.