IT Audit | Information Systems Audit | Internal Controls | GRC, Al and Cybersecurity Professional
Dynamic & Certified IT Audit Professional
With over 19 years of experience across Pakistan, Bahrain, Dubai, and KSA, I specialize in IT audits, information risk management, and compliance services.
My expertise spans IT General Controls (ITGCs) and IT Application Controls (ITACs) across major sectors including financial, oil & gas, power, telecom, hospitality, and real estate. I have a proven ability to manage complex, multi-scale engagements delivering high-quality, accurate results.
Specialized consulting and audit solutions to secure and optimize your business.
Comprehensive evaluation of your IT infrastructure, policies, and operations to ensure strict compliance with local and international regulatory standards.
Strategic guidance to fortify your digital assets against emerging threats, including vulnerability assessments, architecture reviews, and defense strategies.
Proactive identification and analysis of potential IT risks. Developing robust frameworks to mitigate impact and safeguard business continuity.
End-to-end guidance in designing, establishing, and maintaining a robust Information Security Management System (ISMS) tailored to your organization.
19+ Years of driving excellence in Audit, Advisory & Security
Managing internal audit teams, overseeing IT audits across functions, ensuring compliance, assessing controls, and aligning IT practices with strategic goals.
Coordinated GITCs and ITACs scope with external auditors. Summarized IT audit documentation and collaborated with audit managers and engagement partners.
Established scope for GITCs/ITACs, communicated audit requirements to clients, and pinpointed key issues for collaboration.
Progressed from Associate to Deputy Manager over 14 years. Delivered compliance services, executed risk assessments (ISO 27001), managed teams, and supported integrated audit engagements.
Completed three high-impact secondments in the Middle East:
Dubai • KSA • Bahrain
Technical capabilities and governance domains
Journal articles and professional research authored in the fields of IT Audit, Cyber Security, and GRC.
A research-based study focusing on improving IT governance frameworks and enhancing organizational risk management strategies.
Read Full ArticleThis paper explores modern IT audit methodologies and their role in ensuring compliance within complex enterprise systems.
Read Full ArticleA policy-driven analysis addressing governance structures, regulatory compliance, and cybersecurity risk mitigation.
Read Full ArticleAn evaluation of how traditional IT general controls must adapt to dynamic, containerized cloud infrastructures.
Read Full ArticleTrusted by industry leaders across the Middle East & Pakistan
Open to discussions regarding leadership roles, consulting opportunities, and strategic partnerships.
© Muhammad Rashid Mahmood. All rights reserved.
Comprehensive list of research, journals, and technical insights.