Ivan Dechev

- Performing an annual risk assessment for the IT environment to develop a risk-based audit plan; - Managing technology audit execution, effectively prioritizing competing commitments, performing/assisting with fieldwork as/when required; - Identifying key issues impacting businesses and IT areas under review, presenting and agreeing with management practical, commercial actions for the mitigation of associated risks; - Proactively managing relationships with key IT stakeholders;

- Leading the Identity & Access Management (IAM) Audit and Controls function managing the risk, audit and regulatory portfolio across all IAM services - Responsible for setting vision, direction and planning prioritization of the direct resources - Working closely with 2nd, 3rd Line of Defense and other teams during their audit fieldwork and regulatory inspections being the SME for IAM controls and collaborating closely with the Enterprise Security Services Audit and Control Lead

Managing technology audit execution, effectively prioritizing competing commitments, performing/assisting with fieldwork as/when required // Effectively supervising and motivating audit teams, providing necessary oversight and guidance to ensure the audit is completed against relevant targets (e.g. budget, fieldwork timing, report clearance, etc.) // Utilizing effective risk awareness in order to ensure an appropriately targeted and risk focused audit approach

Managing IT security remediation project (incl. identification of risks and issues, implementation of mitigation controls, vendor oversight of effective mitigation, risk acceptance of residual risk) for a global wealth and asset manager // Managing an Business Rollout planning as well as an interface between IT and Business in an Identity & Access Management (IAM) Program for more than 30’000 users and 280 applications for a large Swiss bank

Audit and advisory engagements in order to assess IT risks as well as the maturity of IT processes across the organization worldwide / Advisory of management regarding appropriate measures to ensure process efficiency, proper controls and security in IT functions and related IT landscapes / Information security audits covering the areas of IT Security Organization , IT Security Framework as well as IT Security Monitoring and Incident Response processes and tools

Corporate Audit - IT & Forensic // Audit of internal control systems in respect of IT controls and IT supported process controls across the organization worldwide // Information security audits according to the standard ISO27001 // Compliance audits supported by mass data analysis using IDEA/IDEAScript // TeamMate Champion – user training, technical and user support for the TeamMate audit management system; implementation and configuration of new TeamMate releases

Controls Assurance - IT-Audit, Process audit, Mass data analysis, Fraud Detection, SOX (Sarbanes Oxley), ISO27001 Audit and Consulting

Human Computer Interaction