• Syed Muhammad Asim
 Syed Muhammad Asim

Syed Muhammad Asim

Manager IS Assurance & Risk Advisory Services

BDO Karachi


Executive Summary

Asim has completed his Master of Science in Information Technology (MS IT) from Institute of Business & Technology (BIZTEK), Karachi - Pakistan. Further, he done his MBA–Finance (from Missouri State, USA). He has also obtained professional certification Certified Information Systems Auditor (CISA) along with certification course in Oracle (Developer Track).

Asim joined BDO Ebrahim & Co., Chartered Accountants as Manager IS Assurance & Risk Advisory Services and is leading the “IT Audit” engagements. He has more than 15 year’s experience in conducting External Audit Support including IT General Controls and security reviews of various applications and operating systems, assessment of risk of significant mis-statement (ROSM) related financial reporting process, fraud related inquiries, business process controls reviews, for manufacturing and financial services clients of Pakistan as well as Middle East region. He has also been involved in various IT internal audit engagements  and Agreed Upon Procedures.

He has good understanding of BDO audit methodologies and tools. He also has good understanding of international standards and control framework including CoBIT 5, ISO 27001 ISMS, ITIL and DR frameworks.  His core areas of interest include identification of business process risk and their mapping with IT controls, Business Continuity Plan and Disaster Recovery Plan, Business Process Reengineering, Physical Access and Environmental Controls of Data Centre, etc. He has also performed application security and assessment review of various in-house developed applications as well as security and assessment review of some ERPs like SAP (Financials), Oracle Financials etc.   

Prior to joining BDO Karachi Office - Pakistan, He was associated with Big four audit firms (including EY, Deloitte, & KPMG) where he served the period 07 years, 03 year and 05 years respectively. During his period in big four audit firms, he managed the internal & External IS/IT audits along with the key special engagements covering the following areas like Forensic  and Cyber Security Investigation Reviews, IT General Controls reviews, Business Process reviews, IS Policies & Procedures, ERP Security and Functionality Reviews (SAP, Oracle EBS), Compliance Reviews &Implementation (ISO 27001-27005, COBIT, and ITIL), Application /DB/ OS/ Network Security Reviews, BCP & DRP reviews, Post implementation reviews, Application Control Testing with industry best practices at various companies and banks within Pakistan and Middle East region offices.