Ali Yalçın

- Information Security --- Information security strategy, policy and procedures --- SIEM --- Monitor security logs --- Security incident management --- Data Leakage Prevention --- Attack and Penetration tests --- Awareness trainings --- Data classification --- VISA & Master Card Key Officer - Application Fraud --- 7/12 --- Retail Loan and Credit Card applications - Transaction Fraud --- 7/24 --- Internet Banking, Credit Card, ATM and POS transactions --- PCI Audits

- Information Security - Operational Risk and Business Continuity --- Create and maintain Business Impact Analysis --- Create and maintain Business Continuity Plan --- Coordinate Disaster Recovery Plan and Business Continuity Plan Harmony --- Execute Bank wide Business Continuity and Disaster Recovery Tests --- Gather, analyze and report Operational Risk Events --- Perform Risk Control Self Assessments - Application Fraud Prevention - Transaction Fraud Prevention

Responsible from managing and conducting IT Audits throughout Erdemir Group Companies.

- Develop internal IT Audit regulations and multi-year IT audit plans - Identify IT control objectives based on COBIT, ITIL, and ISO 17799 standards - Present IT audit and annotation findings to the Audit Committee - Create IT risk matrix and cumulative risks for each IT related auditable entity - Deliver opinions on Bank’s newly created or changed IT related policy and procedures - Prepare IT section for the Management Declaration of the bank (BRSA requirement) - Create and execute BCP roadmap

Ali was responsible from: - Executing and Managing BRSA IT Audits - IT Audits Supervision and Execution - MSLI Microsoft Licensing Global Scrap Audits and Inventory Counts - IT Due Diligence - Sarbanes-Oxley Readiness and Compliance (Consultancy Testing) - Risk Based IT Consultancy