Business profile

Manager and auditor in the field of banking, risk management, internal control and IT.

Work Experience

mBank S.A. 
IT Audit Manager
May 2019 - Present 
I am responsible for:
– planning and performing the annual IT audit plan;
– planning and conducting internal audits of the organization and affiliated enterprises i.e. in the areas of: IT operational risk management, IT systems & processes, IT compliance function, IT security management processes (IT and cyber), cloud computing;
– developing lists of recommendations and guidelines, monitoring their implementation and reporting;
– ensuring the effectiveness of the system of IT and security risk;
– ensuring the effectiveness of the system of IT and security internal control;
– the team management.

IT Audit Expert
March 2019 - May 2019 (3 months)
I was responsible for:
– planning and conducting internal audits of the organization and affiliated enterprises i.e. in the areas of: IT operational risk management, IT systems & processes, IT compliance function, IT security management processes (IT and cyber), cloud computing;
– developing lists of recommendations and guidelines, monitoring their implementation and reporting;
– ensuring the effectiveness of the system of IT and security risk;
– ensuring the effectiveness of the system of IT and security internal control.

Bank Pocztowy SA
7 years 2 months
Head of Internal Audit (Director)
June 2016 - March 2019 (2 years 10 months)
I was responsible for:
– planning and performing the annual audit plan (maintenance the audit risk map as well);
– planning and conducting internal audits of the organization and affiliated enterprises i.e. in the areas of: IT & operational risk management, IT systems & processes, a compliance function, security management processes (IT security, data protection and cybersecurity), business continuity processes, liquidity & capital management processes;
– developing lists of recommendations and guidelines, monitoring their implementation and reporting to the board and to the audit committee;
– reviewing of the bank's compliance with regulatory and the company compliance standards;
– coordinating relationships between the bank and the Financial Supervisory Authority (KNF) regarding the implementation of recommendations;
– ensuring the effectiveness of the system of risk;
– ensuring the effectiveness of the system of internal control;
– designing, implementation and administration of the audit workflow system;
– the team management.

Head of IT Internal Audit (Deputy Director)
July 2012 - June 2016 (4 years)
I was responsible for:
– planning and performing the annual audit plan (maintenance the audit risk map as well);
– planning and conducting internal audits of the organization and affiliated enterprises i.e. in the areas of: IT & operational risk management, IT systems & processes, a compliance function, security management processes (IT security, data protection and cybersecurity), business continuity processes, liquidity & capital management processes;
– developing lists of recommendations and guidelines, monitoring their implementation;
– reviewing of the bank's compliance with regulatory and the company compliance standards;
– ensuring the effectiveness of the system of IT risk;
– ensuring the effectiveness of the system of IT internal control;
– designing, implementation and administration of the audit workflow system;
– the team management.

Senior IT Auditor
February 2012 - June 2012 (5 months)
I was responsible for:
– planning and conducting internal audits of the organization and affiliated enterprises i.e. in the areas of: IT & operational risk management, IT systems & processes, a compliance function, security management processes (IT security, data protection and cybersecurity), business continuity processes, liquidity & capital management processes;
– developing lists of recommendations and guidelines, monitoring their implementation;
– reviewing of the bank's compliance with regulatory and the company compliance standards.

GreenPost Sp. z o.o.
Audit Director
July 2011 - March 2012 (9 months)
I was responsible for:
– testing compliance services with the applicable regulations and the company standards;
– evaluating of the effectiveness and streamlining business processes;
– ensuring the effectiveness of the system of risk and the system of internal control;
– planning and conducting audits inside the organization and affiliated enterprises;
– developing recommendations and overseeing their implementation;
– establishing organizational standards;
– monitoring and reporting.

IT Solution Architect (B2B Contract)
July 2009 - March 2012 (2 years 9 months)
I was responsible for:
– defining, implementing and testing the technical requirements of products in accordance with the regulations in Poland and the European Union (such as electronic transactions, electronic shipping documents, electronic payments, confirmation, accounting, tax issues).

Development Director
February 2011 - June 2011 (5 months)
I was responsible for:
– defining, implementing and testing the technical requirements of products in accordance with the regulations in Poland and the European Union (such as electronic transactions, electronic shipping documents, electronic payments, confirmation, accounting, tax issues);
– ensuring that projects are delivered according to the their scopes and on time;
– testing compliance services with the applicable regulations and the company standards;
– establishing organizational standards;
– monitoring and reporting.

Controlling and Investment Director
December 2010 - January 2011 (2 months)
I was responsible for:
– establishing organizational standards;
– monitoring and reporting;

– financial planning & controlling.

Capital Market Institute - WSE Research (Warsaw Stock Exchange Group (GPW))
Development Director
November 2010 - February 2011 (4 months)
I was responsible for:
– building and realization business strategy and business perspective process management;
– preparing of the operational, investment and financial plan;
– developing fixed and security training program; being one of the trainer;
– the internal management consulting;
– the sales and vendor process management (including negotiations);
– IT services and application process management;
– the trends analysis;
– the implementation of solutions for increasing services quality.

Business Excellence Institute (Poland)
Senior Auditor / Senior Manger / Trainer (B2B Contract)
October 2006 - July 2009 (2 years 10 months)
I was responsible for:
– ensuring that all projects are delivered according to the their scopes and on time;
– auditing and controlling processes, including: planning, budgeting and implementing of audit and advisory projects for selected customers (TOP 100);
– evaluating the efficiency and effectiveness of the implemented methodologies, processes and procedures;
– the verification of compliance with the requirements of regulations and standards;
– implementing solutions to monitor and reporting;
– making recommendations and supporting the processes of their implementation;
– coordinating accreditation procedures;
– evaluating business risk management processes and implementing preventive procedures;
– analyzing and implementing the revenue assurance process;
– leading trainings and workshops.

Vice President
July 2007 - June 2008 (1 year)
I was responsible for:
– business strategy definition and business operation management;
– ensuring that all projects are delivered according to the their scopes and on time;
– auditing and controlling processes, including: planning, budgeting and implementing of audit and advisory projects for selected customers (TOP 100);
– evaluating the efficiency and effectiveness of the implemented methodologies, processes and procedures;
– the verification of compliance with the requirements of regulations and standards;
– implementing solutions to monitor and reporting;
– making recommendations and supporting the processes of their implementation;
– coordinating accreditation procedures;
– evaluating business risk management processes and implementing preventive procedures;
– analyzing and implementing the revenue assurance process;
– leading trainings and workshops;
– the team management (recruitment, training, motivation, evaluation).

Member of the Board
October 2005 - February 2007 (1 year 5 months)
I was responsible for:
– business strategy definition and business operation management;
– ensuring that all projects are delivered according to the their scopes and on time;
– auditing and controlling processes, including: planning, budgeting and implementing of audit and advisory projects for selected customers (TOP 100);
– evaluating the efficiency and effectiveness of the implemented methodologies, processes and procedures;
– the verification of compliance with the requirements of regulations and standards;
– implementing solutions to monitor and reporting;
– making recommendations and supporting the processes of their implementation;
– coordinating accreditation procedures;
– evaluating business risk management processes and implementing preventive procedures;
– analyzing and implementing the revenue assurance process;
– leading trainings and workshops;
– the team management (recruitment, training, motivation, evaluation).

Orange Polska (Telekomunikacja Polska S.A.)
8 years 3 months
IT Services Director 
February 2004 - September 2005 (1 year 8 months)
I was responsible for:
– IT service level management proces (SLM);
– auditing and assessing the level of quality IT services (cost and KPI’s analysis);
– examining consistency of IT processes;
– planning and managing the revenue assurance process;
– designing of customer satisfaction questionnaire, analyzing their results and monitoring the implementation process of the post-survey recommendations (as a Director of Tech Customer Satisfaction Program);
– building and implementing strategies and processes to communication and PR for TP (R&D, IT, Telco);
– building and participating in the strategy of the company for the sale and delivery integrated ICT services and supervising over the correctness of the implementation projects for corporate Clients;
– reporting according to corporate standards (IAS, IFRS, internal TPSA, FT);
– the team management (recruitment, training, motivation, evaluation).

IT Division Manager (Service Level Management) 
July 2003 - January 2004 (7 months)
I was responsible for:
– developing and implementing IT service level management proces (SLM);
– auditing and assessing the level of quality IT services (cost and KPI’s analysis);
– designing of customer satisfaction questionnaire, analyzing their results and monitoring the implementation process of the post-survey recommendations (as a Director of Tech Customer Satisfaction Program);
– reporting according to corporate standards (IAS, IFRS, internal TPSA, FT);
– the team management (recruitment, training, motivation, evaluation).

Orange Polska (PTK Centertel sp. z o.o.)
IT Security and Efficiency Division Manager
March 2003 - June 2003 (4 months)
I was responsible for:
– ensuring efficiency, effectiveness and credibility of risk management and hedging revenues (Revenue Assurance);
– providing cost optimization (TCO reduction over 10% of the annual IT budget);
– IT security management, personal data protection;
– conducting internal business audits of the quality and processes (as an ISO Internal Auditor and a member of the team "Promoters of Quality");
– making and supervising implementation of recommendations.

Support Manager
January 2002 - February 2003 (1 year 2 months)
I was responsible for:
– planning, implementing and ensuring the proper functioning of the IT services and processes;
– providing cost optimization (TCO reduction over 10% of the annual IT budget);
– implementing the service level management process (SLM);
– auditing and recommending changes to the organization to increase the profitability of the IT activities;
– conducting internal business audits of the quality and processes (as an ISO Internal Auditor and a member of the team "Promoters of Quality");
– making and supervising implementation of recommendations.

IT Section Manager (Distributed Computing)
June 1999 - January 2002 (2 years 8 months)
I was responsible for:
– planning, implementing and ensuring the proper functioning of the IT services and processes;
– defining IT standards;
– applications and systems management (i.e. Terminal Servers, Business Applications, ITSM systems, ERP and Data Warehouse systems);
– analyzing and implementing solutions to guarantee optimal use of ICT tools;
– conducting internal business audits of the quality and processes (as an ISO Internal Auditor and a member of the team "Promoters of Quality");
– making and supervising implementation of recommendations;
– IT purchasing and logistics (annual budget over $6 million).

IT Help Desk Coordinator
December 1997 - May 1999 (1 year 6 months)
I was responsible for:
– building IT Service Desk and providing support to users of the IT systems;
– conducting internal business audits of the quality and processes (as an ISO
Internal Auditor and a member of the team "Promoters of Quality").

IT Help Desk Consultant
July 1997 - December 1997 (6 months)
I was responsible for:
– building new IT Service Desk and providing support to users of the IT systems.

S.bit
Implementation Specialist
November 1996 - February 1997 (4 months)
I was responsible for:
- planning and implementing company applications;
- end user consulting and training.

Languages knowledge

English, professional proficiency, 
- Cambridge Business English Certificate (BEC) Vantage
- TOEIC – 845 points

Certifications and other credentials

Certified Information Systems Auditor (CISA), ISACA, certificate no. 18145433
Certified Internal Auditor (CIA), IIA, certificate no. 114850
Certification in Risk Management Assurance (CRMA), IIA, certificate no. 7914
Certificate Accreditation in Quality Assessment / Validation (QA), IIA, certificate no. 533/16/283
Certified Penetration Testing Engineer (CPTE), Mile2, certificate no. 423400
Internal Auditor (ISO), BSI, certificate no. PL020799-54372 and Polish Ministry of Economy, certificate no. 2695/ORG
Counteracting money laundering (AML) and the financing of terrorism certificate, GIIF, certificate no. 04374/2016/E
ITIL Expert, APMG, certificate no. 851698
ITIL Manager, EXIN, certificate no. 539504
Microsoft Certified Solution Developer (MCSD), Microsoft, certificate no. B796-4104 

(MCAD, MCDBA, MCSE, MCSA as well)
Certified TCO Expert (Total Cost of Ownership), Gartner

Academic and Post-Graduate Educations

Doctor of Philosophy in management sciences (dr)
Warsaw University of Technology (Politechnika Warszawska)
Faculty of Management
Wyróżnienie w VI edycji Konkursu o Nagrodę Prezesa Narodowego Banku Polskiego za najlepszą pracę doktorską z zakresu nauk ekonomicznych.

Master in management and marketing (mgr)
University of Management and Law in Warsaw (Wyższa Szkoła Zarządzania i Marketingu w Warszawie)
Marketing and Management Faculty

Engineer of mechatronics (inż)
Warsaw University of Technology (Politechnika Warszawska)
Faculty of Mechatronics

Doctoral seminar of law
Koźmiński University (Akademia Leona Koźmińskiego)

Writing in the Sciences Seminar (Statement of Accomplishment)
Stanford University,  

Postgraduate studies
Koźmiński University (Akademia Leona Koźmińskiego)
Fixed and Security Analysis based on CFA (doradca inwestycyjny)

Executive MBA & Diplôme International du Management
The French Institute of Management associé à l'Institut Français de Gestion

Organizations

IT Management Academy of Public Administration – member of the Program Committee
Foundation IT Leader Club Polska – member and vice president of the Management Board
Foundation IT Leader Club Polska – member of the Program Committee
IT Service Management Forum (itSMF) – ex-member and co-founder; for 4 years Vice President and Board Member of the Polish branch of itSMF (2004 - 2008)
League for Nature Conservation (LOP) – ex-member; for 5 years Member of the Board of the LOP (1990 - 1995)
The Institute of Internal Auditors (The IIA) – member

Association of Martial Artists World Wide  member

Selected List of Published Papers

Banking supervision in Poland, Discussion of possible solutions, edu-Libri, 2017
The organization of the banking supervision models – transformation in selected European countries, JoMS, WSGE, 2016.
Process management in a local bank – a practical process model, JoMS, WSGE, 2015.
The banking product in supervisory regulations - formal and legal aspects of creating a banking product, JoMS, WSGE, 2014.
Internal audit functions in local government units on the background of experience in the banking sector - selected legal aspects, Bezpieczeństwo Informacji Państwa i Biznesu, WSGE, 2014, as co-author. 
Service Level Management (SLM®), series of publications, slm.pl.
Total Cost of Ownershipseries of publications, tco.pl.
The acquisition cost of the IT system, wiedzaifinanse.pl, 2010.
IT cost management, wiedzaifinanse.pl, 2010.
Practical aspects of TCO, Business Excellence Institute, 2008.
Systematic abc-book, author's review of the models used in IT ManagementIDG, 2007.
Management of the quality of IT Services, Business Excellence Institute, 2007.
Basic structure of the SLA, Business Excellence Institute, 2006.