SlideShare a Scribd company logo

Pakistan refinery limited

S
Sandeep Kumar

This is an Audit report of Pakistan Refinery Limited and covers all the the topic of audit

Business
1 of 15
Group Members: Muhammad Sherjeel Shoukat - 19306 Sandeep Kumar - 20395 Maryam Hassan - 20653 Mahad Mehmood - 20426 PAKISTAN REFINERY LIMITED
 Introduction:  Pakistan Refinery was incorporated in Pakistan as a public limited company in May 1960 and is quoted on Karachi and Lahore stock exchanges.  Its registered office is located at Korangi Creek Road, Karachi.  The company is engaged in the production and sales of Petroleum products.  The design capacity of the Refinery was 1 million tons of crude oil per annum, but was increased to 2.1 million tons per annum later.  The refinery is a hydro-skimming refinery, and produces high speed diesel, furnace oil, motor spirit, Naphtha, kerosene, jet fuels and liquified petroleum gas.
Continue……  Its major customers are shell, P.I.A, and chevron.  Board of Directors:  Chairman: Farooq Rahmatullah Khan  Managing Director & CEO: Aftab Husain  Company Information:  Chief Financial Officer: Imran Ahmad Mirza  Acting Company Secretary: Shehrzad Aminullah  Auditors: A. F. Ferguson & Co. Chartered Accountants  Audit Committee Members:  Babar H. Chaudhary  Faisal Waheed  Muhammad Najam Shamsuddin  Saleem Butt
 Audit planning table: Ranking Audit Area Time Frame Last Checked Responsibility 1 Hacking and violation of data 1 week 2016 IT consultant 2 Physical access 2 weeks 2014 Security department 3 Data Centre operations 8 days 2015 Data Centre Manager 4 System resiliency 4 days 2015 Data Centre Manager 5 Power and electricity 7 days 2015 On field manager 6 Fire 5 days 2012 Security department 7 Environmental controls 9 days 2013 On field manager
Risk Assessment and Audit Engagement Risk Analysis: Inherent Risk: It is defined as that risk which is the nature of the business. Types of inherent risks: 1. Natural risk 2. Manmade risk 3. Power failure
Continue…… Control Risk: It is the risk that occurs due to absent or weak internal controls to the data center. 1. Weak security controls Detection Risk: It’s the risk which the auditor can’t predict. 1. Violation of data within confidential zone
 Objectives:  To make it sure that there is data backup available in case any destruction happens to their data center.  To check that are they using proper security measures for the physical security access and is there proper segregation of duty for data center.  To check that there is proper power and electricity backup available and are they working properly.  Examining proper fire extinguishers system availability and its effectiveness.  Examining proper cooling system of data center computers.
Scope: TIME FRAME:  From 14 February to 19 April.  Divide our task properly to meet the goal of auditing data center. PLACE OF EXECUTION:  Data center  Security measures of the data center  The proper cooling system of data center room  Proper segregation of duty  Proper fire control measures
 Constraint: WORKING HOUR CONTRAINT:  The working hour constraint was from 9am to 5pm, so after that the office in korangi was closed and we can’t get information after it. EMPLOYEE RELUCTANCE:  Fear of losing their job is also a constraint & because of that they didn’t share the information.
Continue….. PRESENCE OF AN EMPLOYEE WHEN WE AUDIT DATA CENTER:  While accessing the data center & check the measures to protect data center security that ranges from fire, power and electricity, physical access and cooling system an employee was always present with us that never leave us alone to audit the data center independently. CONFEDENTIAL CONSTRAINT:  Employees will keep their confidentiality when asked about data center.
Compliance and Criteria: The criteria of our audit plan will be on the following points: Audit according to ISO rules Inform P.R.L. about the objectives Security of the organization data center Free from any personal liking and disliking Confirm data center is properly secured Proper data backup system present Proper training of guards Proper cooling system
Approach: Q: What our project Approach covers? Physical access control Data Center operations Power and electricity Fire suppression Environmental controls System resiliency Hacking and violation of data
Checklist: What does checklist covers?  Fire control  Physical access  Capability of data Center personnel  Authenticity of personnel working for data center security  Testing of environmental control  Testing of power and electricity  Data backup availability  System resiliency  Hacking and violation of data
Reference:  https://www.scribd.com/doc/57898497/Data-Center-Audit- Checklist  http://www.prl.com.pk/  Past reports of Toyota, IoBM and Mobilink
Pakistan refinery limited

Recommended

ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...iFour Consultancy
 
Sec440: Server Malware Protection Policy
Sec440: Server Malware Protection PolicySec440: Server Malware Protection Policy
Sec440: Server Malware Protection PolicyThomas Christopher Ty
 
ISO 27001 Checklist - ISMS Scope - Clause 4.3 - 38 checklist Questions
ISO 27001 Checklist - ISMS Scope - Clause 4.3 - 38 checklist QuestionsISO 27001 Checklist - ISMS Scope - Clause 4.3 - 38 checklist Questions
ISO 27001 Checklist - ISMS Scope - Clause 4.3 - 38 checklist Questionshimalya sharma
 
Control a.18 compliance - by software outsourcing company in India
Control a.18 compliance - by software outsourcing company in IndiaControl a.18 compliance - by software outsourcing company in India
Control a.18 compliance - by software outsourcing company in IndiaiFour Consultancy
 
Feroot Smart Technology Privacy Summit: Fiduciary Finesse & Cybersecurity — W...
Feroot Smart Technology Privacy Summit: Fiduciary Finesse & Cybersecurity — W...Feroot Smart Technology Privacy Summit: Fiduciary Finesse & Cybersecurity — W...
Feroot Smart Technology Privacy Summit: Fiduciary Finesse & Cybersecurity — W...Feroot
 
New Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationNew Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationShritam Bhowmick
 
Navigating the SOC 2 Certification Maze: What You Need to Know
Navigating the SOC 2 Certification Maze: What You Need to KnowNavigating the SOC 2 Certification Maze: What You Need to Know
Navigating the SOC 2 Certification Maze: What You Need to KnowShyamMishra72
 
SOC 2 Certification Unveiled: Understanding the Core Principles
SOC 2 Certification Unveiled: Understanding the Core PrinciplesSOC 2 Certification Unveiled: Understanding the Core Principles
SOC 2 Certification Unveiled: Understanding the Core PrinciplesShyamMishra72
 

Recommended

ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...
ISO 27001 2013 Clause 4 - context of an organization - by Software developmen...iFour Consultancy
 
Sec440: Server Malware Protection Policy
Sec440: Server Malware Protection PolicySec440: Server Malware Protection Policy
Sec440: Server Malware Protection PolicyThomas Christopher Ty
 
ISO 27001 Checklist - ISMS Scope - Clause 4.3 - 38 checklist Questions
ISO 27001 Checklist - ISMS Scope - Clause 4.3 - 38 checklist QuestionsISO 27001 Checklist - ISMS Scope - Clause 4.3 - 38 checklist Questions
ISO 27001 Checklist - ISMS Scope - Clause 4.3 - 38 checklist Questionshimalya sharma
 
Control a.18 compliance - by software outsourcing company in India
Control a.18 compliance - by software outsourcing company in IndiaControl a.18 compliance - by software outsourcing company in India
Control a.18 compliance - by software outsourcing company in IndiaiFour Consultancy
 
Feroot Smart Technology Privacy Summit: Fiduciary Finesse & Cybersecurity — W...
Feroot Smart Technology Privacy Summit: Fiduciary Finesse & Cybersecurity — W...Feroot Smart Technology Privacy Summit: Fiduciary Finesse & Cybersecurity — W...
Feroot Smart Technology Privacy Summit: Fiduciary Finesse & Cybersecurity — W...Feroot
 
New Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationNew Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationShritam Bhowmick
 
Navigating the SOC 2 Certification Maze: What You Need to Know
Navigating the SOC 2 Certification Maze: What You Need to KnowNavigating the SOC 2 Certification Maze: What You Need to Know
Navigating the SOC 2 Certification Maze: What You Need to KnowShyamMishra72
 
SOC 2 Certification Unveiled: Understanding the Core Principles
SOC 2 Certification Unveiled: Understanding the Core PrinciplesSOC 2 Certification Unveiled: Understanding the Core Principles
SOC 2 Certification Unveiled: Understanding the Core PrinciplesShyamMishra72
 
How to apply ISO 27001 using a top down, risk-based approach
How to apply ISO 27001 using a top down, risk-based approachHow to apply ISO 27001 using a top down, risk-based approach
How to apply ISO 27001 using a top down, risk-based approachPECB
 
Auditing concept
Auditing conceptAuditing concept
Auditing conceptGanesh Sharma
 
Security audits & compliance
Security audits & complianceSecurity audits & compliance
Security audits & complianceVandana Verma
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromMart Rovers
 
Occupational Health & Safety Management System 01
Occupational Health & Safety Management System 01Occupational Health & Safety Management System 01
Occupational Health & Safety Management System 01Yaowaluk Yuangsoi
 
Cybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber SecurityCybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber SecurityEryk Budi Pratama
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness TrainingDr Madhu Aman Sharma
 
TrustArc Webinar: DPIA Compliance
TrustArc Webinar: DPIA ComplianceTrustArc Webinar: DPIA Compliance
TrustArc Webinar: DPIA ComplianceTrustArc
 
Xevgenis_Michail_CI7130 Network and Information Security
Xevgenis_Michail_CI7130 Network and Information SecurityXevgenis_Michail_CI7130 Network and Information Security
Xevgenis_Michail_CI7130 Network and Information SecurityMichael Xevgenis
 
Human resources security
Human resources securityHuman resources security
Human resources securityCAS
 
D1 security and risk management v1.62
D1 security and risk management v1.62D1 security and risk management v1.62
D1 security and risk management v1.62AlliedConSapCourses
 
ISO/IEC 27001.pdf
ISO/IEC 27001.pdfISO/IEC 27001.pdf
ISO/IEC 27001.pdfLiiewaOfficial
 
ISMS End-User Training Presentation.pptx
ISMS End-User Training Presentation.pptxISMS End-User Training Presentation.pptx
ISMS End-User Training Presentation.pptxcomstarndt
 
Achieving ISO 27001 Certification.pdf
Achieving ISO 27001 Certification.pdfAchieving ISO 27001 Certification.pdf
Achieving ISO 27001 Certification.pdfmicroteklearning21
 
Importance of Information Security and Goals for Preventing Data Breaches
Importance of Information Security and Goals for Preventing Data Breaches Importance of Information Security and Goals for Preventing Data Breaches
Importance of Information Security and Goals for Preventing Data Breacheskimsrung lov
 
GDPR and ISO 27001 - how to be compliant
GDPR and ISO 27001 - how to be compliantGDPR and ISO 27001 - how to be compliant
GDPR and ISO 27001 - how to be compliantIlesh Dattani
 
BSidesSF talk: Silver lining for security teams in data protection clouds
BSidesSF talk: Silver lining for security teams in data protection cloudsBSidesSF talk: Silver lining for security teams in data protection clouds
BSidesSF talk: Silver lining for security teams in data protection cloudsRafae Bhatti
 
Cissp Study notes.pdf
Cissp Study notes.pdfCissp Study notes.pdf
Cissp Study notes.pdfMAHESHUMANATHGOPALAK
 
nkp resume
nkp resumenkp resume
nkp resumeNandkishor Prasad
 
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursHow to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursSurfWatch Labs
 
Toyota Indus Final Report
Toyota Indus Final ReportToyota Indus Final Report
Toyota Indus Final ReportSandeep Kumar
 
Banking sector of pakistan
Banking sector of pakistanBanking sector of pakistan
Banking sector of pakistanSandeep Kumar
 

More Related Content

Similar to Pakistan refinery limited

How to apply ISO 27001 using a top down, risk-based approach
How to apply ISO 27001 using a top down, risk-based approachHow to apply ISO 27001 using a top down, risk-based approach
How to apply ISO 27001 using a top down, risk-based approachPECB
 
Security audits & compliance
Security audits & complianceSecurity audits & compliance
Security audits & complianceVandana Verma
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromMart Rovers
 
Occupational Health & Safety Management System 01
Occupational Health & Safety Management System 01Occupational Health & Safety Management System 01
Occupational Health & Safety Management System 01Yaowaluk Yuangsoi
 
Cybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber SecurityCybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber SecurityEryk Budi Pratama
 
TrustArc Webinar: DPIA Compliance
TrustArc Webinar: DPIA ComplianceTrustArc Webinar: DPIA Compliance
TrustArc Webinar: DPIA ComplianceTrustArc
 
Xevgenis_Michail_CI7130 Network and Information Security
Xevgenis_Michail_CI7130 Network and Information SecurityXevgenis_Michail_CI7130 Network and Information Security
Xevgenis_Michail_CI7130 Network and Information SecurityMichael Xevgenis
 
Human resources security
Human resources securityHuman resources security
Human resources securityCAS
 
D1 security and risk management v1.62
D1 security and risk management v1.62D1 security and risk management v1.62
D1 security and risk management v1.62AlliedConSapCourses
 
ISMS End-User Training Presentation.pptx
ISMS End-User Training Presentation.pptxISMS End-User Training Presentation.pptx
ISMS End-User Training Presentation.pptxcomstarndt
 
Achieving ISO 27001 Certification.pdf
Achieving ISO 27001 Certification.pdfAchieving ISO 27001 Certification.pdf
Achieving ISO 27001 Certification.pdfmicroteklearning21
 
Importance of Information Security and Goals for Preventing Data Breaches
Importance of Information Security and Goals for Preventing Data Breaches Importance of Information Security and Goals for Preventing Data Breaches
Importance of Information Security and Goals for Preventing Data Breacheskimsrung lov
 
GDPR and ISO 27001 - how to be compliant
GDPR and ISO 27001 - how to be compliantGDPR and ISO 27001 - how to be compliant
GDPR and ISO 27001 - how to be compliantIlesh Dattani
 
BSidesSF talk: Silver lining for security teams in data protection clouds
BSidesSF talk: Silver lining for security teams in data protection cloudsBSidesSF talk: Silver lining for security teams in data protection clouds
BSidesSF talk: Silver lining for security teams in data protection cloudsRafae Bhatti
 
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursHow to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursSurfWatch Labs
 

Similar to Pakistan refinery limited (20)

How to apply ISO 27001 using a top down, risk-based approach
How to apply ISO 27001 using a top down, risk-based approachHow to apply ISO 27001 using a top down, risk-based approach
How to apply ISO 27001 using a top down, risk-based approach
 
Auditing concept
Auditing conceptAuditing concept
Auditing concept
 
Security audits & compliance
Security audits & complianceSecurity audits & compliance
Security audits & compliance
 
Iso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interpromIso iec 27001 foundation training course by interprom
Iso iec 27001 foundation training course by interprom
 
Occupational Health & Safety Management System 01
Occupational Health & Safety Management System 01Occupational Health & Safety Management System 01
Occupational Health & Safety Management System 01
 
Cybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber SecurityCybersecurity 101 - Auditing Cyber Security
Cybersecurity 101 - Auditing Cyber Security
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness Training
 
TrustArc Webinar: DPIA Compliance
TrustArc Webinar: DPIA ComplianceTrustArc Webinar: DPIA Compliance
TrustArc Webinar: DPIA Compliance
 
Xevgenis_Michail_CI7130 Network and Information Security
Xevgenis_Michail_CI7130 Network and Information SecurityXevgenis_Michail_CI7130 Network and Information Security
Xevgenis_Michail_CI7130 Network and Information Security
 
Human resources security
Human resources securityHuman resources security
Human resources security
 
D1 security and risk management v1.62
D1 security and risk management v1.62D1 security and risk management v1.62
D1 security and risk management v1.62
 
ISO/IEC 27001.pdf
ISO/IEC 27001.pdfISO/IEC 27001.pdf
ISO/IEC 27001.pdf
 
ISMS End-User Training Presentation.pptx
ISMS End-User Training Presentation.pptxISMS End-User Training Presentation.pptx
ISMS End-User Training Presentation.pptx
 
Achieving ISO 27001 Certification.pdf
Achieving ISO 27001 Certification.pdfAchieving ISO 27001 Certification.pdf
Achieving ISO 27001 Certification.pdf
 
Importance of Information Security and Goals for Preventing Data Breaches
Importance of Information Security and Goals for Preventing Data Breaches Importance of Information Security and Goals for Preventing Data Breaches
Importance of Information Security and Goals for Preventing Data Breaches
 
GDPR and ISO 27001 - how to be compliant
GDPR and ISO 27001 - how to be compliantGDPR and ISO 27001 - how to be compliant
GDPR and ISO 27001 - how to be compliant
 
BSidesSF talk: Silver lining for security teams in data protection clouds
BSidesSF talk: Silver lining for security teams in data protection cloudsBSidesSF talk: Silver lining for security teams in data protection clouds
BSidesSF talk: Silver lining for security teams in data protection clouds
 
Cissp Study notes.pdf
Cissp Study notes.pdfCissp Study notes.pdf
Cissp Study notes.pdf
 
nkp resume
nkp resumenkp resume
nkp resume
 
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach OccursHow to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
How to Connect Your Server Room to the Board Room – Before a Data Breach Occurs
 

More from Sandeep Kumar

Toyota Indus Final Report
Toyota Indus Final ReportToyota Indus Final Report
Toyota Indus Final ReportSandeep Kumar
 
Banking sector of pakistan
Banking sector of pakistanBanking sector of pakistan
Banking sector of pakistanSandeep Kumar
 
Impact of Thar Coal on Electricity Generation & Economic Growth of Pakistan
Impact of Thar Coal on Electricity Generation & Economic Growth of PakistanImpact of Thar Coal on Electricity Generation & Economic Growth of Pakistan
Impact of Thar Coal on Electricity Generation & Economic Growth of PakistanSandeep Kumar
 
Competitors review of Axe Deodorant
Competitors review of Axe DeodorantCompetitors review of Axe Deodorant
Competitors review of Axe DeodorantSandeep Kumar
 
Marketing plan of axe deodrant
Marketing plan of axe deodrantMarketing plan of axe deodrant
Marketing plan of axe deodrantSandeep Kumar
 
Honor Killing in Pakistan
Honor Killing in PakistanHonor Killing in Pakistan
Honor Killing in PakistanSandeep Kumar
 
Customers Retention Strategies project
Customers Retention Strategies projectCustomers Retention Strategies project
Customers Retention Strategies projectSandeep Kumar
 
Dawn Newspaper term report
Dawn Newspaper term reportDawn Newspaper term report
Dawn Newspaper term reportSandeep Kumar
 
Dawn Newspaper presentation
Dawn Newspaper presentationDawn Newspaper presentation
Dawn Newspaper presentationSandeep Kumar
 
Is audit and management term report
Is audit and management term reportIs audit and management term report
Is audit and management term reportSandeep Kumar
 
Types of buying decision behavior
Types of buying decision behaviorTypes of buying decision behavior
Types of buying decision behaviorSandeep Kumar
 

More from Sandeep Kumar (19)

Toyota Indus Final Report
Toyota Indus Final ReportToyota Indus Final Report
Toyota Indus Final Report
 
Banking sector of pakistan
Banking sector of pakistanBanking sector of pakistan
Banking sector of pakistan
 
Impact of Thar Coal on Electricity Generation & Economic Growth of Pakistan
Impact of Thar Coal on Electricity Generation & Economic Growth of PakistanImpact of Thar Coal on Electricity Generation & Economic Growth of Pakistan
Impact of Thar Coal on Electricity Generation & Economic Growth of Pakistan
 
Dysin automobile
Dysin automobileDysin automobile
Dysin automobile
 
John kennedy
John kennedyJohn kennedy
John kennedy
 
Types of followers
Types of followersTypes of followers
Types of followers
 
Coca cola beverages
Coca cola beveragesCoca cola beverages
Coca cola beverages
 
Coca cola beverages
Coca cola beveragesCoca cola beverages
Coca cola beverages
 
Existence of god
Existence of godExistence of god
Existence of god
 
Competitors review of Axe Deodorant
Competitors review of Axe DeodorantCompetitors review of Axe Deodorant
Competitors review of Axe Deodorant
 
Marketing plan of axe deodrant
Marketing plan of axe deodrantMarketing plan of axe deodrant
Marketing plan of axe deodrant
 
Honor Killing in Pakistan
Honor Killing in PakistanHonor Killing in Pakistan
Honor Killing in Pakistan
 
Axe deodorant
Axe deodorantAxe deodorant
Axe deodorant
 
Customers Retention Strategies project
Customers Retention Strategies projectCustomers Retention Strategies project
Customers Retention Strategies project
 
Dawn Newspaper term report
Dawn Newspaper term reportDawn Newspaper term report
Dawn Newspaper term report
 
Dawn Newspaper presentation
Dawn Newspaper presentationDawn Newspaper presentation
Dawn Newspaper presentation
 
Is audit and management term report
Is audit and management term reportIs audit and management term report
Is audit and management term report
 
Types of buying decision behavior
Types of buying decision behaviorTypes of buying decision behavior
Types of buying decision behavior
 
National food
National foodNational food
National food
 

Recently uploaded

Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...lizamodels9
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptxnandhinijagan9867
 
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLSeo
 
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...allensay1
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...Aggregage
 
John Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdfJohn Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdfAmzadHosen3
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...amitlee9823
 
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...amitlee9823
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxWorkforce Group
 
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxB.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxpriyanshujha201
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Neil Kimberley
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756dollysharma2066
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...lizamodels9
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsP&CO
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Dave Litwiller
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxAndy Lambert
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876dlhescort
 
Falcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting
 

Recently uploaded (20)

Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptx
 
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
 
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
John Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdfJohn Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdf
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxB.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7
(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7
(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptx
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
 
Falcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investors
 

Pakistan refinery limited

  • 1. Group Members: Muhammad Sherjeel Shoukat - 19306 Sandeep Kumar - 20395 Maryam Hassan - 20653 Mahad Mehmood - 20426 PAKISTAN REFINERY LIMITED
  • 2.  Introduction:  Pakistan Refinery was incorporated in Pakistan as a public limited company in May 1960 and is quoted on Karachi and Lahore stock exchanges.  Its registered office is located at Korangi Creek Road, Karachi.  The company is engaged in the production and sales of Petroleum products.  The design capacity of the Refinery was 1 million tons of crude oil per annum, but was increased to 2.1 million tons per annum later.  The refinery is a hydro-skimming refinery, and produces high speed diesel, furnace oil, motor spirit, Naphtha, kerosene, jet fuels and liquified petroleum gas.
  • 3. Continue……  Its major customers are shell, P.I.A, and chevron.  Board of Directors:  Chairman: Farooq Rahmatullah Khan  Managing Director & CEO: Aftab Husain  Company Information:  Chief Financial Officer: Imran Ahmad Mirza  Acting Company Secretary: Shehrzad Aminullah  Auditors: A. F. Ferguson & Co. Chartered Accountants  Audit Committee Members:  Babar H. Chaudhary  Faisal Waheed  Muhammad Najam Shamsuddin  Saleem Butt
  • 4.  Audit planning table: Ranking Audit Area Time Frame Last Checked Responsibility 1 Hacking and violation of data 1 week 2016 IT consultant 2 Physical access 2 weeks 2014 Security department 3 Data Centre operations 8 days 2015 Data Centre Manager 4 System resiliency 4 days 2015 Data Centre Manager 5 Power and electricity 7 days 2015 On field manager 6 Fire 5 days 2012 Security department 7 Environmental controls 9 days 2013 On field manager
  • 5. Risk Assessment and Audit Engagement Risk Analysis: Inherent Risk: It is defined as that risk which is the nature of the business. Types of inherent risks: 1. Natural risk 2. Manmade risk 3. Power failure
  • 6. Continue…… Control Risk: It is the risk that occurs due to absent or weak internal controls to the data center. 1. Weak security controls Detection Risk: It’s the risk which the auditor can’t predict. 1. Violation of data within confidential zone
  • 7.  Objectives:  To make it sure that there is data backup available in case any destruction happens to their data center.  To check that are they using proper security measures for the physical security access and is there proper segregation of duty for data center.  To check that there is proper power and electricity backup available and are they working properly.  Examining proper fire extinguishers system availability and its effectiveness.  Examining proper cooling system of data center computers.
  • 8. Scope: TIME FRAME:  From 14 February to 19 April.  Divide our task properly to meet the goal of auditing data center. PLACE OF EXECUTION:  Data center  Security measures of the data center  The proper cooling system of data center room  Proper segregation of duty  Proper fire control measures
  • 9.  Constraint: WORKING HOUR CONTRAINT:  The working hour constraint was from 9am to 5pm, so after that the office in korangi was closed and we can’t get information after it. EMPLOYEE RELUCTANCE:  Fear of losing their job is also a constraint & because of that they didn’t share the information.
  • 10. Continue….. PRESENCE OF AN EMPLOYEE WHEN WE AUDIT DATA CENTER:  While accessing the data center & check the measures to protect data center security that ranges from fire, power and electricity, physical access and cooling system an employee was always present with us that never leave us alone to audit the data center independently. CONFEDENTIAL CONSTRAINT:  Employees will keep their confidentiality when asked about data center.
  • 11. Compliance and Criteria: The criteria of our audit plan will be on the following points: Audit according to ISO rules Inform P.R.L. about the objectives Security of the organization data center Free from any personal liking and disliking Confirm data center is properly secured Proper data backup system present Proper training of guards Proper cooling system
  • 12. Approach: Q: What our project Approach covers? Physical access control Data Center operations Power and electricity Fire suppression Environmental controls System resiliency Hacking and violation of data
  • 13. Checklist: What does checklist covers?  Fire control  Physical access  Capability of data Center personnel  Authenticity of personnel working for data center security  Testing of environmental control  Testing of power and electricity  Data backup availability  System resiliency  Hacking and violation of data