Manager - IT Audit

Job Purpose

Responsible for participating complex individual audit assignments adhering to GIA's quality standards as outlined in Internal Audit Manual.

Plays critical role in all phases the individual audit assignments viz. assignment planning, fieldwork and testing, discussion of the observations with the audit clients, obtaining corrective action plans, preparing draft and final audit report and monitoring rectification of audit observations through effective follow-up.

As Assignment In Charge for less complex audit assignments, leading & managing audit team members to ensure high quality standards. 

Additional Responsibilities:

Supporting Head of IT Audit in routine consultation services / special reviews relating to information technology and security areas such as (i) Investigations, independent review of (ii) System Change Requests, (iii) Product Programs, (iv) Policies and (v) Standard Operating Procedures and (vi) IT investment proposals being submitted to ITSC and drafting Investigation and Consultation Reports.

Key Accountabilities 

1. Recommends improvements to IT / Information Security procedures and ensures the implementation of instructions and controls covering IT/Systems Audit activity so that all relevant procedural/legislative requirements are fulfilled while delivering a quality, cost-effective service to customers.
2. Audit Plan: Plays an instrumental role in preparing IT audit plan (for SIB and its subsidiaries) for the approved high risk areas in order to  communicate to Management on adequacy of internal control systems for IT to mitigate the risk.
3. Audit Coverage: Leads less complex regular audits and/or small-scale audits (e.g. Spot Audits, Limited Scope Reviews, etc).
4. Preparation of Assignment Plan and audit programmes and performing visits to IT Division and other business areas of the bank as well as branches.
5. Conducts audits in line with audit steps laid down by the assignment manager, performs the checking of policies, systems and procedures in line with sound compliance and control standards.
6. Documents work in a neat and organized manner, in line with the Divisional policies.
7. Audit Reports: • Drafts audit observations and reports to be presented to Assignment In Charge / Assignment Manager ensuring that they are highlighting areas of concern and proposing remedial steps where appropriate, and
8. Proposing urgent action when needed.
9. Discusses the audit findings and recommendations with the Assignment in Charge and Participates in exit meetings with audit clients.
10. Follow Up: Conducts follow-up assignments, as applicable on audit findings implemented in order to improve internal controls.
11. Fraud Investigation: • Participates in investigation of identified fraudulent        activities involving systems, carries out necessary investigations and reports findings to Assignment In-Charge in order to take appropriate corrective actions.
12. Program change, pre and post implementation review of systems:

• Conducts review assignments for all the program changes performed by the ITD Division as applicable.
• Conducts the review of new system implementation from the audit and controls prospective, based on the applicable audit programs and guidance from Head of the department
• Updates and Research:
• Undertakes regular research and updates about the new technologies that are planned for implementation or that might help the bank and/or Group Internal Audit can benefit from.
• Reviews of new professional standards within the information systems audit fields, as well working towards implementation of these standards.
• Quality Assurance & Improvement Program:
• Participate in the Quality File Review (i.e. ongoing review of Working Papers) for the audits conducted by other departments within Internal Audit.
• Works in line with Bank policies and procedures and guidelines/plans set by Group Internal Audit.  Independent in managing day-to-day aspects of own area of work, highlighting deviations and critical issues to Head of IT Audit.

Qualifications:

1. Minimum Qualifications Bachelor: Business Information Technology, Computer Sciences, Networking
2.  Other Qualifications (If Any)  Professional qualifications such as CIA, CISA, CISSP etc.
3.  Computers/ Systems /Software Skills MS Office - IT Software – Intermediate
4. Knowledge of Islamic Banking principles
5. Minimum of 3-5 years of experience in the banking industry.
   

Language Skills:

•  Strong in both oral and written : Arabic & English.