Manager - IT Internal Audit

The role of the Internal Audit Manager - ITIS is responsible for evaluation of the internal controls and risks of the company’s information technology and security. This role includes identifying the control weaknesses and creating an action plan to prevent security breaches in the technology. He/she is also responsible for executing internal audit assignments in accordance with the approved Annual Audit Plan. It is important to assume a lead role in managing the completion of IT&IS audit assignments under the direction of the Internal Audit Sr. Manager/Director.

Audit planning

• Carries out surveys of functions including: Background information, control questionnaire, benchmarking best practice and carrying out assessment activities in assigned areas to determine the nature of operations and adequacy of the system of control to achieve audit objectives.
• Identify the key control points of the system and risk exposures and draft the process map of the engagement and the control / risk matrix to structure the audit assignment.
• Plan the objectives, scope and procedures of the audit assignment (i.e. drafts terms of reference of the engagement).
• Determine the engagement approach including statistical sampling and the use of information technology.

Audit Execution

• Conduct the audit fieldwork and complete the control test sheet of the engagement (i.e. documents the test purpose, approach, work completed, materiality, management feedback, results and Conclusion).
• Identify and review control weaknesses and deficient conditions (via audit observations) and make the recommendations for correcting unsatisfactory conditions, improving operations and reducing cost.
• Complete audit documentation and file as required, ensuring that all records are in place, up to date and accessible to those who need to review the documentation.
• Identify and alert any red flag (fraud indicator)to the Internal Audit Director during the conduct of the audit engagement to ensure any fraudulent issues are dealt with promptly.

Audit Reporting

• Analyze activities in terms of potential risk and impact on operations, evaluates, communicates and confirms audit findings with the responsible officers of operations audited.
• Complete draft audit reports and documents to ensure accurate records of audits carried out.
• Assist the Internal Audit Sr. Manager in completing the clearance and obtaining the management responses

Follow-up Review

• Undertake follow up reviews of all recommendations on a monthly basis and seek verification and evidence from the business to assess if audit recommendations have been properly implemented and sustained.
• Carry out follow up reviews with the relevant management teams and reports the outcomes to the Internal Audit manager.
• Maintains and updates the internal audit recommendations database.

Annual Audit Plan

• Participate in preparations for the annual risk universe and assessment.
• Track assignment completion and complete audit times sheets and schedules

Governance Framework

Maintain effective working relations with the management team and Audit stakeholders.

• University degree in information technology, computer science, or any other related discipline.
• Partial completion of Professional Certificate in information technology (CISA, CISM, ITIL, CISSP etc…) is preferred.
• High proficiency in spoken and written Arabic and English.