:JOB PURPOSE:To conduct and complete comprehensive IT audit and evaluation of management controls over Information Systems activities in order to ensure smooth and timely progress of IT audit programs according to annual audit plans, and in accordance with corporate strategies, policies, International IT Audit Standard and directives.Job Specific AccountabilitiesInternal Audit Planning
Prepares a comprehensive Risk Based IT audit program in close cooperation with Department Manager - Specialized Audit for reviewing and evaluating management controls over Information System Controls Environment, including hardware, software, applications and telecommunications concepts used in various divisions and departments, as per approved audit plan. Communicates findings to subordinates, discusses for correction and improvement
Participates in conducting preliminary review of IT areas to help establishing scope and develop audit plan. Reviews completeness, appropriateness and effectiveness of applications, embedded controls, processes, procedures and policies, and generates recommendations.
Analyses Information Systems embedded controls and follows up any systems development, acquisition and modification processes. Carries out general operations controls evaluation.
Assists in ensuring completeness, appropriateness and effectiveness of applications processes, embedded controls and procedures, analyses deficiencies in terms of potential risks along with recommendations. Follows up on audit findings and audit report with concerned departments senior staff and manager to ensure implementation of agreed corrective action plans.
Analyses administrative, financial and operational applications systems and related procedures, and makes recommendations to improve application systems security measures. Follows IT audit procedures as outlined in IT audit program, and verifies compliance with pertinent laws and regulations.
Conduct IT auditing activities during field in coordination with Senior IT auditor to ensure smooth and timely progress of audit programs.
Internal Audit Reporting
Prepares the draft IT audit report for Department Manager - Specialized Audit review, highlighting compliance status of concerned department/division, any non-compliance issues and shortcomings, along with the recommendations for necessary corrective action.
Follows up the implementation of corrective action by various audited departments/divisions, according to audit reports and corrective action plans, as agreed with the auditees. Reviews updating of Risk Based IT Audit Programs.
Performs assignments/ other IT audit related duties as and when assigned by Department Manager - Specialized Audit.
Updates IT Controls Audit Programs and prepares working papers and schedules for completed audits.
Physical EffortMinimal Physical effort, setting at the desk most of the time extensive use of computer.Work EnvironmentDuties are mostly performed in air conditioned office environmentRequirementsQUALIFICATIONS, EXPERIENCE, KNOWLEDGE & SKILLS:Minimum QualificationBachelor Degree in IT/ ISMinimum Experience & Knowledge & Skills
6 years of professional experience within IT audit
Strong verbal and written communication skills in English, knowledge of Arabic is an advantage
Working knowledge of IT networks, operating systems, databases, applications & IT General Controls
Working knowledge of Microsoft Office, especially Word, Excel and PowerPoint
Ability to work independently and as part of team
Critical Thinking & Analysis skills
Good knowledge on the internal audit, corporate governance and risk management
Professional CertificationsAt least one professional qualification/ certifications from IT Auditing associations (CISA, CISM, CISSP)