Responsible for executing high quality audits, risk management over the IT infrastructure, applications and processes. Responsible for delivering high quality internal audit results under the direction of GRC management, including planning, performing IT risk assessments, and developing and executing test plans to assess design and effectiveness. Key focus areas are risk assessments, security assessments, business continuity and disaster recovery assessments, and review of internal controls, corporate policy, laws, and regulations, as they relate to the Company's electronic assets. Maintains all organizational and professional ethical standards and completes all internal audit work in compliance with the IIA & ISACA’s standards. Works independently under general supervision with considerable latitude for initiative and independent judgment.
Essential Duties and Responsibilities include the following. Other duties may be assigned.
Conduct the annual risk assessment overall for IT scope of all AZAQ’s entities and give report to GRC management for incorporation of results into overall GRC annual plan.
Executes specific IT projects established as per the annual GRC plan, develops audit objectives, scope, audit test plan, and procedures while ensuring alignment with audit standards, guidelines, and best practices.
Evaluate the security procedures and systems that govern the IT environment, reporting on such evaluation and suggesting recommendations where needed. Conduct departmental reviews to assess the extent of compliance with controls and procedures. Evaluate these controls for their adequacy and operational effectiveness. Keeps abreast of relevant business developments and evolving IT risk areas.
Leads and/or conducts complex engagements that are designed to assess the organization’s information technology (IT) risk exposure and recommend any needed enhancements to IT business systems, processes, and controls.
Participate in integrated financial and operational audits to evaluate automated application controls, critical system functionality, and other IT related areas of risk.
Contributes ideas and opinions to the GRC team by identifying relevant automated controls to include in an audit scope; designing audit programs/procedures to assess their adequacy, and assisting financial/operational auditors in applying IT audit principles and concept.
Provide support to other audit team for audits and consulting engagements for Oracle EBS, Sage, QuickBooks, SAP and Microsoft Dynamics application modules about risks and controls related to integrated testing, application controls, preventive control, detective controls, logical access control and SOD, and configuration setup controls.
Complete the Audit Work paper file at each stage of the audit process (from planning to get the audit program approved until the completion of the audit) to ensure progress is tracked. Prepare electronic work papers in TeamMate by the department’s standards and reviews work of peers.
Participate in information system testing as needed, whether such testing is destined to evaluate the effectiveness and controls around existing or newly implemented systems.
Participate as assigned in the deliberations of Committees working on special IT evaluation, development, or implementation projects.
Prepares comprehensive, well-written Internal Audit Reports summarizing the review results. Conducts closing meetings and presentation of IT audit results. Prepares audit summaries and reviews audit results with senior IT management providing observations and conclusions as well as identifies and communicates gaps and evaluates management action plans and related reporting.
Follows-up on status of prior IT audit recommendations to ensure that recommendations are implemented on a timely basis.
Prepare and deliver weekly/fortnightly/monthly audit reports related to project progress and update wunderlist.
Support the GRC department by participating in a variety of projects. Project may include, but are not limited to operations audits, infrastructure, network and applications reviews, pre and post implementation reviews of new IT systems/applications and vendor risk assessments.
Perform all TeamMate and Analyzer system administration and regular upgrade and migrations to new versions. Ensure that GRC systems have been back up and data secured.
Job Details
| Date Posted: | 2018-02-04 |
| Job Location: | Eastern Province, Saudi Arabia |
| Job Role: | Administration |
| Company Industry: | Management |
Preferred Candidate
| Career Level: | Management |
| Degree: | Bachelor's degree |
To apply for this job click here
Jobs in Saudi - career in Saudi - vacancies in Saudi-Senior IT Auditor - Ali Zaid Al Quraishi & Brothers-Jobs in Saudi - career in Saudi - vacancies in Saudi