Position: Head of Domestic & International Core Banking & Retail Systems Audit
Entity: Group Internal Audit Division
Location: Doha, Qatar
Job Summary:
The role will not only be responsible for post-implementation review of the various information systems used by the Group to support the business but will also conduct/ oversee pre-implementation reviews for select systems (based on the risk assessment exercise) to ensure adequate system controls are built into the systems during the development stage itself.
The role will also extend to the related secondary responsibilities that will be assigned to the IT Audit team in terms of specific activities/ functions to be audited, in addition to the primary responsibility with respect to the information system audits.
Essential Duties & Responsibilities by Dimensions:
- Assist the Principal Specialist Domestic & International IT and IS Audit in adding value by identifying through the individual reviews conducted, instances/ risks that entail probable financial loss or regulatory/ policy non-compliance that could result in monetary penalties/ reputation damage through the information systems audit/ review process and the performance of any related responsibilities that are assigned.
- Assist the Principal Specialist Domestic & International IT and IS Audit in identifying potential cost saving opportunities by highlighting process inefficiencies through the above-mentioned process.
- Provide timely feedback/ information to the Principal Specialist Domestic & International IT and IS Audit and in his absence, to the Chief Internal Auditor – IT and IS Audit, Follow-Up and Special Assignments on queries/ reports/ other correspondence received from the external auditors, Qatar Central Bank (QCB) and other external regulators to enable the latter to respond to the same in a timely and efficient manner, which pertain to the incumbent’s area of responsibility.
- Assist the Principal Specialist Domestic & International IT and IS Audit in managing the relationship with the concerned executive management including the Chief Operations Officer (COO) and GM Information Technology (IT) and other divisional/ departmental management as applicable to obtain their inputs/ concerns on the various systems in use by their respective departments/ units and other IT and IT security related functions/areas, including in-house/ vendor assisted development of new systems/ major enhancements to existing systems, which could have an impact on the annual audit plan.
- Liaise with the system development personnel within Group IT and the respective vendor personnel (where system are procured/ developed with external assistance) during the reviews of individual systems.
- Provide inputs to the Principal Specialist Domestic & International IT and IS Audit in preparing an annual information systems audit plan (including related secondary responsibilities assigned to the IT Audit Team) for submission to the Chief Internal Auditor – Group IT Audit & Follow-up for his review, based on the risk assessment conducted for the various systems in use to support the business and the individual functions/ activities comprising IT and IT security.
- Implement and execute the plan approved by the Group Audit & Compliance Committee and ensure completion of the same within the assigned period as instructed by the Principal Specialist Domestic & International IT and IS Audit. Also responsible for submitting status reports on the various assignments in progress to the Principal Specialist Domestic & International IT and IS Audit explaining the reasons for the delay in completion of individual assignments, if applicable.
- Develop and implement appropriate risk assessment methodology/ parameters and criteria in consultation with the Principal Specialist Domestic & International IT and IS Audit to facilitate evaluation of the individual systems either already in use or under development and other IT and IT security related functions/ processes/ activities and related procedures based on the risk involved in the referenced function/ activity/ area and its potential impact on the Group’s objectives and strategy.
- Oversee on day-to-day basis, the individual assignments comprising the approved plan to ensure that these are being conducted in accordance with the best practices for internal auditing, including but not limited to SPPIA recommendations/ guidelines and CoBIT principles.
- Responsible for determining the existence and adequacy of the SDLC methodology during the review of select information systems and comment upon the same. Ensure that such reviews focus on determining whether test plans and test scripts were in place and actually used, whether testing conducted on the concerned system was adequate and whether all significant issues were resolved/ requirements of the concerned business users met and their sign-offs obtained before moving the system from the test phase to production.
- Ensure that the audit planning, fieldwork and reporting stages are conducted in consonance with the procedures/ guidelines contained in the internal audit manual, including but not limited to communications to relevant auditee management on audit commencement, presentation of draft reports to auditee management and obtaining their responses and holding of closing meetings.
- Oversee special audits/ reviews for investigation of problem areas or for certain specific reasons, as and when directed by the GCEO/ executive management or the Board.
- Review and adjust audit programs to be aligned with engagement scope and requirements and the related advances in best practices pertaining to the area under review.
- Perform first level review of all internal audit and other special assignment/ investigation reports and subsequent submission of the same to the Principal Specialist Domestic & International IT and IS Audit.
- Assist the Principal Specialist Domestic & International IT and IS Audit in the implementation and roll-out of the appropriate audit software procured by Group Internal Audit and its subsequent utilization.
- Submit performance appraisals on timely basis as per the laid down policy in this regard to the Principal Specialist Domestic & International IT and IS Audit.
- Review internal audit team work and challenges their understanding of audit areas and processes to assure adequate coverage.
- Monitor post-audit follow-up of audit reports and ensure compliance with recommendations.
- Assist the Principal Specialist Domestic & International IT and IS Audit in work load distribution and establishing a detailed budget for each phase of the audit/ assignment.
- Recommend temporary staff allocations for audits of international operations to the Principal Specialist Domestic & International IT and IS Audit.
- Act as a back-up for the Principal Specialist Domestic & International IT and IS Audit when the referenced person is on leave.
- Responsible for imparting training/ guidance to trainees who join the Group Internal Audit.
Education/Experience Requirements:
- Bachelor degree in IT or banking or other related subjects.
- Professional qualifications such as CISA/ CISSP / CIA / CA/ ACCA etc.
- Minimum of 8 years experience in IT audit function in a major bank or leading audit firm out of which 5 years in a managerial role.
- Excellent oral and written communication skills in English and Arabic (preferred).
- Proficient knowledge of CoBIT principles, IT security and related best practices, SDLC methodology
- Understanding of systems from the business perspective would be an advantage.
- Knowledge of Basel Committee best practices pertaining to the area of responsibility, especially with respect to Business Continuity Management (BCM), including Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP).
- Proficiency in risk concepts, banking operations/ systems and any pertinent regulatory requirements related to his sphere of responsibility.
- Well-developed analytical and interpersonal skills.
- Self-motivated, eye for detail.
- Ability to motivate and lead subordinates.
- Ability to persuade others.
- Flexible team player and able to work and deliver under pressure.
- Working knowledge of Computer Assisted Audit Techniques viz. ACL.
Send resume to soor@jobs-n-jobs.com
Comments