Role Summary

The incumbent will endeavor to maintain familiarity with all technology trends, software and systems in respect of best practice IT Audit functions worldwide. This knowledge will be used to make recommendations to the CIA – Global IT & IS Audit and the Heads of IT Audit at QNB Overseas subsidiaries. Software and Systems would include, but not be restricted to: Audit Management record keeping and risk systems (e.g. the current Head Office Thomson Reuters eGRC Audit management System); data analysis systems, e.g. ACL, IDEA; Continuous Auditing systems including latest trends in Data Mining and Artificial Intelligence. 

The incumbent will help provide first line technical management and support of QNB Head Office Audit systems – the primary system will be the eGRC AMS, including technical set-up, customization of screens and data fields, maintenance of user and data security, and liaison with the vendor and Information Technology department. Other systems to be managed will include any data interrogation tools/systems (e.g. ACL) and the Audit server.

A key duty, in respect of the QNB International Governance model, is to help ensure consistency of audit data capture in systems and data sharing between the QNB Subsidiaries and QNB head office. The incumbent will therefore work closely with his technical counterparts in the QNB Subsidiary Audit functions to ensure that Audit Management systems are setup and customized to facilitate effective Audit reporting between Subsidiary and Head Office. Where required the incumbent will provide direct input to the choice of systems at both the subsidiary and Head of levels.

Role Description

• Responsible for supporting manager in the implementation and roll-out of the appropriate audit software procured by Group Internal Audit and its subsequent utilization.
• Execute on day-to-day basis, the individual assignments comprising the approved plan to ensure that these are being conducted in accordance with the best practices for internal auditing, including but not limited to SPPIA recommendations/ guidelines, CoBIT principles and best practice IT Security and IT Governance guidelines.
• Prepare the audit programs for any audits directly assigned and ensure the audit procedures adequately cover the area under review.
• Ensure that the audit planning, fieldwork and reporting stages are conducted in consonance with the procedures/ guidelines contained in the internal audit manual, including but not limited to communications to relevant auditee management on audit commencement, presentation of draft reports to auditee management and obtaining their responses and holding of closing meetings.
• Perform first level review of all internal audit and other special assignment/ investigation reports and subsequent submission as directed to the Chief Internal Auditor - Global IT & IS Audit.
• As part of individual system implementation reviews, determine whether test plans and test scripts are in place and actually used, whether testing conducted on the concerned system was adequate and whether all significant issues are resolved/ requirements of the concerned business users met and their sign-offs obtained before moving the system from the test phase to production. Review compliance with the approved SDLC methodology in this regard.
• Ensure the findings raised are factually correct and adequately reflect the deficiency/ non-compliance noted during the audit process.
• Monitor post-audit follow-up of audit reports and ensure compliance with recommendations.
• Participate in conducting special audits, and investigation of problem areas or for certain specific reasons, as and when directed by his superiors.
• Prepare draft reports on timely basis for submission to the audit/ assignment in-charge for his review.
• Conduct post-audit follow-up of audit reports and ensure compliance with recommendations.

Qualifications

• Bachelor degree in IT or banking or other related subjects.
• Professional qualifications such as CISA/ CISSP / CIA / CA/ ACCA etc.
• Minimum of 3 years’ experience in IT audit function in a major bank or leading audit firm.
• Excellent oral and written communication skills in English and Arabic (preferred).
• Proficient knowledge of CoBIT principles, IT Security, IT Governance and related best practices.
• Understanding of banking systems would be an advantage.
• Knowledge of Basel Committee best practices pertaining to the area of responsibility, especially with respect to Business Continuity Management (BCM), including Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP).
• Working knowledge of Computer Assisted Audit Techniques.