Internal Auditor

Full Job Description

Job Purpose:
Conduct Information System/ Information Technology audits as per the annual audit plan and the IIA Standards to facilitate the assessment of:

Effectiveness and efficiency of operations.

Reliability and integrity of financial and operational information.

Safeguarding of Company assets.

Compliance with laws, regulations, and internal control framework.

The design and the operational status of internal controls and other risk mitigation measures within all business processes subject to audit

The Enterprise Risk Management (ERM) process including Business Continuity management (BCM) process.
Dimensions:

Operating Budget: NA No of staff: No Direct Reports

Capital Expenditure: NA Other: NA

Key Result Areas:

Actively participate in the periodic risk assessment of corporate business processes in the development of strategic and annual internal audit plans to address the strategic internal audit focus.


Recommend changes to existing processes or implementation of new processes to facilitate business process improvements.

Explore alternatives to conventional approaches in business processes and respond with innovative solutions using research, intuition, and fresh perspectives to improve efficiency.

Identify potential IT risks and related information system issues by applying knowledge of information technology industry trends and the present IT environment. IT risks to be captured in the risk register.


Provide an educated opinion on the design and the operational status of internal controls and other risk mitigation measures.

Function as an internal business consultant particularly to provide governance advice for information system and business processes.

Identify new risks for inclusion in the corporate / department risk register.

Take part in major IT initiatives, transformation projects review of cyber-security systems and internal controls pertaining to Information system under development.

Plan, coordinate and manage each IT individual audit autonomously to achieve timely completion of the annual audit plan.

Develop the audit program for the assigned audit including the objectives, potential risk, key controls etc.

Assist the Technical and Support Internal Audit teams in the examination and analysis of records by executing the audit program for the assigned audits.

Assist the Technical and Support Internal Audit teams in finalizing the use of audit techniques, sampling methods etc.

Execute and / or assist in execution of assigned areas of the internal audit plan to achieve the timely completion of the assigned audit.

Execute Cyber and IT audit engagements in accordance with the approved audit program and ensures that audit objectives have been met to support the audit conclusions.

Assist Senior Internal auditors (Technical and Support) in finalizing IT audit observations with the relevant Auditees to ensure a collaborative audit process.

Participate in conducting special reviews and undertake administrative duties, as directed by the CAO.

Follow-up on the implementation status of agreed action points related to Cyber and IT on a quarterly basis with the relevant stakeholders, as directed by the CAO.

Assist the External Auditors and Auditors from the National Audit Office (NAO) to facilitate their review of the Company's management systems and financial statements by providing requested information/reports/assistance.

Proactively complete assigned trainings and identify the training needs for self-development to assist SIA / CAO in maintaining the adequate audit competencies in the department.

Provide on job training to departmental trainees to facilitate their development as future Auditors.


Job Context

As an integral part of the Internal Audit Department, the position of Internal Auditor- Cyber & Information system shall assist the Internal Audit team to provide an independent assurance over the soundness of the risk and internal controls framework to help the Board of Directors to discharge their governance and oversight responsibilities. The position works closely with CAO and business units.

In-depth understanding of the business culture, policies, procedures, systems, and processes to conduct the audits and proficiency in auditing and control practices is a prerequisite of the job. Proven ability in audit planning and execution, including risk assessment, process and control evaluation as well as maintaining integrity and an objective approach while conducting audits is a critical component of the job.

Provide on the job training to IA team to facilitate their development.

Communications and Working Relationships:

Internal
Communicate frequently with the Senior Internal Auditor- Technical on operational issues(escalation), audit process and for guidance on work related matters.

Interact with Auditee team and other applicable divisions within the organization during the audit process.


External
Assist the SIA during the communication with the External Auditors to provide periodical assistance during their annual review of the company s financial statements.

Assist the SIA during the interaction with the National Audit Court Auditors as directed on the audit issues.

Framework Boundaries, Decision Making authority and responsibility:

Working under the supervision of SIA and CAO, primary responsibility of the job holder is to execute and / or assist in execution of internal audit as per accepted auditing standards and industry best practices for identification and mitigation of the business risks. The job holder has access to Company s information during the audit field work. Therefore he/she is required to possess an elevated level of professional and personnel integrity to ensure confidentiality of the business information handled.

The job holder provides advice on internal controls and risk mitigation measures to Line Management related to management systems whether under development or fully implemented.

Takes independent decisions with respect to the execution of the audit field work.

The position is important, and the job holder is required to be vigilant as ineffective audit work would result in major deficiencies, weaknesses, errors and possibly fraud remaining undetected.

Knowledge Skills and Experience:

Bachelor s degree in Computer Science/Information Technology/Information Systems.

Professional Information system/technology certifications such as CISA, CPA, CISSP, CIA, CISM, CFE, CA, GSNA, MBA, PMP.

Minimum 5 years of Information System Auditing experience, preferably in a large organisation.

Knowledge of Enterprise Risk Management, Risk Based Internal Auditing (RBIA) and best practice auditing techniques.

Possess advance knowledge of network and application vulnerability assessment, IT practices, risk assessment practices, change control, data privacy and business continuity.

Strong proficiency and skills with the database application, including Access and SQL, Microsoft office and other related technologies.

Ability to plan scheduled audit work and conduct analysis of work of a complex nature.

Sound knowledge of Microsoft Office Suite and Audit Command Language (ACL) audit software.

Ability to conduct meetings and make presentations to the Senior Management.

Excellent analytical skills, oral and written communication skills, and good interpersonal skills.

Good planning and organisational skills.

The ability to write clear and concise reports for a variety of audiences.

Excellent numerical and problem-solving skills.

• Oil & Gas

• Accounts
• Taxation
• Audit
• Company Secretary

• Internal Auditor (Cyber & Information Systems)

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at