IT Audit Manager
- Recruiter
- Ahli United Bank Plc
- Location
- Doha, Qatar
- Salary
- Competitive
- Posted
- 19 Mar 2018
- Closes
- 19 May 2018
- Job role
- Audit
- Sector
- Accounting - Public practice
- Experience level
- Manager
Role Overview:
The IT Auditor (who would be reporting to the Head of Internal Audit Manager) would provide the bank with an assurance on meeting compliance requirements and mitigation of identified operational risks by monitoring and testing the bank's technology controls. The personnel would also conduct and document IT audit projects as per the IA plan.
Responsibilities:
• Performing risk based assessments on the banks information processing systems located across multiple locations.
• Review the technology components and process responsible for supporting the bank's financial operations, not limited to data collection, secure storage and transactions.
• Coordinate with relevant stakeholders to plan and execute IT audits. The personnel should be capable to gather the required information, consult with required stakeholders and subject matter experts within the bank. The personnel would be required prepare suitable work papers (in accordance with IA department guidelines) to provide records of the work on audited segment
• Represent the department as necessary for any formal or ad-hoc technology risk analysis and aid in the identification and evaluation of applicable risks. Audit findings would need to be well documented highlighting the recommendations for correction of any recorded observations.
• As required, perform testing on information systems to evaluate the effectiveness of the controls in areas (not limited to) including:
o Security configuration review,
o Data backup and recovery,
o Disaster recovery,
o User access controls management,
o IT procurement
o Physical and environmental controls including Data Centre Security
o IT Governance
o Application Audits including core banking and other key applications
o Pre and Post Technology Implementation
o Application acquisition and implementation
o IT Policies and Procedures
o IT Infrastructure
o IT Service Management; and
o Data migration
• The personnel may be required to perform additional / special reviews at the request of any important stakeholders of the bank including but not limited to the following:
o Review design and effectiveness of controls around IT project implementations. To evaluate if IT projects undertaken are aligned with business goals & requirements and managed efficiently with no significant time or cost overruns
o Evaluate design and effectiveness of controls operating on key applications of the bank such as Core Banking, Card Management, Treasury and Internet Banking systems. Control areas such as data inputs, outputs, data processing, application security, customer, supplier etc. shall be evaluated for adherence to leading practices
o Evaluate and assess data migration controls including areas such as strategy, data conversion, mapping, data cleanliness, reconciliation methods, testing of data before migration, controls on handling confidential data etc.
• Participate in the communication and delivery of the audit report and for any required presentations (to communicate the results) required for the same. On requirements, presentations or sessions may need to be held for management and the audit committee.
• Ensure that recommendations are clearly presented to and agreed to by management and that a subsequent audit report is issued promptly.
• Track and monitor if agreed recommendations are subsequently implemented.
• Stay abreast of best practices both internally and externally and provide conduit for introducing those practices to the company