Head of Internal Audit
Fawaz Abdullaziz Al Hokair & Co.
Total years of experience :23 years, 6 Months
- Manage the Internal Audit & Advisory Services as integrated audit services includes IT, Financial and Operational audit services to within Al Hokair Retail group such as Retail Key activities (Sales to Cash), Procure to Pay (AP), Build to Retire (Fixed Asset), Plan to Build (Inventory Management); Hire to Retire (HR & Payroll) and Financial Reporting (GL).
- Develop three years Strategic Risk Based Audit Plan and Annual Audit Pan for the Group activities.
- Prepare the Audit Committee Quarterly Reports and Annual Internal Audit Report.
- Develop the Audit Risk Assessment (Audit Universe and Risk Universe).
- Develop Internal Audit methodology, Internal Audit Charter and Audit Committee Charter according to IIA standards.
- Perform Quality Assurance Review (QAR) for IA Function.
- Prepare the Audit Committee Quarterly Reports and Annual Internal Audit Report.
- Review of Group’s polices and procedure such as IT Policies, HR Policies, Retail Policies and Financial Policies and Performing Gap analysis.
- Implement Continues Auditing technology for Revenue Assurance and Retail Operations
- Using ACL (Audit Command Language), IDEA and Teammate Analytics for Technical Review of data integrity and analysis used within various application systems.
- Full responsible of CCH Teammate Audit Management System administration and implementation (Teammate champion).
- Managing IT, Financial & Assurance / Operational Audit activities for all NAGHI group's automotive sector operations such as Vehicle sales (New vehicles and Used cars), after sales (Workshop and Spare parts) and Financial Services (Leasing and Installment) processes to ensure acceptable performance and compliance levels within NAGHI group.
- Develop Internal Audit methodology and Audit Charter according to IIA standards.
- Develop the annual Risk Assessment and annual audit plan for all business activities.
- Developing Integrated Audit Programs for all types of audit assignments in the group's operations covers Financial, Operational and IT audit and related controls.
- Performing the investigation in case of fraud or irregularities.
- Review and evaluate the IT General Controls and Application System Controls for SAP ERP, ADP Autoline Dealer Management System and AS/400 applications.
- Finalize audit reports and perform Follow up Review for the implementation of corrective action.
- Develop audit staff through proactive career planning and performing staff evaluation.
- Coaching and mentoring the audit staff for developing proactive career path for all staff.
• IT Risk Consulting
• IT Internal Audit Co/Outsourcing
• IT General Controls Review
• IT Application Risks and Controls Assessment
• Data Analysis and Control Assurance using ACL and IDEA
• IT Compliance and ISMS Implementation (PCI, HIPAA, ISO 27001)
• Cyber Maturity Assessment and IT Capability Assessment (COBIT, KPMG CMA)
• IT Security Policies, Security Strategy and IT Governance
• Contingency planning for Disaster Recovery and Business Continuity Management planning
• Information Security Assessment (Vulnerability Scanning, Penetration Testing and Configuration Review) and Computer Forensics
• IT System Selection and Vendor Selection
• IT due diligence
- Performed various Financial Audit, IT audit and Operational audit assignments of various companies & operations of ALJ group such as new vehicle sales and after sales operations (service workshops and spare parts), retail centers, community services, or real estates.
- Reviewed and evaluate the Operating System Controls for Windows, Unix, Novel, OS/400.
- Reviewed the Application System Controls for Oracle Financials & Oracle HRMS and AS/400 application.
- Using ACL (Audit Command Language) and IDEA for Technical Review of data integrity and analysis used within various application systems.
- Involved in turning around the IAD scope from traditional control based to Risk based audit.
- Involved in managing and coordinating the External Quality Assurance Review (QAR) for the department (first time in ALJ history) performed by Deloitte - Dubai office.
- Full responsibility of TeamMate Audit Management System (Responsible for Administration and Technical Implementation).
- Was responsible of develop and manage the website for the IA department.
•Provide risk based audit for KPMG Egypt Clients
•Performing risk-based IS audits, including
1.IT General Controls review to evaluate the design and implementation and test the operating effectiveness of the following:
Access to programs and data
Program Changes
Program Development
Computer Operations
End-User Computing
2.IT Application Controls review to test key application controls supporting business processes. This includes identifying key risks that may affect the business process and evaluate the design and implementation and test the operating effectiveness of the automated controls that mitigate these risks. Mainly we test the following automated controls related to a business application:
System Access and Authorization.
System Interface and Data Migration.
Edit/Exception Reports.
System Configurations and Account Mapping.
•Performing Security audit and evaluated Controls over operating systems, applications and databases
Information System administartor