Ibrahim AlFaifi

Head Of Internal Audit à Ministry Of Labor And Social Development - Saudi Arabia

• Arabie Saoudite - Riyad
• Je travaille ici depuis octobre 2019

Managing Internal Audit function

IT Audit Director à Al Rajhi Bank

• Arabie Saoudite - Riyad
• avril 2018 à septembre 2019

Managing IT Audit department.

IT Audit Manager à Al Rajhi Bank

• Arabie Saoudite - Riyad
• mars 2015 à mars 2018

IT Auditor à Communications and Information Technology Commission

• Arabie Saoudite
• juin 2014 à mars 2015

IT Auditor à Public Pension Agency

• Arabie Saoudite - Riyad
• mai 2012 à mai 2014

* Responsible for implementing and handling the IT Audit function in the PPA. Prepare and establish the IT Audit Methodology that covers Planning, Fieldwork and Reporting. Also, preparing all documents and templates required to perform the work such as: Annual Planning (as per Risk Based Methodology), Audit Program, Audit Report.

* Provide consultancy to the Business Continuity Committee and Information Security Committee.

* Performing some audit engagements such as IT Quality Audit, IT Management Structure Audit, Pension & Investment Applications Audit and evaluating the level of compliance with the ISO27001 requirements.

* Secretary of the PPA’s Audit Committee, and responsible for arranging the quarterly meeting, prepare the Quarterly Audit Report, and Audit Committee Report and recommendations.

* Supervision the IT External Audit activities.

Senior IT Auditor à Al Rajhi Bank

• Arabie Saoudite - Riyad
• mai 2011 à mai 2012

* Oversee the issuance and presentation of audit reports, observations, and other deliverables.

* Conduct risk assessment for the respective audit area with the related teams.

* Prepare and review audit program for respective audit area.

* Conduct opening meeting with clients before the start of the audit and conduct exit meeting with clients during finalization of audit report.

* Conduct discussion with clients during the course of the audit for any clarifications, for expediting the audit etc.

* Issue and discuss the audit report with the Head on IT Audit Department and related Audit areas.

* Monitor the progress and the status of the audit assignment against the agreed plan and also meet audit team in a regular basis and guide them.

Internal Auditor à Riyad Bank

• Arabie Saoudite - Riyad
• août 2009 à mai 2011

Examining, reviewing and evaluating IT related controls. This includes reviewing the following:
Physical Security controls to ensure that only authorized personnel are allowed to access a facility, resource, or information.
Logical Access to ensure that access is granted based on business need and make sure that user access review are performed in regular basis based on the criticality of the system and also based on Business Impact Analysis (BIA).
Change management processes/procedures to ensure that changes are authorized and they meet business requirements.
Source code/version control procedures to ensure the integrity of the program code.
SDLC process and procedure to ensure that IT projects are effectively managed.
Problem/Incident management procedure to ensure that operational processing errors/incidents are addressed and also to make sure that first line support are working effectively
Hardware/software configuration, installation and testing to ensure they have been configured & installed based on the standards.
BCP, BRP and backup to ensure the business continuity incase of any disaster.
Agreements e.g. SLAs, Escrow agreements and Non-Disclosure agreements (confidentiality agreements) to ensure they are in place.
KPIs / KRIs are identified and documented to ensure the success of the particular activities ant