Mahmoud Elbagoury

- Established the Internal Audit Charter (IAC) that Covers the Internal Audit Department Purpose, authority and Responsibility, Reporting and Organization, Audit Universe, Role, Purpose, Objectivity and Independency and update it annually.

- Established the Internal Audit Department Objectives and Key Performance Indicators (KPIs). In addition to Internal Audit Job Profiles, Roles Objectives by level/grade and KPIs and update them annually.

- Established the Internal Audit Competency Framework (IACF) by covering ten core competencies: Professional Ethics, Internal Audit Management, International Professional Practices Framework (IPPF), Governance, Risk and Control, Business Acumen, Communication Persuasion and collaboration, Critical thinking, Internal audit delivery, Improvement and innovation and update it annually.

- Established the Continuous Professional Development Program (CPDP) for the Internal Audit Department employees by covering several dimensions including: Governance, Risk, Control, Ethics, Compliance, Fraud, IT and Interpersonal Skills reference to the International Standards for the Professional Practice of Internal Auditing (Standards).

- Established the Quality Assessment and Improvement Program (QAIP) for the Internal Audit Department by covering three dimensions: Positioning, People and Process in alignment with the International Professional Practices Framework (IPPF) of the Institute of Internal Auditors (IIA) and conduct the assessment annually, set an improvement annual action plan.

- Established the Internal Audit Capability Model (IACM) for the Internal Audit Department by covering six elements: Services and Role of Internal Auditing, People Management, Professional Practices, Performance Management and Accountability, Organizational Relationships and Culture and Governance Structure Process in alignment with the Institute of Internal Auditors (IIA) Capability Model. and conduct the assessment annually, set an improvement annual action plan.

- Conducted a Strategic Analysis and Risk assessment for the Group and developed the Risk-based Internal Audit (RBIA) Plan. In addition, aligned its wide Audit Universe adopting the APQC Retail and Distribution Business Process Frameworks.

- Established the Collaboration and Knowledge (C&K) Program for the Board of Directors and Senior Management by Sharing Best Practices, Researches, Studies, Frameworks, and Standards guided by a philosophy of adding value and maintaining a relationship with the Board of Directors and Senior Management as a trusted advisor.

- Established the Internal Control Integrated Framework (ICIF) for the Group based on the Committee of Sponsoring Organizations of the Treadway Commission (COSO) Internal Control Integrated Framework y covering three types of control objectives: Effectiveness and Efficiency of Operations, Reliability of financial Reporting and Compliance with laws and regulations. In addition to the five components of internal control: Control Environment, Risk Assessment, Control Activities, Information and Communication and Monitoring Activities.

■ Establish an internal audit function, or extend the scope of existing team.
■ Evaluate internal audit functions and provide co-sourcing, outsourcing services.
■ Lead Internal audit projects, Internal audit capacity building.
■ Conduct quality assessment review, train management and internal audit.
■ Provide Quality Assessment Review (QAR), Control Self-Assessment (CSA) and Governance, Risk and Compliance (GRC)
■ Provide early warning of problems so that Internal Audit can address control or transaction failures closer to the occurrence.
■ Enhancing the organization oversight capabilities and providing line management with better tools to manage day-to-day responsibilities.
■ Helps to improve the overall risk and control oversight capability through enhanced detection and monitoring.
■ Use of risk and controls knowledge, with emphasis on those that are industry-specific and compliance-driven.
■ Coach auditors and facilitate to resolve issues with customers and review audit work papers to assure clarity and well-organized documentation.
■ Prepare the Risk-based Internal Audit (RBIA) plans for clients.
■ Develop audit programs, working papers, and internal audit reports.
■ Design, execute and advise on the use of Enterprise Risk Management (ERM).
■ Identify, measure, monitor, report, and respond to risks across an enterprise in a way that is aligned with the enterprise’s objectives and risk appetite.
■ Provide Enterprise Risk Management (ERM) Design, Implementation and Enterprise Risk Assessment (ERA).
■ Assist management through the change management process.
■ Assess, evaluate and develop the effectiveness of organization's governance processes.
■ Develop solutions to close the gaps and enable change to minimize risks and maximize benefits.
■ Rationalize monitoring functions, governance and risk oversight.
■ Provide fraud risk assessment and anti-fraud process evaluation.
■ Drive Sarbanes Oxley Act (SOX) and equivalent regulations compliance.

■ Maintain and develop the annual Risk Based Internal Audit Plan.
■ Develop the operational, financial, IT and compliance audit scope.
■ Design and document risk and control matrix as well as audit work programs.
■ Conduct special assignments as requested.
■ Test process level control design and effectiveness.
■ Evaluate and provide reasonable assurance on the effectiveness of risk management, control, and governance structures.
■ Report risk management issues and internal controls deficiencies identified directly to the Head of Internal Audit.
■ Assess and identify opportunities to improve risk practices and ensure control activities are properly communicated and documented
■ Track the progress of audits; provides technical assistance to auditors in compiling, drafting, and completing audits and audit reports.
■ Ensure compliance with the International Professional Practices Framework (IPPF) & the International Standards for the Professional Practice of Internal Auditing Standards (IIA).

■ Tracked Cost and time plan for each engagement and compute gross margin.
■ Arrange meetings with key members of the engagement team during the planning phase.
■ Plan for Financial Statements Audit, Interim Review and Assurance Engagements based on the understanding of the clients’ business processes and in accordance with KPMG Audit Methodology.
■ Establishing the key audit objectives with appropriate Risk of Significant Misstatement in coordination with the Audit Director.
■ Ensure compliance with the audit, accounting, financial reporting standards, and regulatory requirements.
■ Communicate industry specific concerns to audit engagements.
■ Assess the sufficiency and integrity of evidence and conclusions reached on an audit by reviewing the working papers of Associates and escalate significant issues to the Audit Director and Partner.
■ Follow up unresolved audit issues.
■ Communicate audit progress and key findings in Engagement status meetings.
■ Assist clients in compliance with IFRSs, US GAAP, EASs as well as applicable laws/regulations.
■ Apply KPMG’s Client, Engagement Acceptance & Continuance (CEAC) & Sentinel requests procedures.