IT AUDIT MANAGER
AL MASRAF BANK
مجموع سنوات الخبرة :18 years, 10 أشهر
Control Risk Assessment in all auditable areas of Bank’s IT Department using the aid of AutoAudit Software by ThomsonsReuters GRC System.
•Prepare Annual IT Audit Plan which includes preparation of Audit Timing and staffing using the aid of AutoAudit Software by ThomsonsReuters GRC System.
•Review and Approve customize audit programs/procedures for every engagement to test controls in holistic perspective that includes manual & automated and from Financial to Operations (compliance of Central Bank - UAE) perspective.
•Manage and Supervise Assurance audit, Internal Consulting and Due Diligence audit engagement.
•Perform Computer and Financial Forensics examinations for fraud cases and special investigation assigned/requested by Management and/or Audit Committee
•Conduct Admission-Seeking Interview and other structural interview technique for suspected and/or involved employees in fraud cases
•Perform other various data gathering techniques for establishing corroborating evidence for fraud related investigations
•Prepare Fraud examination report for management use or subsequent submission to CID-UAE
•Develop and managed Continous Audit Monitoning using Arbutus Analytics Tools. Performs Scripting and identification of red flags, errors and unususal system behavaior across the enterprise.
•Helped develop fraud response procedures in Al Masraf
•Conducts ISO27001 Information security review for Banks certification renewal.
•Conducts National Electronic Security Alliance (NESA) compliance audit for UAE Central Bank annual security evaluation requirements.
•Manage all outstanding IT audit issues and supervise follow up of status of audit issues for Board of Directors reporting.
•Manage the co-sourcing audit engagement with Big 4 firms that provides manpower to help out deliver the various requirements requested by the Audit Board Committee related to T24 Core Banking system.
•Conducts independent investigations for systems incidents and bank operations incident
•Conducts performance review for Audit Staff on regular basis.
•Conducts Opening/Exit meetings for auditees
FINANCIAL AND TECHNOLOGY RISK AUDIT
•Coordinates with Audit Director and Audit Manager to ensure a system is in place that provides guarantee about the identification and evaluation of all major auditable risks on an annual basis.
•Identifies major auditable area for Financial, Operation & Technology departments, on annual basis for proper monitoring of 3 years Audit Cycle.
•Organizes, plans and carries out the internal audit function such as executing special investigations, compliance of Distribution Centre Checklist and reviews the companies' internal control system.
•Prepares audit program for IT audit and Financial audit for Audit Manager’s presentation in opening meeting.
•Carries out SOLE responsibility for auditing IT Division of the company across Middle East and North Africa region.
•Helps other team for data mining and analysis using ACL tools.
•Performs review of Information Security Management Systems ISO:27001 to ensure compliance of certification requirements and maintains proper standard of IT process.
•Performs any other ad-hoc duties as assigned.
annual Control Risk Assessment in the critical departments from executive level down to operations level to identify High Risk in their Manual and IT processes.
•Prepared the Annual Audit Plan based on the result of the Control Risk Assessment gathered from various departments which includes preparation of Audit Timing and staff manning in one audit cycle.
•Developed audit programs/procedures for each engagement to customize the approach of examination and testing of controls in holistic perspective that includes the Manual and IT system of the process.
•Managed and closely supervise the execution of audit program for the internal staff.
•Managed the co-sourcing audit engagement with Big 4 firms that provides manpower that would help out deliver the control evaluation necessary for various in-house Application System and various modules of SAP and Great Plains Dynamics.
•Acted as the
The review ensures that all risks and possible audit issues were properly reported in the juniors’ auditor report.
•Performed analysis of cheque-kitting for demand deposit accounts.
•Performed behavior analysis of the detailed history of ATM savings account to detect ATM fraud transactions.
•Reviewed detailed history behavior of Time Deposit and High-interest-earning privileged accounts from opening of new accounts to frequent renewals to detect fraud and scams.
•Reviewed Anti-money laundering compliance procedure of the branch in terms of account opening requirements, clients’ pre-identification procedure and cash volume analysis of deposit-withdrawal transaction of each client per day.
•Designed a tactical approach of a surprise cash count in cash vault and teller’s cash box to be reconciled against audit book record.
•Consolidated Audit findings to serve as the basis of branch level discussion.
•Facilitated audit issue deliberation with the Branch Managers and Branch Operation Officers.
•Assisted the management in compliance to various government requirements.
•Conducted special audit engagement for reported fraud activities.
courses: Certified Information System Security Professional (CISSP),
CPA, CISA, CFE, CISSP