Log In
Sign Up
Job Description
Job Description
JOB PURPOSE:
Participate as well as lead audits covering the activities and processes of Group Information Security, BCM, Data Domain (Data Governance, Data Privacy, Data Analytics & AI) & System Integration Projects across the FAB Group. Thorough understanding of business/ relationship aspects, Group Information Security , BCM, Data Domain (Data Governance, Data Privacy, Data Analytics & AI) & System Integration control dynamics, risk management processes and the regulatory environment, both in UAE and other relevant jurisdictions where FAB operates. Provide assurance to Management by identifying weaknesses reporting and escalating significant Audit findings in a timely manner and agreed action plans to address the issues raised.
Act as the day to day contact with Management in Group Information Security, BCM, Data Domain (Data Governance, Data Privacy, Data Analytics & AI) & System Integration Departments influencing change through providing advice. Provide input to GIA on issues that have impact on the FAB Group as a whole. Conduct special investigations, reviews, additional tasks as and when required by GIA Senior Management. Share skills and knowledge with Audit teams. Utilize available GIA tools for completion of audits.
KEY ACCOUNTABILITIES:
This section shall not be customised to reflect accountabilities which may be unique to one role. Please use Section 5 to capture any accountabilities specific to the role which are over and above those mentioned in this section.
Strategic Contribution
Assisting in the audit of FAB Group’s Information Security, BCM, Data Domain (Data Governance, Data Privacy, Data Analytics & AI) & System Integration functions and related activities in the UAE, Group Subsidiaries and across the international network (functional).
Ensure that Information Security, BCM, Data Domain (Data Governance, Data Privacy, Data Analytics & AI) & System Integration audits are conducted in accordance with the objectives laid down in the Annual Plan and ensure that the work program is completed in an efficient and effective manner on or ahead of schedule. Inform Head of Audit of any potential delays and/or changes to the Annual Plan.
People Management
In undertaking audits:
Provide guidance and on the job training for junior colleagues and conduct knowledge sharing to facilitate achievement of team objectives and completion of tasks in an efficient manner which is consistent with operating procedures and policy.
Promote the organisation’s values and ethics in all activities within the team to support the establishment of a value driven culture within the bank.
Budgeting and Financial Performance
Monitor the financial performance of given areas of activities versus budgets and ensure all activities are carried out in line with the approved guidelines while promptly reporting on any variances to management.
Policies, Systems, Processes & Procedures
Execute to established GIA Policies, Guidance Notes, Procedures and Practice Notes in undertaking all tasks. Provide input to the development of GIA practices as per industry standards and regulatory expectations.
Review all the activities of the Units within Information Security, BCM, Data Domain (Data Governance, Data Privacy, Data Analytics & AI) & System Integration portfolio in all the jurisdictions in which they operate to define and maintain the Audit Universe. Coordinate with other teams to ensure efficient and effective coverage
Prepare and maintain a Risk Assessment of each of the Process Streams within the Information Security, BCM, Data Domain (Data Governance, Data Privacy, Data Analytics & AI) & System Integration and applicable subsidiaries (e.g. international entity) as identified in the Audit Universe. In this respect, work with the businesses to promote periodic self-assessment of risks and controls.
Establish/update and maintain Audit programs in the central audit management tool.
Conduct audits of the Processes within the Information Security, BCM, Data Domain (Data Governance, Data Privacy, Data Analytics & AI) & System Integration Projects and assess if:
o Divisional/Unit Line management have identified and classified the risks in their activities.
o Governance, risk management and control procedures are adequate, effective and efficient to reduce risks of errors, omissions and loss to acceptable levels at an acceptable cost.
o Improvements/enhancements to the governance, risk management and internal control structure are required.
o Data and transaction processing meets the required standards of reliability, integrity and availability.
o The Division’s/Unit’s assets are being safeguarded.
o The use of resources is efficient and effective.
o Draft audit worksheets/ audit report submitted by auditors are properly reviewed and finalized.
o Audit Worksheets/Audit report is discussed and finalized with GIA management/client within 3 weeks of completion of fieldwork. Negotiate with Unit management to agree a documented Management Action Plan to resolve the issues raised.
Continuous Improvement
Lead the identification of change through continuous improvement of processes and practices considering global standards and changes in the business environment which demand proactive action plans.
Relationship Management
Develop and maintain effective business relationships with all relevant external/internal entities and stakeholders with the highest standards of business ethics, whilst promptly attending to all critical issues in-order to ensure the services required by the organisation are delivered in the most effective manner.
Act as the Audit Business Partner for Line Managers within Group Information Security, BCM, Data Domain (Data Governance, Data Privacy, Data Analytics & AI) & System Integration Project teams and actively manage the relationship through regular meetings with Line Managers to promote this concept and identify emerging risks. Such meetings should also be used to discuss any material gaps between audit assessment or risks and controls and the businesses self-assessment.
Ongoing consultancy/advice is provided to Unit management from a governance, risk management and control perspective for improvements in their processes to ensure effective and efficient controls, on the basis of market best practices.
On an ongoing basis, ensure pending audit issues are followed up with Unit management and that all corrective actions are fully and properly implemented.
Conduct any investigations/special reviews assigned by Head of Audit/GCAO.
Reporting
Ensure that all functional reports are prepared timely and accurately and meet Group requirements, policies and quality standards.
Job Context
Specific Accountability
Maintain up to date knowledge and understanding of Information Security, BCM, Data Domain (Data Governance, Data Privacy, Data Analytics & AI) & System Integration control processes, CBUAE & other regulatory developments drive necessary changes in Audit plan/working programs.
Safeguard against potential loss and contributing to the Units/Departments systems and procedures, by reporting whether Information Security, BCM, Data Domain (Data Governance, Data Privacy, Data Analytics & AI) & System Integration governance & controls of FAB standards are effectively carried out and are efficient in the units/departments audited.
Review the Information Security, BCM, Data Domain (Data Governance, Data Privacy, Data Analytics & AI) & System Integration functions of the bank end to end and identifying areas of correction / improvement.
Examine and comment on the process for the early recognition of problems (if any) and their remedial management to minimise the loss.
Contribute towards the enhancement of relationship between GIA and stakeholders.
FRAMEWORKS, BOUNDARIES, & DECISION MAKING AUTHORITY:
Functions within the framework and boundaries of Group Internal Audit policies as well as overall organisational and governance frameworks.
Authorised to take decisions as per the approved authorisation matrix.
Qualifications
QUALIFICATIONS & EXPERIENCE:
Minimum Qualification
Bachelor’s degree in Information Technology or Information Security or hold an equivalent qualification from another field.
CISA Certification is essential and any additional relevant certifications such as CISSP, CISM & CSX.
Minimum Experience
Minimum 5 years relevant experience with an International Bank or Big 4. Internal Audit experience strongly preferred (but not mandatory).
Working knowledge of Information Security, BCM, Data Domain (Data Governance, Data Privacy, Data Analytics & AI) & System Integration activities and processes and associated risks.
Working knowledge of bank and audit policies and procedures, as well as Central Bank regulations, if relevant Self-directed, able to manage multiple tasks and ability to work under pressure.
Good problem-solving skills.
Self-directed, able to manage multiple tasks and ability to work under pressure.
Good analytical skills.
Good verbal and written communication skills.