Head of Core Banking and Retail Systems Audit
- Salaire : Competitive
- Lieu de travail : Doha, Ad Dawḩah, Qatar
- Type de contrat : Plein-temps
- Entreprise : Qatar National Bank (QNB)
- Mise à jour le : 19 juin 18
QNB Group, the biggest bank in Qatar, and a leading financial institution in the Middle East and Africa, is looking to hire a Head of Core Banking and Retail Systems Audit, to meet the requirements of the expansion of its office in QNB - Qatar//Doha.
QNB Group's presence through its subsidiaries and associate companies now extends to more than 30 countries across 3 continents, providing a comprehensive range of products and services. The total number of staff is more than 28,000 operating from over 1200 locations.
The Head of Core Banking and Retail Systems Audit will provide inputs to the Principal Specialist Domestic & International IT and IS Audit for the development of the audit universe for information system audit activities entailing identification of the auditable entities for inclusion in the annual IT audit plan for Domestic & International Core Banking & Retail Systems. Further, the incumbent will be responsible for ensuring timely completion/ execution of the approved annual audit plan pertaining to his area and conduct of individual audit assignments in line with applicable best practices, including but not limited to the Standards for the Professional Practice of Internal Auditing (SPPIA), CoBIT principles and the System Development Life Cycle (SDLC) methodology.
The incumbent will not only be responsible for post-implementation review of the various information systems used by the Group to support the business but will also conduct/ oversee pre-implementation reviews for select systems (based on the risk assessment exercise) to ensure adequate system controls are built into the systems during the development stage itself. Besides, the incumbent may be called upon to conduct special reviews of select systems/ special assignments as and when required by his superior.
The above role will also extend to the related secondary responsibilities that will be assigned to the IT Audit team in terms of specific activities/ functions to be audited, in addition to the primary responsibility with respect to the information system audits.
- Assist the Principal Specialist Domestic & International IT and IS Audit in adding value by identifying through the individual reviews conducted, instances/ risks that entail probable financial loss or regulatory/ policy non-compliance that could result in monetary penalties/ reputation damage through the information systems audit/ review process and the performance of any related responsibilities that are assigned.
- Assist the Principal Specialist Domestic & International IT and IS Audit in identifying potential cost saving opportunities by highlighting process inefficiencies through the above-mentioned process.
- Assist the Principal Specialist Domestic & International IT and IS Audit in ensuring adequate coverage of the information systems and activities pertaining to IT and information security (and the assigned related secondary responsibilities to the IT Audit team as mentioned above) in the annual audit plan to provide assurance to the relevant auditee management, executive management. Group Audit & Compliance Committee and the Board on the adequacy and effectiveness of the internal controls in place within the respective system/ function/ area and add value to improve the functioning of the various systems in use/ activities performed by IT and IT security, as and where applicable.
- Provide timely feedback/ information to the Principal Specialist Domestic & International IT and IS Audit and in his absence, to the Chief Internal Auditor - IT and IS Audit, Follow-Up and Special Assignments on queries/ reports/ other correspondence received from the external auditors, Qatar Central Bank (QCB) and other external regulators to enable the latter to respond to the same in a timely and efficient manner, which pertain to the incumbent's area of responsibility.
- Liaise with the system development personnel within Group IT and the respective vendor personnel (where system are procured/ developed with external assistance) during the reviews of individual systems.
- Oversee on day-to-day basis, the individual assignments comprising the approved plan to ensure that these are being conducted in accordance with the best practices for internal auditing, including but not limited to SPPIA recommendations/ guidelines and CoBIT principles.
- Responsible for determining the existence and adequacy of the SDLC methodology during the review of select information systems and comment upon the same. Ensure that such reviews focus on determining whether test plans and test scripts were in place and actually used, whether testing conducted on the concerned system was adequate and whether all significant issues were resolved/ requirements of the concerned business users met and their sign-offs obtained before moving the system from the test phase to production.
- Ensure that the audit planning, fieldwork and reporting stages are conducted in consonance with the procedures/ guidelines contained in the internal audit manual, including but not limited to communications to relevant auditee management on audit commencement, presentation of draft reports to auditee management and obtaining their responses and holding of closing meetings.
- Oversee special audits/ reviews for investigation of problem areas or for certain specific reasons, as and when directed by the GCEO/ executive management or the Board.
- Review and adjust audit programs to be aligned with engagement scope and requirements and the related advances in best practices pertaining to the area under review.
- Perform first level review of all internal audit and other special assignment/ investigation reports and subsequent submission of the same to the Principal Specialist Domestic & International IT and IS Audit.
- Bachelor degree in IT or banking or other related subjects.
- Professional qualifications such as CISA/ CISSP / CIA / CA/ ACCA etc.
- Minimum of 8 years experience in IT audit function in a major bank or leading audit firm out of which 5 years in a managerial role.
- Excellent oral and written communication skills in English and Arabic (preferred).
- Proficient knowledge of CoBIT principles, IT security and related best practices, SDLC methodology
- Understanding of systems from the business perspective would be an advantage.
- Knowledge of Basel Committee best practices pertaining to the area of responsibility, especially with respect to Business Continuity Management (BCM), including Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP).
Note: you will be required to attach the following:
1. Resume / CV