Manager - IT Audits (UAEN Talent)
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
JOB PURPOSE: An Associate IT Audit Manager plays a crucial role in ensuring that an organization’s information technology systems and processes align with its objectives while meeting regulatory compliance and safeguarding against risks.
Key Skills for This Role
Full Job Posting
Job Purpose
- An Associate IT Audit Manager plays a crucial role in ensuring that an organization’s information technology systems and processes align with its objectives while meeting regulatory compliance and safeguarding against risks.
- The key responsibilities include:
- **Planning and Designing Audits:**
- Develop comprehensive audit plans that outline the scope, objectives, and methodologies for evaluating the effectiveness, efficiency, and security of IT systems and processes.
- **Risk Assessment:**
- Conduct risk assessments to identify vulnerabilities in the IT infrastructure, including cybersecurity threats, data integrity issues, and system availability risks.
- Based on these assessments, prioritize areas for auditing.
- **Performing Audits:**
- Execute audits according to the planned scope, including reviewing and testing IT controls, systems, and processes to assess their effectiveness.
- This often involves evaluating IT governance practices, security policies, access controls, disaster recovery planning, and operational procedures.
- **Reporting Findings:**
- Document audit results, including identified weaknesses or non-compliance issues.
- Provide clear, actionable recommendations for addressing these issues.
- **Follow-up and Verification:**
- Follow up on audit findings to ensure that corrective actions have been implemented effectively.
- Verify that recommendations are carried out and that the desired outcomes are achieved.
- **Advisory Role:**
- Act as an advisor to management on IT risk management, control, and governance processes.
- Offer guidance on enhancing IT frameworks, policies, and procedures.
- **Regulatory Compliance:**
- Evaluate the organization’s compliance with relevant industry standards and regulatory requirements related to IT, such as GDPR, ISO27001, ISR, SOX, HIPAA.
- **Collaboration and Communication:**
- Work closely with IT teams, external auditors, and other stakeholders.
- Effectively communicating audit findings, risks, and recommendations to both technical and non-technical audiences.
- The above is to be carried out across all EGA sites (JA, AT, GAC, ATA and EGA Subsidiaries) in the following IT functions:
- Industrial IT Systems (including SCADA systems).
- EGA SAP and other Corporate & Mobile Applications.
- IT Governance.
- IT Infrastructure (network, telecom, Data Centres etc.)
- Information Security (including cyber security).
- GRC Access and Process Control systems.
- Industry 4.0.
Key Accountabilities
- Mandatory ethical and audit standards prescribed by the IIA
- Embeds the ethical standards and the mandatory standards prescribed by The Institute of Internal Auditors (IIA) in the day-to-day operations. To that effect, he/she shall instruct/supervise/coach his team members about the aforesaid requirement
- For deviations brought to his/her attention, the job holder would take steps to resolve the issue. It shall be the responsibility of the position holder to keep the Senior Manager of Corporate & IT and Chief Internal Auditor (CIA) informed of the deviations reported and the steps undertaken to resolve the issue. Should it not be possible for the job holder to resolve the issue, he/she shall seek the guidance of the Senior Manager of Corporate and IT and CIA in this regard.
Departmental Policies, Processes & Procedures
Responsible for implementing departmental policies, processes, and procedures in all audits/risk assessments / day-to-day work conducted.
To that effect, he/she shall instruct/supervise/coach his/her team members with regard to requirements of the departmental policies and procedures as well as monitor adherence to such policy/procedure.
Deviations if any shall be brought to the attention of the Senior Manager of Corporate and IT and Chief Internal Audit (CIA) for corrective action.
Develop and maintain effective working relationships with management of the assigned domain and act as the key point of contact.
The Associate Manager shall ensure that he/she is aware of all changes in key personnel/processes/systems as well as emerging risks relevant to his/her domain arising out of changes in industry/market / legislation etc.
Risk Assessment And Audit Plans
- Develop and maintain effective working relationships with management of the assigned domain and act as the key point of contact. The Associate Manager shall ensure that he/she is aware of all changes in key personnel/processes/systems as well as emerging risks relevant to his/her domain arising out of changes in industry/market / legislation etc.
- Upon identifying such risk/changes, the Associate Manager shall inform the Senior Manager of Corporate and IT and assist in assessing the emerging risks and their potential impact on the audit plan and propose changes to the plan if required in order to prioritize the high-risk audit units.
- Lead the annual risk assessment process relating to the domain and assist the Senior Manager of Corporate and IT in prioritizing the high-risk audit units while preparing the audit plan.
Assessing Staffing Requirements
Assess the staffing requirements for planned and Adhoc audit assignments and advise the Senior Manager Corporate and IT on assigning personnel to audit assignments within the assigned domain.
Should the skillset required to conduct an audit not be available in-house, the Associate Manager shall assist the Senior Manager Corporate and IT to plan and execute co-sourced / outsourced audit assignments.
Managing Audit Assignments
- Shall have overall responsibility for independently conducting audits within the domain. To that effect, the Associate Manager’s responsibility shall include but not be limited to the following:
- Ensure that relevant portion of the audit plan approved by the ARC for the year is achieved and that audits are completed within the defined timeframe. Assist the Senior Manager Corporate and IT in analysing deviations beyond 10% of the allocated time and initiate corrective actions planned.
- Plan and scope audit assignments ensuring adequate audit coverage of audit units to most effectively utilize the resources in providing reasonable assurance regarding the control environment.
- Develop process flow charts, conduct the process level risk analysis, prepare the risk, and control matrix and assess the design of management’s internal controls.
- Develop the audit programs including procedures / audit approaches / data analysis for auditing new processes or modifying existing approaches to further enhance the audit coverage / effectiveness.
- Execute audit procedures most critical to the audit assignment while conducting the work to ensure that the specified audit objectives are met.
- Assist the other auditors in evaluating the IT system controls for the business audits.
- Identify control weaknesses, process improvement and cost reduction opportunities.
- Quality of Documentation
- Document the test procedures carried out and review the work done by the team members / co-sourced consultants on an ongoing basis in TeamMate / GRC, to ensure that the quality of audit file documentation meets the standards set in the Internal Audit methodology and the IIA’s standards.
Recommending Corrective Actions
- Recommend to process owners suitable corrective/preventive actions in order to mitigate/remediate the observations made and risks highlighted ensuring that all accepted recommendations are given clear implementation deadlines or clearly identified as not being accepted.
- Leads closing meetings with line and top management to obtain their buy in regarding the recommendations / corrective actions.
- Ensure that area managers and the Senior Manager Corporate and IT are informed in a timely manner regarding critical issues to enable quick correction and mitigation of further occurrences.
- Conduct monthly follow-up of audit recommendations and report on status of their implementation to the Senior Manager Corporate and IT.
Preparing Reports
- Review draft reports drafted by team members / co-sourced consultants to ensure that draft reports meet the quality standards required by IA Methodology.
- Deliver final versions of draft reports to the Senior Manager Corporate and IT after discussing with management and obtaining their buy-ins with regard to the observations and recommendations made.
Peer Review And Quality Certification
- The audits conducted/led and carried out by the Associate Manager IA shall be subject to peer reviews and quality assessments on a periodic basis. The Associate Manager would be responsible for implementing the recommendations made in the aforesaid assessments.
- The Associate Manager would assist the Senior Manager Corporate and IT and Chief Internal Auditor in achieving the periodic external quality certification.
Managing Co-Sourced And Outsourced Audits
+ Should the CIA in consultation with the Senior Manager Corporate and IT approve that an audit assignment in the Associate Manager’s domain be co-sourced/outsourced either due to unavailability of skillset in-house or resource constraints, the Associate Manager shall have the following responsibilities:
+ Prepare the request for proposal including technical specifications, areas / scope to be covered, deliverables, manpower required etc.
+ Assist the Senior Manager Corporate and IT in carrying out the technical evaluation of the proposals received.
+ Liaison with the external team and monitor the day-to-day progress of the audit assignment;
+ Assess the work done and the deliverables to ensure that the audit objectives are met.
+ Lead the closeout meeting with management to agree on the action plans; and
+ Document the observations in GRC so that these can be followed up later.
Management Requests And Fraud Investigation
- Conducts ad-hoc reviews based on management requests as directed by the CIA.
- Participates in the fraud investigations as and when called upon to do so by the CIA.
Safety, Quality & Environment
- Complies with all relevant safety, quality and environmental management policies, procedures and controls to ensure a healthy and safe work environment.
Qualifications & Skills
- University degree in Computer Science.
- Holding relevant professional certifications can be beneficial, such as:
• CISM (Certified Information Security Manager)
- These certifications attest to the manager's knowledge and expertise in IT audit and security domains.
- Keep up-to-date with the latest IT trends, risks, and technologies, as well as developments in auditing standards and regulatory requirements.
- Minimum 8 years of working experience, of which:
- At least 4 years experience in managing IT audits, and
- At least 5 years experience in Internal Audit.
- Exposure to managing/auditing Industrial IT systems in the mining or manufacturing industry would be an added advantage.
- Profile description:
- An Associate IT Audit Manager plays a crucial role in ensuring that an organization’s information technology systems and processes align with its objectives while meeting regulatory compliance and safeguarding against risks.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Emirates Global Aluminium (EGA)
Graduate Trainee - Finance
Dubai, UAE
Emirates Global Aluminium (EGA) offers an 18-month National Graduate Training Programme in Finance for UAE nationals. The program includes on-the-job training, technical skills development, and leadership competencies, p
Senior Associate - Outbound Logistics Commercial (6 Months Contract only)
Dubai, UAE
Emirates Global Aluminium (EGA) seeks a Senior Associate for Outbound Logistics Commercial on a 6-month contract. The role involves planning, scheduling, and monitoring logistics activities, developing commercial strateg
Associate Manager - International Payroll (UAE Nationals only)
Dubai, UAE
Emirates Global Aluminium seeks an Associate Manager for International Payroll to oversee payroll operations across multiple countries. The role requires 8+ years of payroll or finance experience, including 4 years in ma
Director - Safety
Abu Dhabi, UAE
Emirates Global Aluminium seeks a Director of Safety to lead the development and implementation of safety management systems across all sites. The role involves strategy development, governance, audits, and incident inve
Senior Director - Process Safety
Abu Dhabi, UAE
Emirates Global Aluminium (EGA) is seeking a Senior Director of Process Safety to prevent catastrophic events in aluminium smelting operations. This role establishes major hazard governance, critical control management,
Director - Midstream Safety AT
Abu Dhabi, UAE
Emirates Global Aluminium (EGA) seeks a Director of Midstream Safety to lead safety management systems across EGA sites in Abu Dhabi. The role develops, plans, manages, and audits safety programs to ensure compliance wit
Assistant System Controller - Energy (Qatar Pool - Based in UAE)
Doha, QAT
Emirates Global Aluminium (EGA) is seeking an Assistant System Controller to coordinate with the Control Room Engineer for safe and efficient generation of electricity and steam at the Jebel Ali site. The role involves m
Supervisor - Security (UAE National)
Dubai, UAE
Emirates Global Aluminium (EGA) is seeking a Security Supervisor to assist in implementing corporate security control and protection plans. The role involves overseeing day-to-day security operations, conducting investig
Graduate Trainee - Finance
Dubai, UAE
Senior Associate - Outbound Logistics Commercial (6 Months Contract only)
Dubai, UAE
Associate Manager - International Payroll (UAE Nationals only)
Dubai, UAE
Director - Safety
Abu Dhabi, UAE
Senior Director - Process Safety
Abu Dhabi, UAE
Director - Midstream Safety AT
Abu Dhabi, UAE
Assistant System Controller - Energy (Qatar Pool - Based in UAE)
Doha, QAT
Supervisor - Security (UAE National)
Dubai, UAE