Job Purpose:Leads the activities of the internal audit function. This include to determine whether the ICIEC’s risk management, IT, governance and internal control processes are adequate and ensures risks are appropriately identified and managed. The role holder will help the Corporation to implement its vision and mission by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes. He/she will also identify opportunities for process improvements and value addition to organizational activities in order to protect and safeguard the Corporation financial and physical assets, prevent waste, abuse and misappropriations of resources, whilst ensuring compliance with ICIEC and the Group’s policies and procedures, all relevant regulations, laws, and standards.
Strategic & Operational Planning
• Involves with the formulation, development and implementation of the internal audit function’s guidelines and strategy in support of ICIEC and IDB Group’s goals and response to emerging key risk areas.
• Develops, implements and monitors the internal audit’s business plans, KPIs, budgets and objectives by providing regular reporting of the function’s activities and performance.
• Leads in the preparation, coordination and implementation of the yearly risk-based audit plan, in consultation with the IDB’s Group Internal Audit Department.
• Facilitates effective utilization of audit time budget to help complete the annual audit plan by the year-end.
• Contributes to identifying new opportunities and initiatives that enable the Internal Audit function to increase its impact.
• Continuously monitors and tracks the on-going performance and quality of it services and outputs, identifying and initiating actions for improvement and innovation.
• Researches and reviews reference materials and background information on risk management methodologies as a basis to assess whether or not the process used by ICIEC is appropriate and represents best practices for the industry.
• Technically leads audit assignments and perform risk assessment and prioritize risk areas to form the basis for annual audit plan.
• Communicates with the ICIEC’s management including, among other relevant departments/division and functions, the risk management function in order to identify, assess and prioritise risk areas for audit planning purpose.
• Executes and implements agreed audit recommendations by maintaining relations with audited departments in order to obtain access to their documentation, reports, systems and personnel.
• Identifies and evaluates significant risk exposures in the normal course of operations.
• Determines whether appropriate risk of failure in the management processes are in place, adequate and effective, and recommend improvementsand best practices.
• Provides assurance on whether ICIEC internal control and/or risk management process is sufficient to protect the assetsand recommend proper safeguards for their protection , and on-going operations of the Corporation and theGroup.
• Identifies the established objectives of a give business process, the risks to achieving these objectives, the controls to mitigate those risks, and the audit tests to ensure that such controls are in place and functioning adequately.
• Leads any special audit assignments or investigations mandated by the ICIEC’s Audit Committee or the CEO.
• Participates in formulating the overall judgement/opinion about ICIEC risk management process and system of controls to senior management and the Audit Committee.
• Conduct follow up audits to monitor management’s interventions.
• Follow up with Heads of departments (as applicable) to monitor and ensure that all corrective actions are implemented in accordance with the approved audit recommendations.
Audit Policies, Processes & Procedures
• Ensures an effective and efficient audit function by implementing and monitoring the implementation of new audit systems, processes, tools and methodologies that are aligned to IDB Group’s audit practices and global best practices.
• Monitors adherence to established or recommended audit procedures, methodologies, approach and systems and takes corrective action as necessary to ensure quality.
• Evaluates the adequacy and effectiveness of the controls to mitigate risks, encompassing ICIEC’s governance, operations, and information systems.
• Determines the business unit objectives, related risks, and management’s risk mitigation and control monitoring activities, in order to develop relevant audit procedures.
• Reviews general controls of IT Management to ensure that proper controls are in place. Ensure IT Management has adequate standards in place for system development, data centre operations & security, data base management & security, network administration and overall information security.
• Assesses Information security to ensure that information contained within workstations, servers, databases and IT system is accessible only by authorized personnel.
Nature of Experience:
• Experience in insurance market is necessary preferably in the Export Credit/ Banking Industry.
• Knowledge of global Internal Audit methodologies.
• Advanced knowledge of international Accounting and Auditing standards.
• Knowledge of Shariah Laws
Field of Study: Accounting, Finance and Economics
Academic Qualifications and Experience:
• Master’s Degree with 9 years of relevant experience
• Bachelor’s Degree with 12 years of relevant experience
Professional Certifications (preferable):
The Certified Internal Auditor (CIA), Certified Public Accountant (CPA), The Certified Management Accountant (CMA) or/and Certified Information Systems Auditor (CISA).
Salary will be determined based on relevant experience, professional certificates and academic qualifications.
• Technically leads preparation and analysis of audit reports, executive summaries etc. highlighting areas of risk and control and present recommendations on audit findings for review and action.
• Submits to the Chief Executive Officer and the Audit Committee the annual risk-based audit plan, audit activities report and report of follow up on implementation status of audit recommendations.
• Participates in committees when necessary as an observer
• Prepares ad-hoc reports as / when required.