The jobholder is responsible to conduct the audit work and assignments in the area of specialized audit, in line with the company’s policies, local and international regulation to mitigate any potential risk, ensure compliance and support the targeted continuous improvement.
This role includes; conducting the periodic Risk Assessments and development of the Risk-Based audit plans focusing on Business and Information Technology risks, implementing the approved audit plan for Borouge in order to ensure that internal control system for integrity and reliability of information technology is implemented and working efficiently and effectively, recommending corrective / preventive actions as required, working with high ethical standards. In addition to that, investigate alleged or suspected frauds, violations of laws, regulations, corporate policies or code of conduct, identifying and collecting digital / electronic evidences in a manner appropriate for forensic review, providing with analyses and reviews of fraud risk evaluations and in recommending the appropriate fraud risk response. And identifying and evaluating of potential fraud schemes & scenarios and provide the outcome to the line manager for review.
- Assist in the development of Annual Audit Plan (AAP) based on the results of risk assessment exercise focusing on IT risks.
- Participate in reviewing and updating the IT audit universe to ensure it covers all IT risks.
- Provide input for the periodic reporting on IT audit activities and performance relative to its plans, significant risk exposures, control/governance issues and other related matters.
- Examine and analyze records through executing audit program steps for the assigned audits.
- Develop a detailed audit program / Risk & Control Matrix (RCM) for the assigned audit including the objectives, potential risk, key controls, audit procedures and the use of audit techniques and tools to evaluate governance, risks and controls processes, and submit audit program to the management for review and approval.
- Determine auditing procedures to be applied, including the use of Information Systems Audit Techniques, data analytics, statistical sampling method or others.
- Ensure that adequate working papers and all relevant information are continuously documented and updated in the automated Audit Management System in accordance with pre-defined templates and audit procedures.
- Identify, obtain, analyze and appraise related systems and evidentiary data/information.
- Ensure that approved audit objectives have been met with adequate coverage of all relevant areas and sufficient audit evidence is obtained to support the conclusion and recommendations, in accordance with professional audit standards.
- Participate in conducting special reviews and undertakes administrative duties as directed by Manager Specialized Audit.
- Supervise audits in accordance with the approved RCM and professional standards on internal auditing.
- Identify high risk areas and key control points of the system to be reviewed.
- Perform investigations involving allegations of irregularities, fraud, corruption and other violations of the Company’s Code of Conduct as assigned by Manager Specialized Audit or the Audit and Assurance Function Management.
- Carry out investigations in a fair, objective, thorough manner and in compliance with relevant policies and regulations.
- Provide concise and timely updates on the progress of investigations and deficiencies identified.
- Follow-up with the Ethics and Compliance Committee secretary on the implementation of actions arising from investigation reports
- Maintain a log register of all complaints and reports received, investigated, outcome and decisions implemented
- Assist in coordination on forensic and other investigation requirements with appropriate stakeholders for proper resolution (e.g., Compliance Officer, Risk Management, Internal Audit, Legal, Human Capital, etc.)
- Maintain timelines of investigations being conducted, and provide time spent on various investigations and other activities through timesheets.
- Identify and collect digital / electronic evidences in a manner appropriate for forensic review and as directed by Line Manager.
- Apply cost effective and efficient Forensic Technology Solutions for electronic discovery of evidences
- Apply forensic accounting techniques in investigations related to illegal and fraudulent transactions in accounts and financial statements.
- Apply appropriate tools and techniques for identifying outliers / fraudulent patterns in structured and unstructured data.
Fraud Scenario / Framework
- Assist in developing new or reviewing an existing anti-fraud framework and in providing recommendations for improvement.
- Conduct a review on adequacy of fraud risks registers and effectiveness of controls approved by management to address fraud risks and assist
- Manager Specialized Audit in providing recommendations for improvement.
- Correlate information across multiple internal and external information / databases to identify fraud scenarios for review.
- Identify errors and derive meaningful patterns / fraud scenarios for review.
Documentation and Reporting (Audit Management System)
- Prepare audit report with conclusion, expressing professional opinion on the adequacy and effectiveness of risk management, control systems and the efficiency with which activities are carried out. Recommend improvement options to rectify reported deficiencies, for line Manager’s review.
- Recommend practical enhancements in IT governance, risks and control processes to assist in the achievement of the company business objectives.
- Follow-up on replies to issued draft and final audit reports and review the adequacy of the corrective actions taken on audit recommendations / improvement options.
- Assist in the periodic reporting to the Audit Committee and Senior Management on internal audit and forensic / fraud investigation activities, performance, significant risk exposures, controls/governance issues and other related matters.
- Prepare clear, comprehensive and cohesive investigation reports and memoranda in a timely manner and present the findings and recommendations of the investigation for review and approval.
- Prepare presentations on outcome of forensic audits / investigations for presentation at the appropriate level of Management and to facilitate decision making on disciplinary actions
- Prepare working papers with supporting evidence to adequately document internal audits, IT audits, forensic audits / investigations performed
- Maintain all documentations and evidences on cases and incidents investigated in a secure place and access restricted only to authorized parties.
- Provide inputs for reporting the investigations to Abu Dhabi Accountability Authority.
- Conduct workshops or presentations to create awareness about Audit & Assurance Function (A&AF) and demonstrate value addition across the group companies.
- Coordinate with internal audit and prepare a log of fraud related alerts raised during Internal Audit / IT Audit assignments to identify and initiate detailed investigations.
- Develop additional audit steps to be performed to confirm existence of a fraud alert and submit for review and approval to Manager Specialized Audit.
- On assignment, suggest steps to review fraud scenarios / risks and the associated controls during routine internal audit engagements.
- Communicate identified issues with Internal Audit management to ensure potential high risk area of concerns are addressed in a timely and effective manner.
- Support Manager Specialized Audit in providing consulting services to the Departments / Divisions of the organization on developing an effective fraud detection programs.
- Assist in the preparation of Audit and Assurance Function monthly / quarterly / annual progress reports covering various areas including implementation status of Forensic Audit / Investigations Plan, budget, performance, investigation recommendation’s implementation status, department KPI status, areas of concerns requiring Audit and Assurance Vice President’s attention etc.