Senior Auditor, IT (Industrial Digital)

Job description / Role

Job Purpose

Perform assigned audit engagements in the domain of Industrial Digital, from start to finish, inclusive of preplanning, wrap up activities ensuring application of risk and control concepts to scenarios encountered, and identify any potential issues within ADNOC and Group Companies.
Contribute in the capacity of SME, in the periodic Risk Assessments and development of the Risk-Based Work Plans focusing on Industrial Digital (ID) risks within ADNOC and Group Companies.

Job Specific Accountabilities (Part 1)

Internal Audit Plan
-Develop the audit universe to ensure it covers Industrial Digital (ID) risks in line with other D&T risk areas (such as TEchnology governance, process, IT/OT infrastructure, interfaces, resilience and cyber security) that could affect the ADNOC Business operations.
-Review and update the D&T audit universe specially for Industrial Digital.
-Develop and implement Industrial Digital Assurance Plan ensuring its alignment with organizational strategic digital initiatives and new technology rollouts and support other strategic initiatives (such as Infrastructure, OT, and Process enhancements) that impact the group-wide audit plans and oversee the execution to ensure it fulfills the objectives.
-Coordinate with AGCs and verify for adequacy of coverage of the ID universe and risks and ensure that AGCs audit plans incorporate the objectives of Group Assurance plans.
-Provide relevant business and technology insights into the current, emerging & potential technology issues, trends & opportunities affecting AGCs and BLDs. Provide input for the periodic reporting on Digital and Technology audit activities and performance relative to its plans, significant risk exposures, control/governance issues, and other related matters.
Audit Execution
-Perform audits, advisory engagements, and other influencing activities in highly technical areas of current/emerging technologies within ADNOC and Group Companies.
-Develop a detailed audit program / Risk & Control Matrix (RCM) for the assigned audit, including the objectives, potential risk, key controls, audit procedures, and the use of audit techniques and tools to evaluate governance, risks, and controls processes, and submit audit program to the management for review and approval.
-Determine auditing procedures to be applied, including the use of Information Systems Audit Techniques, data analytics, statistical sampling method or others.
-Ensure that adequate working papers and all relevant information are continuously documented and updated in the automated Audit Management System in accordance with pre-defined templates and audit procedures.
-Identify, obtain, analyze and appraise related systems and evidentiary data/information.

Job Specific Accountabilities (Part 3)

Audit Reports
-Prepare an audit report with a conclusion, expressing professional opinions on the adequacy and effectiveness of risk management, control systems, and the efficiency with which activities are carried out. Recommend improvement options to rectify reported deficiencies for Department Manager's review.
-Recommend practical enhancements in Digital and Technology governance, risks, and control processes to assist in the achievement of the company's business objectives.
-Follow-up on replies to issued draft and final audit reports and review the adequacy of the corrective actions taken on audit recommendations/improvement options.
-Assist in the periodic reporting to the Audit Committee and Senior Management within ADNOC and Group Companies on internal audit activities, performance, significant risk exposures, controls/governance issues, and other related matters.
-Perform quality assurance activities on digital & technology components during the entire audit cycle by ADNOC GC auditors and service providers.

Job Specific Accountabilities (Part 2)

Coordination
-Assist the Secretary of the Audit Committee in arranging Audit Committee meetings, preparing the agenda and minutes of meetings (MOMs), and reporting on Corporate Governance Framework, General Controls, and other related issues as prescribed in the Audit Committee Charter within ADNOC and Group Companies.
-Conduct workshops or presentations to create awareness about IA function and demonstrate value addition across the ADNOC.
-Communicate identified issues with Internal Audit management to ensure potential high-risk areas of concern are addressed in a timely and effective manner.
-Provide professional advice on Group Companies' Audit Committee Charter, IA Charter and Technology Audit Methodology/Procedures. Provide assistance in the establishment of the Group Audit Committees/IA functions and related governance when assigned.
-Participate in initiating and coordinating the Group-wide specialized professional training programs.
-Conduct research and benchmarking to resolve audit issues, identify gaps and support IA function.
-Conduct workshops and presentations on dynamic and complex technology risks to the ADNOC Group Audit Council.
-Conduct advisory activities to improve the status of internal controls in the operational process of AHQ and AGC. Drive implementation of top-down initiatives that originate at the AHQ level, but implementation may span across the group.
-Challenge the status quo to bring continuous improvement over audit delivery.

Generic Accountabilities

Supervision
-Plan, supervise and coordinate all activities in the assigned area to meet functional objectives.
-Mentor and developed the assigned staff on relevant skills to enable them to become proficient on the job and deliver the respective section objectives.
-Plan and supervise AGCs auditors on relevant skills and enable them to fulfil the audit execution of respective technology.
-Evaluate the performance and capabilities of the auditors in AHQ and Group.
-Oversee and manage the Guest Auditor program to ensure successful delivery of the audit scope and objectives.
Budgets
-Provide input for the preparation of the Function / Department / Section budgets, assist in the implementation of the approved Budget, and work plans to deliver Department objectives.
-Investigate and highlight any significant variances to support effective performance and cost control.

Policies, Systems, Processes & Procedures
-Implement approved Function/ Department/ Section policies, processes, systems, standards and procedures in order to support the execution of the work programs in line with Company and International standards.

Performance Management
-Contribute to the achievement of the approved Performance Objectives in line with the Company Performance framework.
Innovation and Continuous Improvement
-Implement new tools and techniques to improve the quality and efficiency of operational processes.
-Identify improvements in internal processes against best practices in pursuit of greater efficiency in line with best industry standards in order to define intelligent solutions for issues confronting the function.

Health, Safety, Environment (HSE) and Sustainability
-Comply with relevant HSE policies, procedures, controls, applicable legislation, and sustainability guidelines in line with international standards, best practices, and the ADNOC Code of Practices.
Reports
-Provide inputs to prepare MIS and progress reports for Company Management.

Generic Accountabilities (continue)

Internal Communications & Working Relationships

Internal
- Regular contacts with operational level management within all BLDs within ADNOC and Group Companies.
- Frequent contacts within ADNOC and Group Companies at all levels of Management up to SVPs/Directors with respect to audit programs, the conduct of the audits, audit reports, findings, and recommendations.
- Regular contacts with Management within the assigned ADNOC Group Companies up to Manager level with regards to the Group Company audits.
- Regular contacts with ADNOC Group Companies with respect to knowledge sharing of standards, frameworks, methodologies, policies, and processes across ADNOC and Group Companies.
- Participate in technology risk awareness presentations to senior management, including Group Companies' management and Audit Committees

External Communications & Working Relationships
- Occasional Contacts with Internal Audit Service Provider(s) to coordinate audit activities, when required.
- Occasional Contacts, as required, with Abu Dhabi Accountability Authority (ADAA) regarding government audits when required.
- Occasional Contacts with ADNOC External Auditors and other assurance providers to ensure adequate audit coverage and minimize duplicate efforts when assigned.

Requirements

Minimum Qualification

Bachelor's Degree in Computer Science or related Technology discipline or equivalent discipline.

Minimum Experience, Knowledge & Skills
- 8-10 years of relevant experience in D& T or IT auditing, with varied technology rollouts/automation experience to enhance oil and gas operations and their inherent challenges/risks in the context of corporate function.
- Expertise in developing or reviewing audit/security programs for emerging and new technology risks and challenges.
- Sound knowledge coupled with extensive experience in technology-related risks in emerging areas such as Cloud, Internet of Things (IoT), AI, Blockchain, automation etc.

Professional Certifications
- IT audit certification, CISA, is mandatory or willing to obtain within one year of joining.
- Other related certifications (CISM, COBIT, SANS, etc.) are preferred.
- Technical certifications (MCSA, CET, CCAK etc.) are desirable.

About the Company

We are one of the world's leading energy producers, and a primary catalyst for Abu Dhabi’s growth and diversification.

We operate across the entire hydrocarbon value chain, through a network of fully-integrated businesses, with interests that range from exploration, production, storage, refining and distribution, to the development of a wide-range of petrochemical products.

Since 1971, we have created thousands of jobs, driven the growth of a diverse knowledge-based economy, and played a key role in Abu Dhabi’s global emergence.

Today, we continue to look for new and innovative ways to maximize the value of our resources, pioneering those approaches and technologies that will ensure we are able to meet the demands of an ever-changing energy market, and continue to have a positive impact on the Abu Dhabi economy for generations to come.