Senior Auditor, IT (Digital Systems & Solutions)



Job Purpose

Perform assigned audit engagements in the domain of Digital Systems & Solutions (DS&S), from start to finish, inclusive of preplanning, wrap up activities ensuring application of risk and control concepts to scenarios encountered, and identify any potential issues within company and Group Companies.

Contribute in the capacity of SME, in the periodic Risk Assessments and development of the Risk-Based Work Plans focusing on Digital Systems & Solutions risks within company and Group Companies.

Job Specific Accountabilities (Part 1)

Professional Ethics
•    Assist in initiating/promoting the establishment and continuous improvement of the Corporate Governance Framework including Enterprise Risk Management, Corporate Code of Conduct, Ethics and Values.
Internal Audit Plan

  • Develop the audit universe to ensure it covers Digital Systems & Solutions (DS&S) risks in line with the other D&T risk areas (such as Digital governance, process, infrastructure, information systems/security, interfaces/connectors and emerging technologies) that could affect the company Business operations.

Audit Execution

  • Perform audits, advisory engagements, and other influencing activities in highly technical areas of current/emerging technologies within company and Group Companies.
  • Develop a detailed audit program / Risk & Control Matrix (RCM) for the assigned audit, including the objectives, potential risk, key controls, audit procedures, and the use of audit techniques and tools to evaluate governance, risks, and controls processes, and submit audit program to the management for review and approval.
  • Determine auditing procedures to be applied, including the use of Information Systems Audit Techniques, data analytics, statistical sampling method or others.

Audit Reports
•    Prepare audit report with conclusion, expressing professional opinions on the adequacy and effectiveness of risk management, control systems and the efficiency with which activities are carried out. Recommend improvement options to rectify reported deficiencies, for Section Head / Department Manager’s review.

  •  Recommend practical enhancements in IT governance, risks and control processes to assist in the achievement of the company business objectives.
  •  Follow-up on replies to issued draft and final audit reports and review the adequacy of the corrective actions taken on audit recommendations / improvement options

Job Specific Accountabilities (Part 2)

•    Assist in the periodic reporting to the Audit Committee and Senior Management on internal audit activities, performance, significant risk exposures, controls/governance issues and other related matters.

  • Assist the Secretary of the Audit Committee in arranging Audit Committee meetings, preparing the agenda and minutes of meetings (MOMs), and reporting on Corporate Governance Framework, General Controls, and other related issues as prescribed in the Audit Committee Charter within company and Group Companies.
  • Assist in the periodic reporting to the Audit Committee and Senior Management on Technology audit activities, performance, significant risk exposures, controls/governance issues, and other related matters within company and Group Companies within company and Group Companies.
  • Conduct workshops or presentations to create awareness about IA function and demonstrate value addition across the company.
  • Communicate identified issues with Internal Audit management to ensure potential high-risk areas of concern are addressed in a timely and effective manner.
  • Provide professional advice on Group Companies’ Audit Committee Charter,
    IA Charter and Technology Audit Methodology/Procedures. Provide assistance in the establishment of the Group Audit Committees/IA functions and related governance when assigned.
  • Participate in initiating and coordinating the Group-wide specialized professional training programs.

Job Specific Accountabilities (Part 3)

Generic Accountabilities


  • Plan, supervise and coordinate all activities in the assigned area to meet functional objectives.
  • Mentor and developed the assigned staff on relevant skills to enable them to become proficient on the job and deliver the respective section objectives.
  • Plan and supervise AGCs auditors on relevant skills and enable them to fulfil the audit execution of respective technology.  
  • Evaluate the performance and capabilities of the auditors in AHQ and Group.
  • Oversee and manage the Guest Auditor program to ensure successful delivery of the audit scope and objectives.


  • Provide input for the preparation of the Function / Department / Section budgets, assist in the implementation of the approved Budget, and work plans to deliver Department objectives.
  • Investigate and highlight any significant variances to support effective performance and cost control.



Generic Accountabilities (continue)

Policies, Systems, Processes & Procedures

  • Implement approved Function/ Department/ Section policies, processes, systems, standards and procedures in order to support the execution of the work programs in line with Company and International standards.

Performance Management

  • Contribute to the achievement of the approved Performance Objectives in line with the Company Performance framework.

Innovation and Continuous Improvement

  • Implement new tools and techniques to improve the quality and efficiency of operational processes.


  • Provide inputs to prepare MIS and progress reports for Company Management.

Internal Communications & Working Relationships

  • Regular contacts with operational level management within all BLDs within company and Group Companies.
  • Frequent contacts within company and Group Companies at all levels of Management up to SVPs/Directors with respect to audit programs, the conduct of the audits, audit reports, findings, and recommendations.
  • Regular contacts with Management within the assigned company Group Companies up to Manager level with regards to the Group Company audits.
  • Regular contacts with company Group Companies with respect to knowledge sharing of standards, frameworks, methodologies, policies, and processes across company and Group Companies.
  • Participate in technology risk awareness presentations to senior management, including Group Companies’ management and Audit Committees

External Communications & Working Relationships

  • Occasional Contacts with Internal Audit Service Provider(s) to coordinate audit activities, when required.
  • Occasional Contacts, as required, with Abu Dhabi Accountability Authority (ADAA) regarding government audits when required.
  • Occasional Contacts with company External Auditors and other assurance providers to ensure adequate audit coverage and minimize duplicate efforts when assigned.

Minimum Qualification

Bachelor’s degree in computer science or related Technology discipline, or equivalent discipline.

Minimum Experience, Knowledge & Skills

  • 8-10 years of relevant experience in D&T or IT auditing / application domain (SAP/ GRC), with varied experience in oil and gas operations and their inherent challenges/risks in the context of corporate function.
  • Advance technical knowledge of enterprise/business applications landscape (SAP & GRC solution), operating system, process flows, database (Oracle / MS SQL) and underlined infrastructure.
  • Sound knowledge with relevant experience in technology-related risks in emerging areas such as Cloud, Software as a Service (SaaS), Access Management, digitalization and automation (RPA, IoT, Power BI) etc.. 
  • In-depth knowledge of DS&S processes, including, but not limited to, system/software development, infrastructure review, access-right management, and change management.
  • In-depth knowledge of International Professional Practices Framework for IT Assurance/IT Assurance Framework (ITAF) and other related frameworks/standards (e.g. COBIT, ITIL, OWASP, ISO27001, ISO20000) and their interpretation/application to IS/IT auditing practice.
  • Expertise in collecting and analysing complex data using data analytics tools, evaluating information and systems, and drawing logical conclusions.

Professional Certifications

  • IT audit certification, CISA, is mandatory or willing to obtain within one year of joining.
  • Other related certifications (CISM, COBIT, CDPSE, etc.) are preferred.
  • Technical certifications (SAP, GRC, RPA, MCSA etc.) are desirable

Work Condition, Physical effort & Work Environment

Physical Effort
Work Environment
Normally air-conditioned office environment, however exposed to prevailing weather conditions while in the operating sites / field visits.

Additional Details

Job Family / Sub Family: Governance/Audit

Close the popup

Apply Now

To apply for this job please visit