QNB International Subsidiaries’ Oversight and Global Methodologies is responsible for high level oversight and reporting of the IT Audit functions in key International QNB subsidiary companies, in accordance with the principles defined in the QNB International Governance Model. This includes oversight of IT Audit standards and reporting across QNB Head Office and the subsidiaries with a view to ensuring consistency in coverage and reporting of risk.
QNB Subsidiary IT Audit Oversight responsibilities include:
Review and comment on subsidiaries’ annual IT risk assessment and IT Audit universe
Review and comment on subsidiary annual IT Audit plan alignment with risk assessment
Coordinate inputs to International subsidiary plans; for critical audits (as determined at start of year with Chief Internal Auditor; Global IT & IS Audit and GCAE)
Monitor Subsidiary progress against their IT Audit plans
Coordinate resources for audit reviews with PS Domestic & International IT & IS IT Audit such that SME resource is available for subsidiary IT audits, and vice versa when required
Coordinate periodically (e.g. every 2 years) and help execute a review of each subsidiary’s IT Audit Governance
Maintain familiarity with latest global trends in Methodologies and standards. Monitor use of IT Audit Methodologies across subsidiaries (COBIT, ITIL, SDLC etc.). Provide input to Subsidiary IT and IS Policies, making reference to QNB HO IT and IS Policies. Coordinate internal and external quality assessments for IT Audit across subsidiaries.
Keep abreast of regulatory requirements, for all relevant QNB jurisdictions, in respect of Information Technology, Information Security and IT Audit.
Maintain awareness of Global Audit Technology trends and make recommendations for use of technology; e.g. CAATS, AI, AMS (Audit Management Systems). Coordinate audit data standards across entities to promote common oversight and reporting. Provide direct support for maintenance of audit data on the QNB Doha Head Office Audit Management System.
QNB Head Office and International Branches IT Audits responsibilities include:
Responsible for executing specific IT Audit assignments (Infrastructure and Applications) as directed by the Chief Internal Auditor ; Global IT & IS Audit, in support of the Audit Plan for the Principal Specialist Domestic and International IT & IS Audit.
The incumbent will be conducting individual IT audit assignments/ reviews in accordance with the approved audit plan and making practical/ feasible recommendations for mitigating risks/ improving controls and processes. In doing the above, the incumbent will ensure adherence to internal auditing best practices, including but not limited to the Standards for the Professional Practice of Internal Auditing (SPPIA), CoBIT principles and the System Development Life Cycle (SDLC) methodology.
The incumbent will also assist in the post-implementation reviews of the various information systems used by the Group to support the business as well as pre-implementation reviews for select systems (based on the risk assessment exercise) to ensure adequate system controls are built into the systems during the development stage itself.
The above roles will also extend to the related secondary responsibilities that will be assigned to the IT Audit team in terms of specific activities/ functions to be audited, in addition to the primary responsibility with respect to the information system audits.