Post Job Free

Resume

Sign in

Auditor

Location:
Dubai, Emirate of Dubai, United Arab Emirates
Posted:
December 16, 2019

Contact this candidate

Resume:

JLT, Dubai, UAE

971-*********

ada25u@r.postjobfree.com

Resume

Rasha Rif’at Abdelrahman

Career Objectives:

Seek a challenging position within a dynamic environment and positive culture where I can grow and be an added value.

Summary:

A passionate GRC Consultant, IT & Internal Audit professional and project manager with a strong technical expertise and diversified experience in managing IT & Audit projects. having solid background in internal and IT audit, project management, agile methodologies, software development life cycle (SDLC), application administration, business continuity and DR, IT service management, team management, vendor management, information security management, governance, risk and compliance areas.

Participated in various projects resulted in successful delivery and improvements of business processes.

Strong professional with excellent leadership, conflict resolution, negotiation, presentation and communication skills with a proven ability to work effectively in a multicultural environment to create productive relationships with clients, vendors and staff.

Work Exprience:

June 2018 – November 2019 as a GRC Consultant.

Employer : Tahaluf Al Emarat Technical Solutions,AbuDhabi, UAE

Job Description :

Established the GRC framework in Tahaluf UAE, aligned the governance risk and compliance practice with strategic objective and operational model of Tahaluf.

Ensured compliance with policies and applicable legal and regulatory requirements.

Maintained Operational policies (Information Security,Procurement,HR,Finance) and procedure as per requirements.

Assessed, evaluated and developed the effectiveness of organization's governance, risk management and control processes for Tahaluf’s business units:

HCM: Hire to Retire (H2R) end-to-end business process.

Procurement: Procure to Pay (P2P) end-to-end business process.

Finance: Record to Report (R2R) end-to-end business process.

Conducted the process analysis and business understanding meetings with business owners (HR, Procurement, Finance, Information Security)

Performed the enterprise risk assessment for the internal audit planning purpose.

Performed fraud risk assessment and anti-fraud process evaluation.

Prepared audit work programs, risk and control matrices (RCMs), control self-assessments, process analysis and workflows documents for Tahaluf business units.

Created risk based internal audit and compliance plan covers Tahaluf business units.

Performed sampling techniques on extracted data and performed data analysis using IDEA9.

Conducted kick-off, ongoing and exit meetings with process owners and C-Suite to validate and accept reports.

Performed internal audit for IT & Business units, reported & finalized audit findings and created the final compliance\audit report with recommendations for business process improvement purpose.

Followed up with the business owners on action plans/risks remediations on a periodic basis.

Measured the governance risk and compliance key performance indicators (KPI`s) on a periodic basis.

Administered the RSA archer including user access management, data feeds, reports access, and developed dashboards and key performance measures.

Developed monthly compliance reports, reporting dashboards and key performance measures.

Investigated incidents and events that include potential business violations, data breaches, data leakage, brand reputational risks, malware propagation, system compromises.

January 2018 – May 2018 as a GRC Project Manager.

Employer : Tahaluf Al Emarat Technical Solutions, Dubai,UAE

Job Description :

Initiated GRC project kick off meeting, managed the GRC project from initiation to closing.

Defined project scope, goals and deliverables that support business goals in collaboration with senior management and stakeholders.

Approved detailed requirements of project scope to avoid unnecessary changes that may result in scope creep and affect deadline and budget.

Approved GRC project plan and milestones.

Held weekly meetings with project team to follow up with project progress.

Managed resources effectively and efficiently to ensure the budget and project plan objectives are met.

Prepared GRC project progress report to senior management on weekly basis.

Managed changes and created change log.

Managed risks and created register and risk response plans.

Communicated project risks and issues to relevant stakeholders and escalated where appropriate in line with escalation process when required.

Reviewed and approved project deliverables at the end of each stage.

Communicated with vendors, business owners and senior management with positive manners.

November 2006 – December 2017 as an IS & Internal Auditor, IT Project Manager.

Employer : Audit Bureau of Jordan, Jordan

Job Description :

Prepared risk-based audit plans and reports for audit projects of public Institutes.

Prepared Information Security audit plans based on international standards (ISO27001, NIST, PCI-DSS, GDPR, COBIT5).

Managed audit teams in their audit missions\engagements.

Performed the assurance program for the internal controls and risks of Audit Bureau’s technology network, identified the weaknesses in the systems network and created actions plan to prevent security breaches in the technology.

Planned and executed the internal audit procedures and prepared internal audit reports.

Supported the ongoing alignment of Information Security Strategy to business objectives.

Managed several projects in Audit Bureau regarding IT & Audit from initiating to closing.

Maintained the confidentiality, availability and integrity of information and information systems

Monitored, assessed, and analyzed the Audit Bureau ‘s IT& business risks and controls; indeed, reviewed and confirmed information and compliance with policies, procedures, and laws.

Conducted preliminary survey of the Internal and IT audit engagements; understood and documented the existing systems and processes.

Prepared audit program of the Internal and IT audit engagements.

Performed internal audit testing procedures, risk assessments, applied sampling techniques and developed informed conclusions from the testing results.

Identified gaps and weaknesses in the design and implementation of the Audit Bureau’ processes and Audit Bureau network.

Ensured that the approved audit objectives are met, and adequate coverage is achieved.

Ensured the sufficient and appropriate audit evidence is gathered and that supporting documents / audit documentation is complete in all respects.

conducted exit conference with the management before finalization.

Audited governmental tenders related to software industry and IT services in public ministries and supervised the final delivery of governmental IT Projects.

Supervised governmental procurement committees responsible for procurement activities such as tendering, proposals evaluation and source selection criteria to ensure fair competition and selection.

Worked within audit teams to create a solid information technology infrastructure and collaborating with governmental ministries to devise and put in place policies and procedures regarding network security issues.

Supported audit teams and helping them to become familiar with latest computer- assisted audit techniques (CAATS) and Data Analytics software such as IDEA9, ACL, SQL, Tableau, teammate...etc.

Participated in information technology and audit seminars and security events.

Reviewed service level agreements before signing them to recommend renewal and ensure compliance.

Prepared business cases, project charters, SOWs, and WBS and any documentation required for many projects.

Created detailed project plans regarding scope, schedule, resources, risks, vendors and communication.

followed up with projects teams to achieve required milestones within specified deadlines.

Communicated with projects stakeholders (end users, management, team, vendors) and provided them with help and guidance and worked on resolving any conflicts arose.

Managed risks from identifying to resolution (Risk Response Plan), created risk log and tracked arisen issues and risks and escalated when required.

Education:

University of Jordan, Bachelor of Computer Science, Grade: Good.

Certificates:

ITILv3, April 2013, AXELOS.

PMP, June 2014, PMI.

CISA, February 2017, ISACA.

ISO27001, October 2019, PECB.

Languages:

Arabic & English, Written & Oral.

Skills:

Professional in MS Office, MS Excel, Visio and MS Project.

Strong Analytical skills and able to thrive in a dynamic team environment.

Strong commitment and adherence to business ethics.

Solid leadership, communication, presentation& documentation, conflict management skills.

Demonstrated Knowledge with ERP& CRM applications.

Experienced with International Standard Reporting IFRS.

Skilled with data analytical, CAATs & Audit Software such as IDEA, ACL, SQL, Tableau, Power BI.

Training Courses:

International Organization for Standardization 27001 Lead Auditor. Strategic Axes, UAE.

Auditing in IT Environment, International Centre Information System and Audit, ICISA Noida, India.

IT Audit Course, National Audit Academy, Malaysia.

Teammate Audit Management Software, Audit Bureau of Jordan.

COBIT5, Audit Bureau of Jordan.

Auditing by IDEA9, Audit Analytics Software, Audit Bureau of Jordan.

Microsoft Office Project Management, Optimize Academy, Jordan.

Others:

References available upon request

Personal Details:

Marital status :

Nationality :

Single

Jordanian

Residency :

Abu Dhabi,UAE



Contact this candidate