- Abu Dhabi
Alaa Obeid is an Assistant Manager with ARDENT Risk Advisory Practice, with 13 years of experience specializing in providing Risk Management, Internal Audit, Financial Audit, Corporate Governance, Quality Assurance & Improvement Programs (QAIP), Quality Assurance Review (QAR), Compliance Audits, Financial Analysis, Policies & Procedures, and Process Reengineering Services to governmental and private clients within UAE and GCC countries.
Prior to joining ARDENT, Alaa has worked with Protiviti Middle East for 10+ years and Al Sharid Auditing and Management Consultancy for more than 2 years.
Service Line/ Product Expertise/ Industry
- Risk Advisory
- Managed and perform internal audit assignments by using the risk base audit approach for several governmental and private clients specialized in different industries, such as and not limited to production and manufacturing, retails, charity, governmental, construction, hospitality, healthcare, tourism, transportation, and financial services etc.
Where Alaa has performed and conducted several audit assignments related to corporate governance, manufacturing and production, retails, sales & marketing, finance (including budgeting & forecasting, payables, receivables, payroll, costing management, collection, cashflows and projections etc.), strategic planning and performance management, project management, facility management, property management, procurement & contract management, supply chain and inventory management, logistics and operations, fleet management and maintenance, human resources (including recruitment, payroll, employees relation, training and development etc.), health care services (such as outpatient, inpatient and ER units, radiology and laboratory units), environment health and safety etc.. All the services were done in accordance with the methodologies and standards adopted by the related organization.
- Perform a QAIP project for government client, where the responsibility was to review the internal audit department activities to evaluate its performance and its conformity with IIA standards and define the internal audit department maturity. The scope of work was to:
- Review the Audit Committee Charter, Internal Audit Charter, Internal Audit Framework and Manual to ensure its compliance with IIA standards.
- Prepare QAIP surveys and issue it to the relevant the stakeholders (such as Audit Committee Members, Internal audit staff and Senior Management) to receive their inputs and insights regarding the Internal Audit Department in implementing its activities.
- Perform QAIP interviews with the relevant the stakeholders (such as Audit Committee Members, Internal audit staff and Senior Management) to receive their inputs and insights regarding the Internal Audit Department in implementing its activities.
- Review the Internal Audit Files to ensure its accuracy, adequacy, and completeness, in addition to its compliance with IIA standards.
- Review the Internal Audit Staff experience, qualifications, and skills.
- Prepare the QAIP report by Identifying nonconformity with the IIA standards, improvement opportunities (etc.).
- Identify level of maturity for the Internal Audit Department.
- Support the Internal Audit Department to prepare itself for QAP reviews.
- Managed and perform departmental risk assignments to review, update and modify the organization risks, and developing the risk base internal audit plan for several governmental and private companies specialized in production and manufacturing, retails, healthcare, education, animal welfare, charity, financial services and quality and conformity services (etc.). The scope was to:
- Identify the departmental risk and controls and prepare / update the risk registers accordingly.
- Perform control testing to evaluate the controls effectiveness based on its design and implementation.
- Identify the overall risk rating and control rating.
- Identify the process gaps and prepare the diagnostic report.
- Develop the risk base internal audit plan.
- Managed and perform Enterprise Risk Management assignments by using the “TOP Bottom” approach and “Bottom Top” approach to review organizations processes several governmental clients specialized in financial services, healthcare, technology etc. The scope work was to:
- Identify organization’s major / high risk and its mitigation plan.
- Identify a process for monitoring the high-level risks and implementation of its mitigation plan.
- Prepare the diagnostic reports.
- Prepare the Internal Audit Plan for each high-level risk.
- Consulting Management
- Led and performed projects to develop, review, update policies, procedures, SOP’s, and processes for several governmental and private clients specialized in manufacturing & retails, insurance, utilities, petroleum, and financial services (etc.) in UAE and Kingdom of Saudi Arabia (KSA).
- Identifying, documenting, reviewing, and modifying the existing policies, procedures, and processes.
- Review and modify departmental roles, responsibilities, and delegation of authorities.
- Develop new policies, procedures, and process
- Establish new departments and committees and identifying their policies, procedures, and processes, in addition to their departmental roles and responsibilities.
- Preparing and developing gap analysis / diagnostic report.
- Develop organization high-level / governance policies.
- Prepare / Update policies, procedures, SOPs’ manuals, frameworks, templates, etc.
Where the scope was to perform:
- Information Technology Audits
- Managed and perform IT audit assignments by using the risk base audit approach for Information Technology Department related to several governmental and private clients specialized in charity, healthcare, production, and manufacturing, etc. Where the scope was to review
- The effectiveness and efficiency of Department policies, procedures, roles & responsibilities,
- The effectiveness and efficiency of IT systems and its integration with other IT systems.
- Reporting mechanism.
- Review of system and applications configurations
- Review the efficiency and effectiveness of systems monitoring procedures.
- Review system access rights.
- Review system management reports.
- Review Database management process.
- Review Disaster recovery and backup procedures.
- Performed audit assignments to review the accuracy and adequacy of user access management for several government and nonprofit / charitable organizations. Where the scope was to review:
- Policies, procedures, guidelines,
- Employee’s job roles and responsibilities, Job descriptions.
- Reporting mechanism.
- Access Rights Configuration Procedures
- Activation / Deactivation / Modification of access rights
- Access rights monitoring and reviewing procedures.
- Access Management System
- Conducted reviews for the ERP systems used by several processes such as, human resource, finance, manufacturing and production, membership and documentation services, procurement, inventory management, etc. Where the scope was to review:
- Review the effectiveness and efficiency of IT systems.
- Review the IT systems compliance with actual procedures and processes.
- Review the integration between different systems / different system modules.
- Review the efficiency and effectiveness of the reporting mechanism.
- Financial Reviews
- Financial Analysis Review:
Performed financial analysis review projects for private client specialized in manufacturing industry.
- Revenue Audit:
Handled revenue audit projects for several clients such as Ministry of Finance and Abu Dhabi Tourism and Culture Authority, Abu Dhabi Media Company.