Industry: Construction/Cement/Metals

Functional Area:
Accounts, Finance & Financial
Services
Total Position: 1
Job Type:
Full Time/Permanent (First Shift
(Day))
Department: Al-Rashed Head Office
Job Location: Khobar, Saudi Arabia
Nationality: Saudi
Gender: Male
Age: 22 - 35 Year
Maximum Education: Bachelor's Degree
Degree Title: M I S
Career Level: Entry Level
Minimum Experience: Less than 1 Year
Salary Range: SAR. 5,000 - 6,000/Month
Apply By: Aug 25, 2014
Job Posting Date: May 26, 2014



Job Description:

Undesrtand the Functionality/Business activities performed using the ERP and other
software.
Examine the data warehouse structure to determine the best tables and columns that
contain the important information.
Gathering, analyzing and assuring quality of the data to meet audit requirements. This
includes perform complex data analytic procedures on a diverse scope of problems.
Document the analytic results in a way that can be understood and used for audit purposes.
Assist in redesign existing audit process to maximize efficiency and improve the
effectiveness of audit procedures.
Performing an ERP Assessment to determine how the ERP is utilized and identify
opportunities for generating additional value (missed opportunities).
Perform information security risk assessment and recommend system based controls.
Create cyclical reporting packages and create methodology for regular / continuous auditing
of data.
Perform other tasks as assigned by audit management.

Standards
Audit Reports
Certifications
CA
Practice Areas
Data Analysis Procedures

Once you have selected the topic of the research and have gone through the process of
literature survey, established your own focus of research, selected the research paradigm and
methodology, prepared your own research plan and have collected the data; the next step is
analysis of the data collected, before finally writing the research report.
Data analysis is an ongoing activity, which not only answers your question but also gives you the
directions for future data collection. Data analysis procedures (DAP) help you to arrive at the
data analysis. The uses of such procedures put your research project in perspective and assist
you in testing the hypotheses with which you have started your research. Hence with the use of
DAP, you can
convert data into information and knowledge, and
explore the relationship between variables.
Understanding of the data analysis procedures will help you to
appreciate the meaning of the scientific method, hypotheses testing and statistical
significance in relation to research questions
realise the importance of good research design when investigating research questions
have knowledge of a range of inferential statistics and their applicability and
limitations in the context of your research
be able to devise, implement and report accurately a small quantitative research
project
be capable of identifying the data analysis procedures relevant to your research
project
show an understanding of the strengths and limitations of the selected quantitative
and/or qualitative research project
demonstrate the ability to use word processing, project planning and statistical
computer packages in the context of a quantitative research project and report
be adept of working effectively alone or with others to solve a research question/
problem quantitatively.
The literature survey which you carried out guides you through the various data analysis
methods that have been used in similar studies. Depending upon your research paradigm and
methodology and the type of data collection, this also assists you in data analysis. Hence once
you are aware of the fact that which particular procedure is relevant to your research project,
you get the answers to:
What kinds of data analysis tools are identified for similar research investigations? and
What data analysis procedures should you use for your purpose?
There are numerous ways under which data analysis procedures are broadly defined. The
following diagram makes it evident.


There are, in fact, a number of software packages available that facilitate data analysis. These
include statistical packages like SPSS, SAS, and Microsoft Excel etc. Similarly tools like
spreadsheets and word processing software are multipurpose and very useful for data analysis.
The following links are useful for getting to know more about data analysis procedures and
packages.
Multivariate Statistics: concepts, models, and applications by David W. Stockburger WWW
Version 1.0 First Published July 1997 Revised March, 1998
PSY2005 Statistics and Research Methods: Quantitative data analysis component
Apart from data analysis procedures, there is another factor which is secondary analysis of
qualitative data. For details of this method you can log on
to http://www.soc.surrey.ac.uk/sru/SRU22.html by Janet Heaton
People generally believe in the universal notion that "one can prove anything with statistics."
This is only true if we use data analysis procedures improperly. There are some points that
people often overlook while doing data analysis, and also the way(s) people sometimes "bend
the rules" of statistics to support their viewpoint. The following website discusses them very
clearly. Taking examples from medicine, education, and industry, it discusses the different
ways in which you can make sure that your own statistical procedures are clear and accurate.
Pitfalls of Data Analysis (or How to Avoid Lies and Damned Lies) by Clay Helberg, M.S.,
Research Design and Statistics Unit








Performing a Security Risk Assessment

Classically, IT security risk has been seen as the responsibility of the IT or network staff, as those individuals
have the best understanding of the components of the control infrastructure. Moreover, security risk
assessments have typically been performed within the IT department with little or no input from others.
This approach has limitations. As systems have become more complex, integrated and connected to third
parties, the security and controls budget quickly reaches its limitations. Therefore, to ensure best use of the
available resources, IT should understand the relative significance of different sets of systems, applications,
data, storage and communication mechanisms. To meet such requirements, organizations should perform
security risk assessments that employ the enterprise risk assessment approach and include all stakeholders
to ensure that all aspects of the IT organization are addressed, including hardware and software, employee
awareness training, and business processes.
IT enterprise security risk assessments are performed to allow organizations to assess, identify and modify
their overall security posture and to enable security, operations, organizational management and other
personnel to collaborate and view the entire organization from an attackers perspective. This process is
required to obtain organizational managements commitment to allocate resources and implement the
appropriate security solutions.
A comprehensive enterprise security risk assessment also helps determine the value of the various types of
data generated and stored across the organization. Without valuing the various types of data in the
organization, it is nearly impossible to prioritize and allocate technology resources where they are needed
the most. To accurately assess risk, management must identify the data that are most valuable to the
organization, the storage mechanisms of said data and their associated vulnerabilities.



Reasons/Rationale for Performing a Security Risk Assessment


Cost justificationAdded security usually involves additional expense. Since this does
not generate easily identifiable income, justifying the expense is often difficult. An
effective IT security risk assessment process should educate key business managers on
the most critical risks associated with the use of technology, and automatically and
directly provide justification for security investments.
ProductivityEnterprise security risk assessments should improve the productivity of
IT operations, security and audit. By taking steps to formalize a review, create a review
structure, collect security knowledge within the systems knowledge base and implement
self-analysis features, the risk assessment can boost productivity.
Breaking barriersTo be most effective, security must be addressed by
organizational management as well as the IT staff. Organizational management is
responsible for making decisions that relate to the appropriate level of security for the
organization. The IT staff, on the other hand, is responsible for making decisions that
relate to the implementation of the specific security requirements for systems,
applications, data and controls.
Self-analysisThe enterprise security risk assessment system must always be simple
enough to use, without the need for any security knowledge or IT expertise. This will
allow management to take ownership of security for the organizations systems,
applications and data. It also enables security to become a more significant part of an
organizations culture.
CommunicationBy acquiring information from multiple parts of an organization, an
enterprise security risk assessment boosts communication and expedites decision making.



Enterprise Security Risk Assessment Methodology
The enterprise risk assessment and enterprise risk management processes comprise the heart of the
information security framework. These are the processes that establish the rules and guidelines of the
security policy while transforming the objectives of an information security framework into specific plans for
the implementation of key controls and mechanisms that minimize threats and vulnerabilities. Each part of
the technology infrastructure should be assessed for its risk profile. From that assessment, a determination
should be made to effectively and efficiently allocate the organizations time and money toward achieving
the most appropriate and best employed overall security policies. The process of performing such a risk
assessment can be quite complex and should take into account secondary and other effects of action (or
inaction) when deciding how to address security for the various IT resources.


Process
The objective of a risk assessment is to understand the existing system and environment, and identify risks
through analysis of the information/data collected. By default, all relevant information should be considered,
irrespective of storage format. Several types of information that are often collected include:
Security requirements and objectives
System or network architecture and infrastructure, such as a network diagram showing how assets
are configured and interconnected
Information available to the public or accessible from the organizations web site
Physical assets, such as hardware, including those in the data center, network, and communication
components and peripherals (e.g., desktop, laptop, PDAs)
Operating systems, such as PC and server operating systems, and network management systems
Data repositories, such as database management systems and files
A listing of all applications
Network details, such as supported protocols and network services offered
Security systems in use, such as access control mechanisms, change control, antivirus, spam
control and network monitoring
Security components deployed, such as firewalls and intrusion detection systems
Processes, such as a business process, computer operation process, network operation process
and application operation process
Identification and authentication mechanisms
Government laws and regulations pertaining to minimum security control requirements
Documented or informal policies, procedures and guidelines























100 Potential Interview Questions
By Thad Peterson, Monster Staff Writer
While there are as many different possible interview questions as there are interviewers, it always helps to be ready for
anything. So we've prepared a list of 100 potential interview questions. Will you face them all? We pray no interviewer
would be that cruel. Will you face a few? Probably. Will you be well-served by being ready even if you're not asked these
exact questions? Absolutely.

Basic Interview Questions:
Tell me about yourself.
What are your strengths?
What are your weaknesses?
Why do you want this job?
Where would you like to be in your career five years from now?
What's your ideal company?
What attracted you to this company?
Why should we hire you?
What did you like least about your last job?
When were you most satisfied in your job?
What can you do for us that other candidates can't?
What were the responsibilities of your last position?
Why are you leaving your present job?
What do you know about this industry?
What do you know about our company?
Are you willing to relocate?
Do you have any questions for me?
Behavioral Interview Questions:
What was the last project you headed up, and what was its outcome?
Give me an example of a time that you felt you went above and beyond the call of duty at work.
Can you describe a time when your work was criticized?
Have you ever been on a team where someone was not pulling their own weight? How did you handle it?
Tell me about a time when you had to give someone difficult feedback. How did you handle it?
What is your greatest failure, and what did you learn from it?
What irritates you about other people, and how do you deal with it?
If I were your supervisor and asked you to do something that you disagreed with, what would you do?
What was the most difficult period in your life, and how did you deal with it?
Give me an example of a time you did something wrong. How did you handle it?
What irritates you about other people, and how do you deal with it?
Tell me about a time where you had to deal with conflict on the job.
If you were at a business lunch and you ordered a rare steak and they brought it to you well done, what would
you do?
If you found out your company was doing something against the law, like fraud, what would you do?
What assignment was too difficult for you, and how did you resolve the issue?
What's the most difficult decision you've made in the last two years and how did you come to that decision?
Describe how you would handle a situation if you were required to finish multiple tasks by the end of the day,
and there was no conceivable way that you could finish them.
Salary Questions:
What salary are you seeking?
What's your salary history?
If I were to give you this salary you requested but let you write your job description for the next year, what would
it say?
Career Development Questions:
What are you looking for in terms of career development?
How do you want to improve yourself in the next year?
What kind of goals would you have in mind if you got this job?
If I were to ask your last supervisor to provide you additional training or exposure, what would she suggest?
Getting Started Questions:
How would you go about establishing your credibility quickly with the team?
How long will it take for you to make a significant contribution?
What do you see yourself doing within the first 30 days of this job?
If selected for this position, can you describe your strategy for the first 90 days?
More About You:
How would you describe your work style?
What would be your ideal working environment?
What do you look for in terms of culture -- structured or entrepreneurial?
Give examples of ideas you've had or implemented.
What techniques and tools do you use to keep yourself organized?
If you had to choose one, would you consider yourself a big-picture person or a detail-oriented person?
Tell me about your proudest achievement.
Who was your favorite manager and why?
What do you think of your previous boss?
Was there a person in your career who really made a difference?
What kind of personality do you work best with and why?
What are you most proud of?
What do you like to do?
What are your lifelong dreams?
What do you ultimately want to become?
What is your personal mission statement?
What are three positive things your last boss would say about you?
What negative thing would your last boss say about you?
What three character traits would your friends use to describe you?
What are three positive character traits you don't have?
If you were interviewing someone for this position, what traits would you look for?
List five words that describe your character.
Who has impacted you most in your career and how?
What is your greatest fear?
What is your biggest regret and why?
What's the most important thing you learned in school?
Why did you choose your major?
What will you miss about your present/last job?
What is your greatest achievement outside of work?
What are the qualities of a good leader? A bad leader?
Do you think a leader should be feared or liked?
How do you feel about taking no for an answer?
How would you feel about working for someone who knows less than you?
How do you think I rate as an interviewer?
Tell me one thing about yourself you wouldn't want me to know.
Tell me the difference between good and exceptional.
What kind of car do you drive?
There's no right or wrong answer, but if you could be anywhere in the world right now, where would you be?
What's the last book you read?
What magazines do you subscribe to?
What's the best movie you've seen in the last year?
What would you do if you won the lottery?
Who are your heroes?
What do you like to do for fun?
What do you do in your spare time?
What is your favorite memory from childhood?
Brainteaser Questions:
How many times do a clock's hands overlap in a day?
How would you weigh a plane without scales?
Tell me 10 ways to use a pencil other than writing.
Sell me this pencil.
If you were an animal, which one would you want to be?
Why is there fuzz on a tennis ball?
If you could choose one superhero power, what would it be and why?
If you could get rid of any one of the US states, which one would you get rid of and why?
With your eyes closed, tell me step-by-step how to tie my shoes.