PwC
Senior Associate - Digital Audit (SAP ITGC & Business Process Controls)
- Permanent
- Riyadh, Saudi Arabia
- Experience 2 - 5 yrs
Job expiry date: 27/04/2026
Job overview
Date posted
13/03/2026
Location
Riyadh, Saudi Arabia
Salary
SAR 20,000 - 30,000 per month
Compensation
Job description
The Senior Associate - Digital Audit (SAP ITGC & Business Process Controls) role within PwC Middle East’s Assurance practice in Riyadh focuses on delivering technology-enabled audit and risk assurance services within the Digital Audit business unit. The position is responsible for supporting digital audit engagements that combine human-led expertise with technology-driven capabilities such as automation, artificial intelligence (AI), and data analytics to strengthen the audit process and enhance assurance outcomes. The role centers on SAP system assurance activities, particularly evaluating SAP IT General Controls (ITGC) and Business Process Controls (BPC) within enterprise environments. Responsibilities include assessing the design and operating effectiveness of ITGC within SAP environments, including security administration, access controls, change management, and system development controls. The role also requires evaluating the operational effectiveness of business process controls across SAP-enabled processes such as procure-to-pay, order-to-cash, and record-to-report cycles. As part of PwC’s digital audit approach, the Senior Associate contributes to engagements involving ERP configurations including SAP and Oracle systems, IT automated controls, SOX Compliance assessments, segregation of duties testing, and broader IT control reviews across client environments. The position requires developing and executing audit testing procedures, conducting walkthroughs of business and IT processes, analyzing testing results, identifying control deficiencies or gaps, and recommending remediation strategies to improve internal controls and risk management frameworks. The Senior Associate collaborates closely with client personnel and cross-functional teams to address SAP-related risks and control issues while ensuring alignment with industry frameworks such as COBIT, COSO, and ITIL. Additional responsibilities include communicating audit observations, findings, and recommendations to client management, supporting complex problem solving across business and technology environments, and integrating insights related to emerging technologies and regulatory developments into audit methodologies. The role also involves coaching and mentoring junior team members while contributing to the development of high-quality digital audit engagements that enhance trust, transparency, and risk governance across organizations.
Required skills
Key responsibilities
- Lead digital audit engagements focused on SAP IT General Controls (ITGC) and Business Process Controls (BPC) by planning engagement scope, coordinating audit activities, executing testing procedures, managing documentation, and delivering structured audit reports that support PwC’s assurance methodologies.
- Assess the design and operating effectiveness of IT General Controls within SAP environments including security administration, user access management, segregation of duties (SoD), change management, and system development lifecycle controls to ensure compliance with internal control frameworks and regulatory expectations.
- Evaluate the effectiveness of Business Process Controls within SAP applications across key financial and operational cycles including procure-to-pay, order-to-cash, and record-to-report processes while identifying potential control weaknesses and operational risks.
- Develop and execute detailed IT audit testing procedures including performing walkthroughs of system processes, documenting control environments, conducting control testing activities, analyzing testing outcomes, and validating the operational effectiveness of automated and manual controls.
- Identify control deficiencies, compliance gaps, and operational risks within SAP systems and supporting IT environments while providing structured recommendations to enhance internal control design, strengthen risk mitigation strategies, and improve governance frameworks.
- Communicate audit findings, observations, and remediation recommendations to client management through formal audit documentation, structured reporting, and direct engagement discussions while ensuring clarity and accuracy of technical audit insights.
- Collaborate closely with client IT teams, finance teams, and internal stakeholders to address questions related to SAP ITGC and BPC controls while providing guidance on best practices aligned with frameworks such as COBIT, COSO, and ITIL.
- Coach, mentor, and develop junior team members by providing technical guidance on SAP controls testing, IT audit methodologies, and digital audit tools while supporting team development and ensuring quality delivery across audit engagements.
Experience & skills
- Hold a bachelor’s degree in Information Systems, Accounting, Finance, or a related field that supports expertise in both technology systems and financial auditing environments.
- Possess between three and five years of professional experience in IT auditing, risk management, or consulting with a focus on SAP systems, ERP environments, and technology control assessments within enterprise organizations.
- Demonstrate strong technical knowledge of SAP platforms and modules including SAP ECC, SAP S/4HANA, SAP GRC, SAP BPC, SAP Solution Manager (SAP Solman), and SAP Security as well as the configuration and control environment of ERP systems.
- Demonstrate experience evaluating SAP IT General Controls (ITGC) and Business Process Controls (BPC) including security administration, access management, change management processes, segregation of duties (SoD), and automated IT control frameworks.
- Demonstrate knowledge of IT governance and internal control frameworks such as COBIT, COSO, and ITIL and apply these frameworks when assessing control design, operational effectiveness, and IT risk management practices within client environments.
- Hold or be actively pursuing relevant professional certifications such as CISA, CISSP, CPA, CISM, or CRISC, or a relevant master’s degree that supports advanced expertise in IT audit, cybersecurity governance, and risk management.
- Demonstrate bilingual proficiency in Arabic and English with strong written and verbal communication capabilities to support client engagement, audit documentation, and stakeholder communication in a regional professional services environment.
- Demonstrate the ability to lead audit engagements, manage cross-functional teams, mentor junior staff, and collaborate effectively with clients while being willing to travel to client sites when required to support audit and assurance engagements.