For IT Audit Manager (AVP5 / AVP4) position, experience in managing audits
Good knowledge of various operating systems, data bases, etc for mainframe, midrange and/or open systems; with working / auditing experience in at least 1 platform
Strong risk-based audit experience with hands-on experience in using CAATS, preferably ACL
...
Participate in the conduct of health checks and reviews to assess status of adoption of and compliance with policies and standards, to identify non-compliance gaps, to recommend remediation follow-ups, to validate remediated actions and to close the findings.
Conduct pre-audit compliance health checks on large-scale, complex system high/medium risk areas to establish the status of adoption of and compliance with policies and standards, for regular reporting to stakeholders.
Establish and maintain the Audit Dashboard for tracking of all health checks and audit findings to ensure timely completion, validation and closure for regular reporting to stakeholders.
...
Manage and ensure IT policies and procedures up to date across the organization, working with the appropriate stakeholders
Jointly monitor, track and review with Cyber Security team and other IT teams on all risk findings and assessments of IT initiatives.
Develop, maintain, review and report on the IT Risk Register. Schedule and participate in periodic risk self-assessments and track remediation action plans.
...
Develop audit plans and programs using a risk-based approach.
Ensure adherence to relevant regulatory requirements, recommending improvements to corporate policies, standard operating procedures, and current practices to enhance existing IT control and design.
Identify potential risks, control gaps/lapses and drive the sharing of best practices relating to risk management.
...
Facilitate audits conducted by auditors from Auditor General’s Office, WOG ICT Governance Group, Internal Auditor Dept, etc, by managing auditor-auditee interactions during audit fieldwork, and for management responses, audit finding validation and closure.
Participate in the conduct of health checks and reviews to assess status of adoption of and compliance with policies and standards, to identify non-compliance gaps, to recommend remediation follow-ups, to validate remediated actions and to close the findings.
Conduct pre-audit compliance health checks on large-scale, complex system high/medium risk areas to establish the status of adoption of and compliance with policies and standards, for regular reporting to stakeholders.
...
Performing general and application control reviews for simple to complex computer information systems.
Performing information control reviews to include system development standards, operating procedures, system security, programming controls, backup and disaster recovery, and system maintenance.
Direct and/or execute IT audits, including identifying and defining issues, developing criteria, reviewing and analyzing evidence, and documenting client processes and procedures.
...
Assist with the execution of the IT project plan, ensuring efficient and timely execution of all stages of the IT audit program.
Perform risk assessments on IT, covering IT General Controls and Application Controls.
Assist in creating and maintaining all documentation relevant to IT audit program such as process narratives, walkthroughs, flowcharts, testing and controls evaluation documents.
...
Advances the overall Information Security and technology risk posture of the company, embedding risk culture and programs to secure the IT environment through policy governance, innovative security solutions, process and controls and initiatives, training and awareness programmes, and risk reviews.
Initiate and manage client engagements, emphasizing IT Audit and Information Security Assessments. Identify and pursue new business opportunities with existing clients, collaborating closely with the Cybersecurity team. Develop and customize audit programs and security audit checklists to evaluate the design and effectiveness of internal controls in mitigating IT risks.
Plan, execute, and oversee annual policy compliance audits, process audits, and technical audits on critical systems and infrastructure. Formulate and implement mitigation plans to enhance overall ICT governance. Monitor and validate audit findings to ensure effective control remediation and address root causes.
Enhance market presence and visibility, driving opportunities with new clients to strengthen the organization's brand. To succeed in this role, you will ideally have: Minimum of 10 years of progressive IT audit experience, including roles in audit, public accounting/consulting, risk management, or security.
...
Key Responsibilities:
Develop and execute a comprehensive IT audit plan to assess the effectiveness of IT controls, security, and compliance.
Partner with the 1st line of defense to ensure IT processes and controls are designed and operating effectively.
Front the 3rd line of defense (Internal Audit team), facilitating external audit engagements and ensuring thorough and timely completion.
Evaluate IT policies, procedures, and practices to ensure compliance with regulatory requirements and industry standards.
Identify and assess IT risks, providing actionable recommendations to mitigate potential issues.
Collaborate with IT and business stakeholders to ensure alignment of audit activities with organizational goals.
Prepare detailed audit reports, highlighting key findings, recommendations, and action plans.
Monitor the implementation of audit recommendations and ensure continuous improvement.
Stay current with emerging IT risks, technologies, and regulatory changes to keep the audit process relevant and effective.
Mentor and develop junior audit staff, fostering a culture of excellence and continuous learning.
Qualifications:
Bachelor's degree in Information Technology, Computer Science, Accounting, or a related field. Advanced degree or professional certification (CISA, CISSP, CISM, etc.) is desirable.
Minimum of 7 years of experience in IT audit, with a strong background in collaborating with the 1st line of defense and managing engagements with the 3rd line of defense.
In-depth knowledge of IT governance, risk management, and internal control frameworks (e.g., COBIT, NIST, ISO).
Proven track record of leading and executing IT audit projects in a complex and dynamic environment.
Apply:
If you are interested in the above job or other IT leadership / IT Governance positions, please kindly send your CV to Shannagh Wu at [HIDDEN TEXT]
...
The Associate Director / Director, IT Audit, will play a pivotal role in strengthening our IT department's audit and assurance capabilities. Reporting directly to the Chief Information Officer (CIO), this position will closely partner with the 1st line of defense and front the 3rd line of defense (internal audit team). This collaboration ensures that our IT risk management, governance, and internal control processes are thoroughly assessed and improved.
Key Responsibilities:
Develop and execute a comprehensive IT audit plan to assess the effectiveness of IT controls, security, and compliance.
...
Advances the overall Information Security and technology risk posture of the company, embedding risk culture and programs to secure the IT environment through policy governance, innovative security solutions, process and controls and initiatives, training and awareness programmes, and risk reviews.
BDO’s distinctive reputation is built upon our commitment to all our stakeholders that what matters to them, matters to us. And in building a successful business, a culture of people is the centerpiece of our business
Plan and execute IT or Internal operational audits. reviews and special projects in accordance with department and professional standards and complete assignments in an efficient manner
Identity and communicate audit findings/recommendations with management in both technical and non-technical terms. writing/reviewing audit reports
Perform follow up. tracking. validation and reponing of implementation status of recommendations
...
Review IT systems to ensure effectiveness of controls, security measures, and compliance with policies and regulations. Propose enhancement if required.
Analyse trends and provide oversight on compliance matters and improve effectiveness of update, tracking and reporting of compliance status via the implementation of initiatives and tools.
...
Conduct comprehensive IT audits, meticulously assessing IT risks and controls pertaining to the Company's IT systems.
Evaluate the design and operational effectiveness of internal controls, ensuring strict compliance with regulatory requirements from governing authorities, adherence to company security policies, and internal control procedures.
Perform reviews across various domains, including:
...
Our clients include listed companies and non-profit organisations.
The IT Auditor is responsible for assessing the risks associated with a company's information technology systems and designing and implementing audit procedures to mitigate these risks.