The role of Auditor involves:
- Conducting audits of Information Systems / Information Security covering process reviews, application control and functionality reviews, BCP and DR testing, and adherence to Regulations with respect to Information Systems / Infosec
- Execution of planned audits by adhering to given schedules and ensuring adherence to audit / ISO processes & ICAI standards. Review of Compliances to Audit reports submitted by Auditee units. Ensuring follow up for closure of reports and files within prescribed timelines.
- Conducting internal audits within stipulated time and submission of audit reports based on risk based audit norms.
- Ensuring quality of audit report (depth & coverage) by focusing on root cause analysis and providing qualitative suggestions/recommendations for improvement of processes & mitigation of risk
- Effective use of off-site audit reports (with special focus on data mining & analysis) for bringing out risks in the audit reports.
- Conducting planned and unplanned audits and provide qualitative suggestions/recommendations for improvement of processes
- Updating skill sets and knowledge through continuous readings, attending trainings
- Ensuring timely follow up on closure of audit findings; checking the closure in line with the risk and recommendation; processing the closure of audit issues / reports as per the policy
- Timely submission of information relating to audits conducted to internal and external stakeholders.
Base qualifications:
- Graduates/CAs/MBA (Finance) with relevant certification such as CISA / CISM / CISSP / CIA
- 3-5 Years of Experience (Audit/ Banking / NBFC Domain preferred)
- Experience in Information Systems / Infosec audits in the financial services (Banking, NBFC) industry
Technical skill set for Information systems auditor. The auditor should have:
- Solid base of computer skills in hardware and software
- Knowledge of various operating systems
- Knowledge of Databases
- Hands on experience on Network Architecture
- Knowledge of other IT infrastructure
- Application controls and Interfaces
- Knowledge on Computer Assisted Audit Techniques (CAATs)
- Knowledge on Information security governance
- Knowledge on Business Continuity and Disaster Recovery framework
Didn’t find the job appropriate? Report this Job