Senior Manager/AVP - IT Audit - Insurance

Qualification:

- Chartered Accountant with CISA or

- Bachelor of Information Technology or BTech with IT Audit experience

- Certified Ethical Hacker

Experience : 8-10 years in Information Technology Audit related areas

Role Summary: The jobholder will assist the Internal Audit (IA) department in executing the strategy pertaining to Information Technology. The jobholder will ensure successful completion of assigned audit engagements, from start to finish, inclusive of preplanning and wrap up activities. Communicate identified issues to ensure any potential concerns are addressed in a timely and effective manner. Liaise with the control communities and other members of the company to contribute to the implementation of an effective and efficient system of internal control.

Key Result Areas:

- Assist in the development of the annual risk-based IT audit plan by assessing the key risks in the Organisation.

- Plan, lead/support and execute IT audits within the organization in accordance with the annual audit plan approved by the Audit Committee.

o Prepare risk assessment matrix identifying key risks and controls in the audit area.

o Prepare audit programs and detailed audit work papers incorporating test schedules, observations, and audit conclusions

o Perform walk through along with the process owners and prepare process flowcharts

o Test the existing controls in place, conclude on the adequacy, effectiveness and efficiency of key controls tested and recommend action plan to address the risks where controls are weak;

o Ensure that the working papers, draft audit reports and other deliverables meet internal standards and assignments are completed within budgeted time and supporting documentation have been properly referenced on Team-Mate (audit software).

- Review and co-ordinate the work of the external firms, whenever appointed for conducting specialised IT audits.

- Communicate the results of IT audits and other assignments via written reports and oral presentations, and provide professional advice and insights in order to enable informed management decisions.

- Comply with Quality Assurance checklists to ensure that working papers are complete and serve as a stand-alone reference to support audit findings;

- Assist in special jobs/ fraud investigation reviews whenever needed.

- Follow-up outstanding audit issues and monitor timely completion of agreed remedial actions by management.

- Build audit relationship with key IT Management via regular interaction so as to be informed of emerging risk issues and other key changes.

- IT Audits covers areas such as review of ITGC, review of IT Applications in line with COBIT framework, review of Data centre, Networks and supporting IT infrastructure, review of information security audit including cyber security, application security (including mobile & web), network security, database security, cloud security, endpoint security, etc., review of Database Management, Security & Incident Management, Access Management (including PIM), BCP/DR Management, IT Infra, operations and network management, etc., review of VAPT of various mission critical applications.