Key Accountabilities:
Prepare a group risk-based IT audit plan.
Assessing & Evaluating IT control, compliance, governance, process, and risk management.
Lead IT Security Assessment & Audit project assignments.
Development of Internal controls questionnaires, audit programs and audit work papers incorporating test schedules, observations, audit conclusions and ensuring audit objectives are satisfactorily met.
Discuss the outcomes of the IT audit assignments with the related management team and the Chief Internal Auditor.
prepare a follow up plan with respective owners on the Audit findings, risks and recommendations.
Establishing & Reviewing IT audit process and methodologies related IT Applications, Infrastructure, Network, Security & Access Management, Servers and etc.
Assess IT Audit procedures and standard operating documents related to Business Continuity Plan (BCP).
Continuously looking for areas for improvements on IT governance and risk management, providing recommendations, best practices, to business stakeholders and management team.
Develop, build & implement tools to analyze data to improve audit efficiency and effectiveness.
Assess IT systems to ensure they follow the company’s policies and procedures.
Qualification & Skills:
- Degree in Finance, Accounting or Computer Science.
- 8 to 12 years’ experience in IT Audit.
- CISA certificate is a must.
- Understanding of multiple technology domains including software development, Windows, database management, networking, and UNIX (preferred).
- Understanding of information security standards, best practices for securing computer systems, and applicable laws and regulations.
- Outstanding interpersonal and communications skills; ability to communicate effectively with technical and non-technical audiences.
- Strong knowledge of Specialty Lines Insurance/Reinsurance.
- Expert knowledge of internal auditing, internal controls, risk management, and finance and accounting practices and methods.
Comprehensive understanding of internal control environments within the IT function.