Internal Audit Manager - IT

Job Objectives

Perform the full audit cycle for Information System processes including risk management and control management ensuring operations’ effectiveness, financial reliability and compliance with all applicable directives and regulations

Responsibilities

Financial

• Meticulously analyse financial requirements for the IT Audit department and prepare the budget
• Diligently track and report adherence to the approved department budget and timely highlight the deviations to ensure that corrective action is taken

Operational 

Audit Planning:
• Support in preparation of Annual Audit Plan for IT and Billing Audits
• Conduct internal audits in line with the annual audit plan.
• Plan and execute engagements in the areas of IT, IT Security and Cyber Security. Perform independent reviews and evaluations of IT systems, infrastructure and management operations and activities to appraise effectiveness, reliability, confidentiality, availability and integrity of IT systems and their underlying data and operating information in accordance with accepted auditing standards/ frameworks e.g COBIT, ISO27001, NIST, ISO22301, CIS, etc.

Audit Fieldwork:
• Develop and design meticulous audit programs for the function and undertake the evaluation of the risk controls adopted by the business units across the organization
• Assess risk and controls related to the assigned engagement to anticipate possible risks and concerns in process
• Liaise with the business units to identify controls and measures for adoption across processes to mitigate any operational risks
• Work closely with business units to efficiently and effectively implement the audit program: gather audit related documents and evidence to conduct audit ensuring compliance with applicable standards

Audit Report:
• Analyse the audit findings and prepare detailed audit reports focussing on the action plan for risk mitigations
• Prepare audit reports and presentations for Senior Management and Audit Committee

Audit Documentation and Follow up of Action Plan:
• Maintain and precisely update the audit related documentation in GRC system: working papers, and minutes of meetings etc.
• Liaise with Business Units and regularly follow-up on planned actions to effectively close the audit findings
• Identify and present best practices and business process improvement opportunities.

Support in IT Investigations, GRC Tool and Data Analytics:
• Support in investigations
• Support and coordination of GRC software.
• Data Analytics Tool Support and Maintenance
• Take ownership for attending the trainings as per the plan
• Take ownership for completing PMR process, employee engagement surveys in time
• Continuously share the knowledge and understanding of the telecom industry and business trends
• Motivate and build a healthy work environment within the team. Provide support in resolving work related / other concerns with internal and external stakeholders in an effective manner.

al Audit Head to create a comprehensive internal audit plans covering different functions across areas of internal audit
• Monitor and ensure implementation and timely completion of internal audits in line with the approved audit plan
• Work closely with Internal Audit Head to finalise the Department budget
• Inform the CAB on noticing any deviations from approved budgets in order to take corrective action in case of any deviations
• Liaise with business units to ensure timely availability of audit related documents and evidences for effective and efficient implementation of audit programs
• Provide expertise in defining audit requirements
• Monitor the implementation of audit programs with high involvement in critical audits; evaluating the systems, infrastructures, and integrated business applications to ensure that systems are secured and supporting the related applications/business processes
• Prepare a comprehensive audit risk control matrix; analyse and assess the risk impacts to prioritize risks for their impact on business and organization and ensure alignment of the audit programs to the risk control matrix
• Provide guidance to the team of internal auditors for diligently conducting the audit activities in line with the defined standards, protocols and guidelines
• Diligently analyse and evaluate all the audit related documents including financial data, records, reports and statements etc ensuring achievement of audit objectives
• Review internal audit reports and deliverables prepared by the team ensuring accuracy, precision and meticulousness in all the work deliverables
• Prepare detailed audit reports for management on adequacy of the organization’s controls, systems, policies, procedures and regulations; highlighting instances of non-compliance and recommending action plan for improving systems & infrastructure for effectiveness & efficiency
• Work closely with the management to provide the management with necessary explanations and insight for them to take necessary action on audit findings ensuring implementation of corrective action plan to enhance the current systems, processes and infrastructure
• Assist the Head of Internal Audit in the investigation of suspected fraudulent activities within the organization reported by the whistle-blowers, management or Audit committee or noted by IA team.
• Ensure compliance of the audit activities with policies, plans, standards, laws and regulations which could have significant impact upon business operations and systems
• Keep abreast with general business, economic developments and new announcements, standards and provide insights of their impact on business and implication on audit programs
• Assist the Head of Internal Audit in developing the Internal Audit policies, processes and procedures ensuring alignment with the international Internal Audit Standards

People

• Identify training needs and nominate team members for training programs
• Ensure timely completion of PMR process for self and the team
• Continuously share the knowledge and understanding of the telecom industry and business trends
• Ensure active participation in employee engagement surveys

•Bachelor’s degree in information technology or computer information systems or computer science as applicable

• Masters in Business Administration, Cyber Security, Information Security and programming language would be an added advantage

• 8 years of experience in IT Audit, IT Security, Cybersecurity and ISO Audits domain.

• Minimum 4 years’ Post Professional Qualification experience in IS Audit in Internal Audit department.

• Dealing with Senior Management and effective presentation and communication skills.

• CISA/ CISM or any equivalent or higher certification is mandatory.

• Professional Qualifications such as CISM, CRISC, CISSP, C|EH, ISO 27001, ISO 22301, ITIL, GIAC certifications, PCI certifications, etc., would be an added advantage