Warning: You are using an outdated Browser, Please switch to a more modern browser such as Chrome, Firefox or Microsoft Edge.

Vice President

IT Internal Audit

Information Technology (IT) Auditor has responsibility to perform or lead the audit team on assigned audit projects.  The person in charge of IT audit must eligible to analyze business processes or activities within business functions to identify, assess and evaluate IT-related business risk (IT risk) to define audit objectives, scope and develop risk-based Audit Work Program (AWP).  IT audit must evaluate the efficiency and effectiveness of IT-related internal controls and provide recommendations to the management in order to identify and improve the IT control weaknesses and mitigate the related IT risk.   It is also to assist management in evaluating internal control and consulting activity designed to add value and improve an organization’s operations.

This position must possess the qualification, experience and knowledge required to evaluate the adequacy and effectiveness of the company’s system of governance, issue recommendations, in particular as to deficiencies with regard to the internal control system and the compliance with the corporate rules, and verify the compliance with decisions taken as a consequence thereof. Detailed requirements are outlined in the Group Audit Policy.

Annual IT Audit Planning

  • To assist in the preparation of an annual risk-based and / or regulatory, if applicable, audit plan. 
  • To perform IT risk assessment on auditable objects (e.g., business processes, information systems) to define and develop risk-based IT audit plans (either annual and Long-term) by using Group Audit (GAUD) provided tools & standard approaches
  • To perform calculation and allocation of audit capacity required for execution of IT audit projects according to the defined audit plans

Audit Preparation and Execution

  • Conduct the assigned audit project by following the Standard Audit Methodology of Group Audit
  • Perform audit planning, fieldwork, and reporting, including preparation of audit dashboard for submission to Group Audit 
  • Register audit issue and assign reference number of each action plan in department share drive
  • Record and update audit work and related audit documents by using or uploading to TeamMate system (TeamMate EWP).

Audit Recommendation - Implementation Status Tracking (Follow-Up)

  • Conduct the follow-up review process to evaluate the actions implemented by the management to assurance the efficiency and effectiveness of internal controls before closing audit issues.
  • Summarize the follow-up results after approved by CAE or Head of Internal Audit to close the audit issue for reporting to the relevant parties
  • Update audit issues and latest audit recommendation actions implementation status in the Audit System

Consulting Service & Advise special request

  • Provide consulting service when requested by other Departments both informal and formal request.
  • Provide recommendation for the improvement of the efficiency and effectiveness of processes, systems and procedures via discussion, email or formal report upon each requirement.
  • To perform the audit based on management request, if required.

Management of the Audit Committee (AC) Meeting

  • Assist the Secretary of the AC to organize, schedule and prepare agenda of the AC Meeting.
  • Support the Secretary of the Audit Committee and ensure that the Meeting is well organized and runs smoothly and efficiently such as prepare invitation letter and Audit Committee papers on significant audit issues,
  • Coordinate with concerned division/ department to gather information of certain issue and prepare paper for consideration and approval by Audit Committee

Reporting to Group Audit

  • Support the preparation of the Quarterly Report of the significant findings, if any.
  • Support the Self-Assessment Tool as required by Group Audit on yearly basis, if needed.
  • Update Standard Audit Methodology on yearly basis, if applicable.
  • Bachelor’s degree in Computer Science / IT / MIS / Mathematics & Applied Statistics or Business Admin or related fields 
  • Proficiency in risk analysis, and strong analytical skills particularly in regard to assessing the probability and impact of an internal control weakness
  • IT security related technologies e.g., Firewall, Intrusion Prevention/Detection Systems (IPS/IDS), Malicious software (Malware) prevention/detection & correction solutions, data encryption, Internet Protocol Security (IPSec), etc.
  • Relational Database Management System (RDBMS), Structured Query Language (SQL) and Data Analysis
  • Object Oriented Programming (OOP) & Web Application Programming
  • Have a Certified Information Systems Auditor (CISA)
  • Fluent in English business communication

Form sent successfully.

Apologies, we are currently unable to handle your request.

Enter the text below. 60 seconds remaining.

Can't read the text?