Audit Engagement Manager; Tehnology

Role Purpose

The Senior Audit Engagement Manager / Audit Engagement Manager – Technology Audit is responsible for independently managing and delivering end-to-end internal audit engagements, assurance & advisory, within the Technology & Digital domains. The role ensures that audits are executed in accordance with Global Internal Audit Standards, IPPF (Institute of Internal Auditors), and applicable local regulatory requirements (e.g., FSA) while maintaining high-quality audit documentation and reporting standards.

The incumbent is accountable as subject Matter Expert on areas related to IS / Digital & Platforms, Technology Infrastructure, Cyber Security and Business continuity & DR.

Title: Senior Audit Engagement Manager/ Audit Engagement Manager, Technology Audit (IS Audit)

• Unit:
  Internal Audit
• Division:
  Internal Audit Centre of Excellence
• Location:
  
  HQ

• Audit Engagement Manager: P5

• Bachelor’s in IT /Computer Science / Engineering (Computer/Network/Telecom) or related subjects.
• Professional certification including CISA, CISSP, CISM, CIA will be highly preferred.

• Audit Engagement Manager: a minimum of 8 years of experience.

• Perform business process understanding, identification of key controls, and risk assessment for assigned audit areas within the Digital & Technology domains.
• Define audit objectives, scope, timelines, and resource requirements.
• Develop risk-based audit plans and detailed audit programs (Risk Control Matrix) aligned with internal audit methodology.
• Identify key control points, applicable regulations (e.g., FSA), and relevant frameworks (IPPF, COBIT, NIST standards, Telecom specific standards) to be used as criteria for the audit engagement.

• Execute audit procedures in accordance with approved audit programs and methodologies.
• Perform walkthroughs, control testing, data analysis, and evidence validation.
• Identify control deficiencies, risk exposures, and process improvement opportunities.
• Conduct root cause analysis and evaluate business impact of findings.
• Ensure professional skepticism and independence throughout audit execution.

• Prepare clear, concise, and risk-focused audit reports.
• Document audit findings with:
  Condition, criteria, cause, impact and Practical and actionable recommendations.
• Discuss findings with management and obtain agreement on action plans and timelines.
• Present audit results in closing meetings, clearly articulating key risks and insights.
• Ensure timely issuance of final audit reports in line with agreed timelines.

• Maintain complete, accurate, and well-structured audit working papers within the Audit Management System ensuring that the working papers support the audit findings and conclusions.
• Adhere to internal audit methodology, templates, and documentation protocols.
• Ensure readiness for Quality Assurance & Improvement Program (QAIP) reviews and internal/external quality assessments.

• Track implementation of agreed management action plans against the reported audit findings.
• Perform follow-up reviews to validate closure of audit findings.
• Assess adequacy and effectiveness of remediation actions taken.
• Escalate overdue or high-risk findings to senior management as applicable.
• Maintain accurate status of audit findings in the audit tracking system.

• Act as Subject Matter Expert (SME) in IS / Digital & Platforms, Technology Infrastructure, Cyber Security and Business continuity & DR.
• Ensure knowledge transfer on the respective audit domain to other internal audit resources.

• Provide value-added insights on emerging technology risks and control improvements.
• Plan, perform and report on Advisory engagements as per the approved methodology ensuring quality standards.
• Build effective relationships with the key stakeholders.

Contribute to continuous enhancement of audit methodologies, tools, and practices.