Associate Principal – Internal Audit; IT Audit

Position: Associate Principal – Internal Audit (IT Audit)
Role & responsibilities
Competency Framework
Managing Process and Administration
Develop, maintain and communicate detailed IT Audit framework, policies and processes aligned with the identified IT Risks to support Regional Head IA&C
Conduct comprehensive annual IT risk assessment both the identification and evaluation of risk areas for the purposes of the yearly IT Audit planning through targeted risk interviews of various IT leaders/ teams across all BSAPIC GCs.
Provide support, education and training to team/ employees as required to build risk awareness within the organization.
Ensure successful completion of annual IT audit plan through effective supervision and within schedule and budget.
Support Regional Head IA&C:
Work closely with Regional Head IA&C, in assessing the Groups IT framework, processes and controls
Provide support to the Regional Head IA&C on various matters, such as preparing for the Audit Committee, supervising audit staff during audit assignments and planning audit assignments
Assist and train other audit staff in the use of computerized audit techniques, and in developing methods for review and analysis of computerized information systems
IT Operational Audits:
Plan and lead operational IT audit assignments including; planning, communication with auditees, developing audit programs, executing work assignments, supervising staff assigned to the audit (if applicable), preparing the audit report and presenting it to Local Management, including GC MDs.
The scope of operational IT audits includes general and application control reviews for simple to complex computer information systems, system development standards, operating procedures, system security, programming controls, communication controls, backup and disaster recovery and system maintenance
Conduct follow-up assessments and audits, if required, to ensure that prior recommendations have been adequately implemented
Provide advice to Local Management and business operations on request, such as providing best practice advice on specific matters, how to implement audit recommendations and providing templates or policies from other companies
Support the continuous improvement process and proactively suggest how the quality and efficiency of IT audits can be improved
J-SOX Audits:
Plan and lead J-SOX ITGC audit assignments including; planning, communication with auditees, executing work assignments, preparing the audit report and presenting it to Local Management.
Conduct follow up IT audits to ensure that prior recommendations have been adequately implemented
SAP SOD Reviews:
Lead and drive SAP SOD (Segregation of Duty) reviews using third party SOD analysis software (Soterion) across BSAPIC GCs.
Stakeholder Engagement & Management
Primary / first point of contact for IT related Controls and audits across all BSAPIC GCs
Establish strong relationships with relevant stakeholders i.e. Regional Head, IT and other relevant BSAPIC IT leaders/ teams, as well as IT teams iodically present on IT-related Risk and report status of IT Audit projects and progress at the periodic IA meetings with BSAPIC CFO/ Regional Head of IT and other Executive Committee members, as deemed appropriate.
Tracking and closure of agreed Management Action Plans (MAPs):
Ensure all MAPs are addressed and follow-up monthly basis for senior management reporting.
Collaborate and provide relevant support to the business as necessary to ensure resolution and closure on a timely basis.
Global/Region/Local Assignment/Initiative/Task
Lead and participate in IA initiatives i.e. Regional Conferences, special projects, where required and rendered support to BSAPIC AC reporting, compliance purposes and best practice sharing including engagement with IA leaders across the globe when required
Lead and conclude special investigations when required and ensure resolutions are properly implemented
Lead, engage and conduct consignment IT audits of Diversified Businesses (DB) (when assigned by J-Segment) across assigned country/GC
Team Management
Drive the annual risk-based planning exercise for IT Audits (Operational and J-SOX) and planned monthly assignments ensuring all audit activities are performed as scheduled.
Support Regional Head of IA&C in providing updated reports/results/status of audit findings to Senior Management and Audit Committee.
Manage/ coach direct report(s) within the IT Audit team, as required.
Manage other ad hoc tasks as required.

Ad-hoc Special Assignments:
On request, lead and perform special investigations (including suspected frauds) and ensure the quality and completeness of the investigation. Present the outcome of special investigations to local and regional management and follow-up regularly to ensure that countermeasures have been properly implemented.
Participate in other ad hoc studies, projects and other special assignments if requested.

Preferred candidate profile
Bachelors Degree in IT/ Computer Science or equivalent, and a relevant professional qualification (e.g. CISA)
Minimum ten (10)…