This position plans and manages internal audits of IT applications and domains at FINCA; Formulates annual audit plan based on existing IT application and domains in light of audit focus areas and global trends; Outlines scope of audit, executes audit plan and highlights significant audit matters (SAMs); Analyze risks associated with IT processes and assess the effectiveness of IT domains; Consolidates audit results on quarterly basis and shares summary of high risk cases with supervisor for audit committee meetings; Executes special assignments and identifies value addition areas in existing IT practices. These responsibilities are carried out WITH the objective to ensure that audit processes are compliant with timelines, standards, controls, applied laws and regulations, and to maximize value addition to the business WITHIN the limits of organization’s policies, procedures, SOPs, SBP regulations, internal compliance, and directions/guidelines from the supervisor.
- To assist in preparation of yearly IT/IS Audit Plans
- To ensure that the planned audits are completed when expected.
- To be Proactive in resolving planning conflicts, delays or ad hoc requests during the year, in coordination with the Manager IT Audit.
- To prepare the scopes of assignments & respective IT/IS audit procedures.
- To exercise the IT/IS Audit Engagements in identifying, probing and documenting the audit issues and recommending for improvement.
- To conduct the Exit Meetings with the Auditees.
- To Draft the IT/IS Audit Reports & the Auditees Rectification Remarks and archive the relevant Evidences, to ensure the completeness, accuracy and validity of audit findings and recommendations.
- To finalize the Auditees Ratings in view of their Audit Reports.
- Ensure that the engagement audit files are complete in all respects and its archiving is in compliance with the Internal Audit operating policies.
- To communicate the results of audit reports & inferences via timely written reports, according to planned reporting schedule or as required by his Line Manager.
- To keep his Line Manager posted about the Audit Assignments vis-à-vis Actual vs Budget.
- Confident about his skill-set & professionally mature.
- An objective, logical & enquiring mind.
- Planned and well organized approach towards work.
- Problem resolving approach
- Ability to give constructive feedback.
- Results Oriented - who would meet deadlines on assignments, juggle multiple demands and to work with all types of individuals.
- A sufficient idea about the Policies & Procedures of IT Department at Head office level.
- A sound concept of Internal Control Environment w.r.t COSO / COBIT Frameworks.
- Review security measures for breaches and corrective action.
- Review authorization of sensitive functions and segregation of duties.
- Review system development life cycle.
- Review availability and supportability of the applications.
- Perform audit of the database/application and review policies, standards, procedures, configuration and management of the database systems.
- Review logs of audit trails for application activities.
- Perform extensive CAATS on application data.
COSO, COBIT, Audit, IT, IS Audit, COSO Framework,