The Division objectives are to plan, develop and deliver independent and objective assurance services to the Group Audit and Risk Committee (GARC) and Senior Management on governance, internal controls and risk management processes mainly through the disciplined planning, implementing and reporting of internal audits conducted on the various audit entities.
The incumbent is required to:
- Assist the Head of Internal Audit in managing and supervising IT and operations audit jobs throughout the planning, field work and reporting phases within specified deadlines.
- Support the Head of Internal Audit in Division’s activities required by the Senior Management and/or organisation’s operations.
- Lead team and be involved in audits in accordance with the annual audit plan approved by GARC. Audit findings reported are to be derived from proper testing of relevant and substantial evidence.
- Develop and/or maintain audit programmes.
- Participate/assist in the other audit assignments as assigned by the Head of Internal Audit.
KEY AREAS OF RESPONSIBILITIES
- Provide independent and objective assurance and consulting services in accordance with the Audit Charter and based on “The Standards for the Professional Practice Framework” as prescribed by the Institute of Internal Auditors, BNM Guidelines and any other relevant standards.
- Lead and participate in IT and operations audits within PayNet, which include:
- To appraise the adequacy of the action taken by auditee and operating management to correct reported deficient conditions.
- To review and recommend improvement of internal controls and policies and procedures designed to safeguard organization resources, promote organizational growth, and ensure compliance with applicable laws and regulations.
- To develop and maintain the audit programmes.
- Assist Head of Internal Audit to:
- Prepare report on the results of Internal audit assignments for GARC.
- Follow-up on all audit recommendations that have been agreed upon by the management and report accordingly.
- Perform ad-hoc review or any other assignments as directed.
- Support Division’s required by Senior Management and/or organisation’s operations.
- Review work performed by subordinates as directed.
- Develop and enhance the competency, skills and knowledge of fellow auditors by providing appropriate training and coaching.
- Communicate clear and specific performance expectations and measures of success to subordinates; inclusive of explaining business unit goals and results, and how their contributions made a difference.
- Participate as an observer in critical activities process such as tender opening, BRCP/DR testing, disposal of assets and report to immediate superior on the activities.
- Provide performance feedback to subordinates and peers (if required).
- Aware of and uphold the security responsibilities as stated in the company’s Information Security Policy.
- Ensure all the information asset processing and day-to-day activities are based on the company’s Guidelines on Information Handling and Security Classification.
- Possess at least a good Bachelor’s degree, preferably in Accounting, IT or MIS or equivalent. A Master degree is a plus.
- Engage in professional development activities, including completion of a professional certification program CISA/CIA/ISMS Lead Auditor professional certification will be an advantage.
- At least five (5) years of working experience in managing IT and operations internal audit assignment.
- Related experience in large Audit/Consultation Firm or financial services is a plus.
- Sound knowledge of IT related matters and accounting principles.
- Auditing Standards - Demonstrate competency in performing both IT and operations audits and have the required skills and knowledge necessary to perform an audit.
- Project Management - Demonstrate ability to initiate, plan, executing and control a project/audit assignment. Also, demonstrate the ability to supervise audits and review the work performed by the auditors to ensure adequacy of audit scope and testing performed, and the accuracy of the conclusions reached and completion of the assignment within the stipulated time frame.
- Problem Management - Demonstrate ability in problem escalations which includes identifying, controlling and resolving the problems in a timely manner and communicating the results for further actions.
- Report Writing - Demonstrate competency in providing audit report in an appropriate form to intended recipients upon completion of audit works.
- Good organizational/analytical skills.
- Self-motivated and independent.
- Punctual and reliable, with good time management skills.
- Excellent communication/writing skills; Bahasa Malaysia & English.
- Computer literate – Microsoft Word, Microsoft Excel, Microsoft Powerpoint
- Experience in ISMS, COBIT, PCI DSS or any other audit framework is an added advantage.
- Familiar with CAATS such as ACL is an added advantage