Position: Group Business Systems Auditor
Company: ANSA McAL Limited
As a team member of the Internal Audit team the Business Systems Auditor will get in contact with both IT and business people throughout the Group to assess IT risks and controls and make recommendations for improvement. He/ She will also provide advice in order to improve the existing practices of the company. The role includes the execution of projects from the audit plan, at times rotating between teams within the Internal Audit function. When required, the Business Systems Auditor will support specific projects in other countries in which ANSA McAL Limited operates.
- Develops a detailed understanding of the activity under audit, including IT risks and controls.
- Assess IT risks and internal control strengths and weaknesses. Develop audit work program.
- Executes the work outlined in the audit work program. Document the work performed and conclusions in electronic work papers. Work as part of integrated audit teams.
- Improves and maintains IT risk assessment process for all subsidiaries within the Group (Regional locations included).
- Partners with key audit stakeholders to identify constructive and value-added solutions to address issues identified. Recommends IT and operational improvements which ensure that proper controls are exercised over all aspects of the business and that Company assets are conserved, protected and accurately reflected.
- Regularly interacts and communicates with management to discuss and present audit results, gain acceptance and provide advice to remediate on audit issues.
- Prepares written audit reports and assists in the presentation of audit results. Strives to continuously improve communication to appropriate management levels to maximize the value of audit services.
- Advises IT and business stakeholders on control best practices within their processes to reduce risks and improve efficiency.
- Optimizes Internal Control Framework by aligning significant IT risks to control objectives and controls and ensures that controls are tested in the most efficient way.
- Monitors the implementation of action plans arising from audit assignments, i.e., follow ups.
- Optimizes External Audit reliance on IT related matters through proper planning and communicating with the External Audit teams.
- Reviews and appraises the soundness, adequacy and application of IT, financial and other operational controls in accordance with the COBIT Standards to ensure effective control at reasonable costs. Ascertains the extent of compliance with established policies, procedures and business practices to ensure effective operations.
- Shares expertise and experience with the Internal Audit team and acts as a coach on specific projects whenever necessary.
- Supports Sarbanes-Oxley compliance activities by testing and evaluating effectiveness of key SOX control activities as determined by the Head of Group Internal Audit.
- Participates in the due diligence activities of merger/acquisition projects.
- Participates in special projects by conducting specific and technical review/investigation activities.
- Supports any IT implementations or other changes taking place through the execution of pre and post conversion audit work including guiding Management and Internal Audit teams on data clean-up and process designs, and advising on readiness of Subsidiaries to go live on new/upgraded platforms.
- Professional certification (CISA, CISSP, CISM).
- University degree or other equivalent tertiary qualification (ACCA).
- 2 to 4 years relevant experience in IT auditing, or information security.
- Analytical skills and creative problem solving abilities.
- Good knowledge of:
- Auditing and Data Analysis tools such as ACL and Idea
- Structured Query Language (SQL) or MS Access databases.
- Experience with Great Plains, AX Dynamics and Technology One software auditing will be an asset.
- SOx audit experience will be an asset.
- Effective project management skills.
How to apply:
- Are you certified in either CISA, CISSP or CISM? - Do you have a Bachelor's Degree or Equivalent? - Do you have 2 - 4 years experience in IT auditing or Information Security? - Are you familiar with the audit/ data analysis tools: ACL and Idea? - Are you familiar with SQL or MS Access databases? - Do you have experience with Great Plains, AX Dynamics & Technology One software? - Do you have SOx audit experience?