Information Technology Audit Manager

The Manager – IT Audit is responsible for leading and executing risk-based IT audit engagements to evaluate the effectiveness of technology governance, cybersecurity, enterprise applications, IT operations, and technology-related controls.

The role provides independent assurance over technology risks and supports the organization in strengthening its control environment, safeguarding information assets, and improving the effectiveness and efficiency of business processes enabled by technology.

1.

Contribute to the development and execution of the annual risk-based IT Audit Plan aligned with organizational objectives and technology risk priorities.

2.

Provide independent assurance on technology governance, cybersecurity, digital transformation initiatives, and emerging technology risks.

3.

Support the continuous enhancement of IT audit methodologies, tools, and technology-enabled auditing practices.

4.

Stay abreast of emerging technologies, cybersecurity threats, Artificial Intelligence (AI), and industry best practices to enhance audit coverage and effectiveness.

5.

Act as a trusted advisor to management on technology risk and control-related matters.

1.

Support the efficient utilization of audit resources and budgets while delivering the approved IT audit plan.

2.

Identify opportunities to improve operational efficiency, reduce technology-related risks, and strengthen internal controls through audit recommendations.

3.

Promote the use of data analytics, automation, and continuous monitoring techniques to enhance audit efficiency and effectiveness.

4.

Support the prevention and detection of potential financial, operational, and technology-related control weaknesses through effective assurance activities.

1.

Build and maintain effective working relationships with IT, Digital, Cybersecurity, Risk, and business stakeholders.

2.

Facilitate discussions with management to validate audit observations and agree on practical corrective action plans.

3.

Communicate audit findings, recommendations, and technology risk insights to management in a clear and professional manner.

4.

Monitor and follow up on agreed management actions to ensure timely remediation of identified issues.

5.

Collaborate with internal and external assurance providers, where applicable, to improve assurance coverage and coordination.

1.

Plan, lead, and execute risk-based IT audit engagements in accordance with approved audit methodologies and professional standards.

2.

Assess the design and operating effectiveness of IT General Controls (ITGCs), application controls, and automated business controls.

3.

Conduct reviews of user access management, segregation of duties, change management, system operations, backup and recovery, and cybersecurity controls.

4.

Evaluate controls within ERP, CRM, and other business-critical applications, including SAP and related systems.

5.

Perform technology risk assessments and identify control gaps, process weaknesses, and improvement opportunities.

6.

Utilize data analytics and technology-enabled auditing techniques to enhance audit coverage and identify anomalies or control deficiencies.

7.

Review technology projects, system implementations, and digital initiatives to ensure appropriate controls are embedded throughout the project lifecycle.

8.

Prepare audit reports, document findings, and present recommendations to management.

9.

Conduct follow-up reviews to assess the effectiveness and sustainability of corrective actions.