Our client is a listed consumer group
Job Purpose
To conduct independent audits of IT systems, business processes, and operational activities, evaluating the effectiveness of internal controls, compliance, and risk management. Provide actionable recommendations to enhance operational efficiency, data security, and regulatory compliance.
Key Responsibilities
IT Audit Focus
Assess IT governance frameworks (e.g., COBIT, ITIL) and compliance of information systems with standards (e.g., ISO 27001, GDPR, SOX).
Audit IT infrastructure (networks, servers, databases), applications (ERP, CRM), and data security (access controls, encryption, backup/recovery).
Identify cybersecurity risks (e.g., vulnerability management, penetration testing results) and recommend mitigation measures.
Review IT project lifecycles (requirements, development, deployment) for compliance and risk management.
Track remediation of audit findings to ensure IT risk closure.
Operational Audit Focus
Evaluate internal controls across business functions (finance, procurement, supply chain, HR).
Analyze operational efficiency (e.g., process bottlenecks, cost optimization) and KPI performance.
Assess compliance with industry regulations (e.g., SOX, PCI-DSS) and company policies.
Conduct ad-hoc audits (e.g., vendor audits, branch inspections).
General Duties
Develop audit plans, workpapers, and reports with clear findings/recommendations.
Communicate audit results to stakeholders and drive corrective actions.
Monitor regulatory updates (e.g., NIS2, CCPA) and emerging audit methodologies.
Qualifications
Education & Certifications
Bachelor’s degree in Computer Science, Information Systems, Accounting, Finance, or related field.
Professional certifications (e.g., CISA, CIA, CISSP, CPA) preferred.
Experience
Bachelor’s degree holder (Finance and Accounting, IT or related discipline)
Professional qualification such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Public Accountant (CPA), or Certified Internal Auditor (CIA)
Minimum 10 to 12 years of internal auditing or related experience at sizeable companies or audit firms, with excellent knowledge of information system as well as operational auditing and hands-on experience in leading and managing complex audits
Solid knowledge of the latest trends and technology, and best practices in IT audit
Excellent analytical, communication, and report writing skills
Strong business / commercial sense and ability to drive different collaborations across amongst stakeholders
Excellent command of spoken and written English and Chinese