IT Audit Specialist - #88080
The Philippine Stock Exchange, Inc. (PSE)
The position is primarily responsible for assisting the Internal Audit Group (“IAG”) Head in providing independent, objective assurance and consulting services designed to add value and improve the company’s operations. Also, the Audit Specialist will be responsible for providing independent assurance on the effectiveness of internal controls, IT-related governance risk and control procedures that Management has put in place. Ensures that audit activities are conducted in accordance with the International Standards for the Professional Practice of Internal Auditing (ISPPIA), and with the definition of Internal Audit, Code of Ethics, and the Internal Audit Charter.
I. Primary Duties
1. Assists the IAG Head in developing and administering the Group’s annual audit plan.
2. Assists in the conduct of the annual risk assessment and in the preparation of the 3-year audit plan using a risk-based methodology.
3. Designs, develops and conducts review on the effectiveness and efficiency of internal controls, IT general controls (ITGC), and application system controls, etc. based on the approved plan or upon instruction / request by Management and the Audit and Related Party Transactions Committee (ARPTC).
4. Identifies risks related to the organization’s governance policies, processes and structures
5. Recognizes types of fraud, fraud risk and red flags for fraud
6. Uses the Exchange’s risk management framework to identify potential threats; examines the effectiveness of risk management with the process and functions
7. Performs audit engagements in conformance with the Standards. Determines the objectives, evaluates criteria and scope of engagement
8. Completes a detailed risk assessment, including prioritizing risks and control and prepare an engagement audit work program
9. Prepares and issues the preliminary audit findings (PAF) and drafts the audit report.
10. Discusses audit issues with concerned auditees and provides recommendations to improve the process and to enhance the system of internal and system controls
11. Communicates with Management throughout the audit engagement the following:
a. audit objectives, scope and the audit methodology to optimize cooperation and harmonious work flow
b. identifies risks and criticality of the audit issues based on documented test of controls and analysis
c. recommends improvement in the process, corrective actions for proper closure of issues and mitigation of identified risks taking as agreed with the auditee
12. Assesses the identified significant risk areas, detect red flag indicator and key control gaps; analyzes and evaluates the adequacy and effectiveness of internal controls of operational and management processes and the extent of compliance with established policies and procedures, plans, laws and regulation.
13. Collaborates with other units on matters or issues requiring opinions on their field of expertise to resolve audit concerns
14. Ensures retention of complete documentation of audit work program or audit program guide (APG)
15. Ensures that all issues and audit recommendations in the released audit reports are encoded in MS Excel database upon release to auditees
16. Conducts monthly follow-up with concerned auditee/s the implementation status of audit recommendations; regularly monitors and documents the disposition of each recommendations addressed to respective auditees
17. Ensures that the database is maintained and updated timely based on the updates provided by auditees and informs the IAG Head on the status.
18. Ensures that overdue audit recommendations are escalated to higher-level management for follow-up
19. Assists/coordinates with external auditors during the conduct of their audit/assurance engagement with the Exchange.
1. Promotes and implements the Exchange’s mission, vision, and corporate values.
2. Ensures the completion of audit projects assigned based on the approved audit plan and in accordance with the criteria defined in the performance metrics
3. Ensures conformance strict implementation of Company Rules and Regulations.
4. Ensures compliance with IAG’s policies and procedures
5. Maintains employee discipline and morale;
6. Continually improve proficiency and obtain continuing professional education and development hours and ethics training needed to maintain credentials to active status
7. Performs other duties that may be assigned by the immediate superior from time to time.
- Education: Bachelor’s Degree in Accountancy, Computer Science, Information Technology or other similar courses. Preferably a CPA, or have any equivalent professional certifications such as CIA, CISA, CFE
- Experience: at least two (2) years in an internal or external audit environment, IT auditing and / or information security or similar role.
- Specific Knowledge: Knowledge on Audit processes and standards, frameworks including risk assessment approaches, methodologies, techniques and best practices
- Sufficient knowledge and understanding of IT risks and controls, vulnerabilities and risk mitigation techniques
- Strong understanding of applicable laws and regulations
- Able to conduct risk-based audit
- Able to apply data analytics and IT in auditing
- Able to identify and assess various risks related to IT, information security, and data privacy
- Able to apply IT control framework
- Able to think critically and has knowledge of one or more IT disciplines (applications, operations, infrastructure and management)
- Highly analytical with exceptional attention to detail
- Exceptional time, task, and resource management skills
- Has above average verbal and written communication skills
- Proficiency with computers, especially with MS Office, computer assisted auditing tools (CAATS),
- Possesses and is able to exhibit integrity, technical competence, objectivity and confidentiality
- Excellent work ethics and values
- Self-motivated and highly independent
- Excellent interpersonal and public relations skill with ability to work with diverse business groups
- Knowledge on Audit processes and Standards including Risk assessment approaches, methodologies, techniques and best practices
- Analytical Thinking
- Audit Report Writing
- Persuading and Influencing
- Attention to Detail
- Interpersonal Skills
- Sense of Urgency
- Amenable to work on-site (BGC, Taguig)