Head of Audit - IT

Strategic Contribution

• Participate and contribute to the development and refinement of the Internal Audit’s short and long-term strategy and ensure it is properly translated into operational plans for the Internal Audit
• Assist the CAE in the formulation of the IT Audit -Internal Audit Strategy, budget, and planning process covering the areas of business systems, accounting systems, and business risk Management
• Annually revisit the IT Audit strategic plan and amend it in accordance with changes to the company risk register,
• Coordinate the Audit function’s activities so that it effectively utilizes its resources, manages its priorities, and is able to be both responsive and proactive
• Assist the CAE in evaluate and assess significant new or changing services, processes, operations, and control processes coincident with their development, implementation, and/or expansion.
• Ensure proper implementation of the functional strategy by managing the day-to-day operations of the IT Audit unit, providing guidance, encouraging teamwork, and facilitating delivery of work processes to achieve high performance standards.

Leadership

• Lead the execution of the IT-related audit projects using the established IT auditing standard in. The audit process can extend to networks, software, programs, communication systems, security systems and any other services that rely on the company’s Inter infrastructure.
• Lead the effective achievement of the IT Audit unit objectives by setting individual objectives, managing performance, developing, and motivating employees in order to maximize individual and functional performance.
• Coordinate the activities of the team to ensure that all work is carried out efficiently, in line with the annual business plans, policies and procedures.
• Supervise the IT Audit unit’s organizational and professional ethical standards, ensuring all audit activities are carried out in accordance compliance with The IIA’s International Standards for the Professional Practice of Internal Auditing and Panda standards.
• Has the obligation to serve as a department resource to answer relevant questions and provide guidance on technical matters in the organization.

Audit Management

• Prepare the annual IT Audit plan in collaboration with the Chief of Internal Audit, gain approval from the Audit Committee and direct its execution, reviewing all business systems and processes within Panda on a planned and ad-hoc basis.
• Report findings from the execution of the IT Audit plan to the Chief of Internal Audit and Audit Committee and recommend areas of improvement to ensure adherence to Panda’s approved processes and procedures, defined quality standards and legislative requirements.
• Advise business and functional heads under scope on the development of appropriate responses to IT Audit report recommendations and review adherence to action plans developed in response to Audit reports.
• Follow-up and monitor preventive and corrective actions based on the finding of internal and external auditors and regulatory authorities’ recommendations to ensure effective implementation.
• Work with the management and plan every detail in preparation for the IT Audit projects, coordinate with other officers and executives in order to conduct the IT audit in accordance to IIA IA standards ( i.e. COBIT5).
• Contribute in the evaluation of the success and effectiveness of the systems of controls, find out weakness, and proactively work with management to ensure conformity with laws, policies and regulations.
• Stays abreast of general business/economic developments and new professional announcements & standards to gain an understanding of their links and impact on the organization. Understands and applies technical standards.
• Evaluate information system development and processes of execution against life cycles of system development and project management.
• Liaison with External Auditors or IT advisors, as applicable, to ensure the audit or review activity is performed in efficient manner.
• Maintains a positive, professional relationship with staff and management at all levels, including maintaining a professional appearance at all times.
• Coordinate with other Audit units and activities so that it effectively utilizes its resources, manages its priorities, and is able to be both responsive and proactive.
• Ensure that the Department plans are within the agreed budget and timescales through providing timely, accurate and complete progress report to the CAE.
• Produce and review reports and audit work papers, ensuring effective documentation of results of reviews on assigned activities that have been made, as well as the recommended action that management should take, for easy follow up
• Identify potential IT risks and related issues by applying knowledge of Information Technology industry trends and present IT environment
• Ensure that audit standards and the associated methodologies for application are constantly updated to match ‘best in class’ within the industry.

Reporting

• Discuss/ communicate regularly with the CAE on the progress of internal audit plan, internal audit results, monthly issues tracking and results of special assignments.
• Communicate the results of audits via written reports and oral presentations (with the support of the team) to the CAE for BoD/Committees and senior management meetings.
• Lead Follow-up projects with departments on a continuous basis to ensure maximum adherence to established or recommended controls

• Report to CAE on quarterly and annually basis the related pending remediation plans

Continuous Improvement  

• Contribute to the identification of opportunities for continuous improvement of the IT Audit department systems, processes, and practices considering international best practices, improvement of business processes and cost optimization.
• Provide ongoing feedback to the team to ensure they develop the skills and competencies required for effective planning and individual professional and personal career growth
• Provide clear direction, priorities tasks, assign and delegate responsibility and monitor the workflow
• Motivate and inspire the team by providing them with the information and tools they need to do their jobs well and meet audit client expectations.
• Plan, manage and review individual performance and provide regular feedback, development, and coaching, taking prompt action where necessary
• Provide opportunities for team members to suggest, participate in and contribute to improvement, innovation, and knowledge sharing initiatives

Health, Safety and Environment

Ensure compliance to all relevant quality, health, safety, and environmental management policies, procedures, and controls across the IT Audit department to guarantee employee and assets safety, legislative compliance, and a responsible environmental attitude. 

Education

·        Degree in Finance, Accounting or Computer Science.

·        Recognized accounting/auditing/information system certifications (e.g., CPA, CISA, CIA, CISSP)

·        Master’s Degree – Finance, Accounting, Computer Science, IT Risk is considered beneficial.

·        Management/Governance, Business Administration is considered beneficial.

Experience, Skills & Competencies

·        Minimum 10+ years of relevant (re)insurance experience with an IT background, retail sector is preferred,

·        Prior position in IT Governance/IT Audit – internal audit or external auditing firm.

·        Progressive achievement in one or more of the traditional IT disciplines (applications, operations, infrastructure, and management).

·        4 - 6 years in a leadership position, Previous GCC experience is considered beneficial.

·        Experience with IT Operations desirable.

TECHNICAL COMPETENCIES

·        IT Risk, security, and infrastructure

·        Data analysis and visualization tools (ACL, MS Excel, SAS)

·        Security risk management

·        Security testing and auditing

·        Computer security and analytical and critical thinking skills

·        Compliance & Regulatory Requirements

·        Monitoring and Control

·        Quality Inspection

·        Knowledge of Laws and Regulations

·        Comfortable with leading-edge risk assessment methodologies.

·        Excellent verbal and written communication and presentation skills.

·        Strong interpersonal skills

·        Project management experience would be a plus.