JOB SUMMARY

Provide an independent verification of the reliability, confidentiality and integrity of information processed on a IT system. Must review and perform the IT general and application controls review of a computer environment including pre or post-implementation review of bank’s various acquired/developed systems. Evaluate the effectiveness of IS security over IS operations and management.

JOB DESCRIPTION

The IT/IS Auditor will primarily conduct a risk based IS audit engagement in accomplishing the audit plan of IT Audit Division. IT/IS auditors are key persons who will engage in IT/IS auditing of IT general controls and application controls review, including pre or post-implementation reviews of various acquired/developed bank’s applications and other IT related audit.

• Conducts and/or supervises audit planning and execution of the audit engagement and formulation of audit findings.
• Executions of computer assisted audit techniques thru guidance of Senior IT Audit Examiner/Department Head.
• Assists other non-IS Auditors in performing risk-based IS audit involving bank’s applications and other related IS Audit and security controls.
• Assists in the development of new tools or processes to improve the way the business is operated or managed.
• Performs IT general controls review to determine if the bank has adequate standards in place for system acquisition/development, data center operations and security, database management and security, network administration, BCP/DRP and overall information security.
• Performs IS applications controls reviews to determine the effectiveness of controls over the bank’s application systems
• Performs pre and post implementation review of various acquired or developed systems to determine if system’s objectives and requirements were achieved, cost-benefits were measured, changes requests were authorized and system’s control are effective based on the design.
• Recommends measures to improve or correct system deficiencies and other audit exceptions noted in the review.
• Handles the monitoring of audit issues on released reports/memoranda of Internal Audit Division.
• Conducts the risk assessment planning thru identification of inherent risks and controls involving IS environment.
• Conducts the risk assessments of business processes and technology by analysing business activities, potential risk exposures, and the materiality of loss.
• Conducts comprehensive documentation of processes, audit procedures and testing analysis for the areas assigned, ensuring compliance with department standards.
• Performs other duties as may be assigned by the Department Head / CAE.

JOB QUALIFICATION

• Must have at least 2 to 3 year experience in internal/external auditing and/or special audit/fraud investigation

Please refer to job description.