IT Audit Director - Financial Crimes

Individuals in the IT Audit Job Function focus on the adequacy and effectiveness of controls for the security, integrity, and resilience of information technology (IT), including applications, cybersecurity, information risk management, information security, and infrastructure

RESPONSIBILITIES

• Lead and manage the teams responsible for conducting efficient and effective programs of IT Audit work, including scope, controls, methods, communication, recommendations and remediation

• Oversee appropriate audit delivery, issue management and coverage of the portfolio, managing the portfolios within Key Performance Indicators (KPIs), within required methodology and Quality Assurance standards

• Maintain and manage the portfolio universe and risk assessments to ensure appropriate representation and calibration, as well as establishing a mechanism for building a forward-looking view of regulatory changes, emerging risks and new products and services

• Dynamically manage the audit plan for the assigned portfolio considering whether it remains relevant throughout the year, proposing changes as appropriate

• Actively participate in the development and implementation of the long-term vision, strategy and target operating model of EIA locally and globally, driving strategic initiatives and partnering with relevant peers

• Drive innovation and optimization in audit execution and monitoring

• Partner at all levels of the organization to develop, implement, and execute organization-wide audit policies that assure effective, efficient, and compliant procedures are followed

• Develop constructive, collaborative relationships with senior stakeholders providing a commercial perspective and effective challenge and guidance as an independent respected voice, partnering on initiatives and remediation activities

• Audit Delivery and Planning

• Accountable for the delivery of the portfolio of audits within the audit plan and issue management/validation for the assigned portfolio on time and within KPIs

In particular:

• Schedule audits effectively to achieve the step change in audit durations according to KPIs, to maintain full utilization in line with expected capacity expectations and to distribute audits evenly through the year

• Lead and manage risk-based audit engagements and demonstrate appropriate coverage of the key risks

• Oversee audit engagements with clear focus on timelines with strong supervision of the team deliverables, including timely review of workpapers

• Monitor audit delivery effectively and deliver within the deadline set; and meet interim milestones and avoid overruns

• Confirm potential findings and management action plans through the life of the audit in coordination with stakeholders

• Maintain regular touchpoints with stakeholders to drive and support effective issue management to Ensure delivery of audit files that meet all QA standards

• Validate issues to the required quality standards and within relevant KPIs through effective oversight and guidance of the team’s issue management activities

• Ensure data quality is in line with data quality related deadlines and expectations

• Accountable for the maintenance of the risk universe and risk assessments of assigned Auditable Entities

• Stakeholder Relationships

• Responsible for developing and maintaining constructive, collaborative relationships with relevant senior stakeholders providing a commercial perspective and effective challenge and guidance as an independent, respected voice, partner on initiatives and remediation activities

• Responsible for partnering with stakeholders to demonstrate impact and influence through tangible outcomes and raised standards of controls and behaviors in the stakeholder’s Control Environment

Audit Process:

• Oversee the team responsible for the audit of risk management and controls for information systems, platforms, and IT operating practices and procedures

• Provide expertise on the development of audit scope, objectives, and work plans, including audit tests, controls, statistical methods, and survey, interview, and computer-assisted audit techniques

• Set and manage appropriate audit delivery, issue management and coverage of the portfolio

• Communicate audit plan to leadership, outlining key process steps by narrative or flowchart, and highlighting information inflows, outflows, and internal control components

• Monitor and ensure an efficient and effective program of audit work including:

• Complete and accurate documentation

• Productive interviews with process owners

• Accurate and insightful evaluation of business, strategic, and reputational risks

• Identification of control design gaps

• Comprehensive audit report, observations, recommendations, and the timely initiation remediation

• Ensure that processes are in compliance with corporate objectives and government standards

• Make recommendations to the Audit Committee or Board of Directors on issues raised during audit procedures and consult with business unit leadership on follow-up

• Ensure compliance with audit methodology, operating within industry best practices, applicable regulations, and internal and external professional practice expectations

• Hire, develop and retain top talent

• Manage budget and resource allocation

FUNCTIONAL SKILLS

• Supervisory project management skills within internal audit functions

• Advanced risk assessment, audit methodology, and execution

• Demonstrated ability to drive analytics innovation, credibly challenge and proactively influence risk and control environments

• IP networks infrastructure

• Windows active directory

• Databases

• Mobile technologies

• Cloud Computing

• Standards / Frameworks

FOUNDATIONAL SKILLS

• Communicates effectively

• Anticipates changing business needs, adjusts priorities accordingly, and allocates necessary resources and budget to achieve objectives

• Equips the business to become an effective competitor in a highly dynamic landscape

• Considers stakeholder needs and input as well as best practices and insights from industry trends when making strategic decisions

• Employs an agile, iterative process

• Demonstrates broader enterprise-wide leadership outside the function

• Is flexible, decisive, and serves as a trusted advisor to senior leaders within the organization

• Demonstrates effective negotiation and influencing skills

• Prioritizes and facilitates a culture of continuous improvement and systems thinking

• Sets the tone for successful collaboration with other business units and corporate entities

• Creates an environment that fosters communication, transparency, and collaboration

• Cultivates innovation and values learning as a lifelong professional objective

• Leads by example, engaging inclusively and with intent

• Always acts with integrity

EDUCATION

• Degree or equivalent work experience equally preferable

• Degree in technology discipline preferred OR

• Degree with work experience in a technology-related field

CERTIFICATIONS

• CISA, CIA, CISM, CISSP or other relevant professional certification

• WORK EXPERIENCE

• IT Audit leadership experience in a large, complex financial institution