Department:
Corporate Internal Audit
Position Purpose & Summary:
Responsible for assessment and assurance of MIMOS Information System governance and control framework and report to the Audit Committee on result of reviews undertaken.
Assist in the discharging of fiduciary duties of Board of Directors of MIMOS and officers of MIMOS; via provision of assurance on the state of MIMOS Information System control & risk management practices; lack of internal controls may expose both the Board members and the officers to penalties under the Co’s Act.
Person in charge of effective and efficient running of the MIMOS IS Audit function. Lead relevant assignments as per the approved audit plan & as per instructed by HOD or Audit Committee in accordance to the relevant audit charter and policy of the company.
Primary Duties & Responsibilities:
Strategic Planning:
- Develop and implement the overall IT audit strategy aligned with the organization’s goals and objectives.
- Evaluate emerging technologies and industry trends to ensure audit methodologies remain current and effective.
Audit Planning and Execution:
- Plan, coordinate, and execute comprehensive IT audits, including risk assessments, scope definition, and audit program development.
- Conduct audits of IT infrastructure, systems, applications, and data management processes.
- Assess the effectiveness of IT controls, security measures, and risk management processes.
Compliance and Assurance Management:
- Ensure that IT systems and processes comply with relevant laws, regulations, and industry standards.
- Stay informed about changes in regulations and standards affecting IT and incorporate updates into audit processes.
- Identify and assess IT-related risks and vulnerabilities, and develop strategies to mitigate these risks.
Team Leadership and Development:
- Lead and manage a team of IT auditors, providing guidance, coaching, and professional development opportunities.
- Foster a culture of continuous improvement, knowledge sharing, and adherence to professional standards.
Communication:
- Communicate audit findings, recommendations, and risk assessments to executive management and relevant stakeholders.
- Collaborate with business units to address audit issues and provide guidance on improving IT controls.
- Perform non-audit role when required & upon approval from Head of Internal Audit.
Continuous Improvement:
- Monitor and assess the effectiveness of IT audit processes and make recommendations for continuous improvement.
- Implement tools and methodologies to enhance the efficiency and effectiveness of IT audits.
- Contribute to the development and enforcement of IT governance policies, procedures, and standards.
Relevant Work Experience
- Advanced knowledge in the applicable professional frameworks i.e. Standards and Professional Framework, Risk Management Standards and Guidelines on Information Systems Audit.
- Minimum 10 years experience in Information Systems field and function.
- Strong ability and assertiveness to influence change amidst ambiguity (be a change agent within the organization)
- Strong understanding of business environments and its impact on peoples’ practices; business acumen.
- Excellent communication and negotiation skills; able to balance between diplomacy and assertiveness; objective in decision making.
Qualifications
Degree in Information Technology / Computer Science or other relevant IT studies
CISA holder is added advantage
Technical/ Functional Skills
- Proficient knowledge in overall IT Infrastructures, processes, governance, audit standard, risk management methodology. Proficient understanding and application know-how of the principles & concepts of IT audit role in achieving organisation objectives & stakeholder’s expectation.
- Leadership & Organisational Management – Ability to influence and drive change (be a change agent within the organization). Project strong business acumen through understanding of business environments and its impact on peoples’ practices. Excellent time management with a proven ability to meet deadlines.
- Problem solving skills – Strong analytical and problem-solving skills, proficient application of management principles involving organisation policies and procedures.
- Report Writing & Presentation skills – Strong capability to create and deliver a quality & compelling reports and presentation that effectively communicates information and ideas. Synthesize findings and publish written reports. Proficient level of interpersonal / presentation / facilitation skills
- Program management – Oversee the assess the quality of assurance delivery and performance in achieving organisation objectives.
Soft Skills:
- Strategic Communication skills – ability to communicate and influence with all levels of function (from junior to senior level posts); able to build rapport through open, respectful engagement and demostrate credibility.
- Collaborative leadership – working with various leadership stakeholders to build rapport and constructive relations in fostering organisational commitments in achieving organisation objectives.
- Management & leadership skills – thorough planning and organising of work and careful monitoring of resources and progress to achieve planned results.
